From owner-svn-src-vendor@freebsd.org Tue Sep 22 14:27:15 2020 Return-Path: Delivered-To: svn-src-vendor@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2DE913EAB9B; Tue, 22 Sep 2020 14:27:15 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BwkCl0mK0z4565; Tue, 22 Sep 2020 14:27:15 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id F13502095B; Tue, 22 Sep 2020 14:27:14 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08MEREUB053820; Tue, 22 Sep 2020 14:27:14 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08MER9wU053792; Tue, 22 Sep 2020 14:27:09 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <202009221427.08MER9wU053792@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Tue, 22 Sep 2020 14:27:09 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r365997 - in vendor-crypto/openssl/dist: . apps crypto crypto/aes crypto/aes/asm crypto/asn1 crypto/bio crypto/bn crypto/bn/asm crypto/chacha/asm crypto/cmac crypto/cms crypto/conf cryp... X-SVN-Group: vendor-crypto X-SVN-Commit-Author: jkim X-SVN-Commit-Paths: in vendor-crypto/openssl/dist: . apps crypto crypto/aes crypto/aes/asm crypto/asn1 crypto/bio crypto/bn crypto/bn/asm crypto/chacha/asm crypto/cmac crypto/cms crypto/conf crypto/ec crypto/ec/asm crypt... X-SVN-Commit-Revision: 365997 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2020 14:27:15 -0000 Author: jkim Date: Tue Sep 22 14:27:08 2020 New Revision: 365997 URL: https://svnweb.freebsd.org/changeset/base/365997 Log: Import OpenSSL 1.1.1h. Deleted: vendor-crypto/openssl/dist/crypto/ec/asm/ecp_nistz256-avx2.pl Modified: vendor-crypto/openssl/dist/CHANGES vendor-crypto/openssl/dist/Configure vendor-crypto/openssl/dist/FREEBSD-upgrade vendor-crypto/openssl/dist/NEWS vendor-crypto/openssl/dist/NOTES.PERL vendor-crypto/openssl/dist/README vendor-crypto/openssl/dist/apps/genpkey.c vendor-crypto/openssl/dist/apps/rsa8192.pem vendor-crypto/openssl/dist/apps/s_client.c vendor-crypto/openssl/dist/apps/x509.c vendor-crypto/openssl/dist/appveyor.yml vendor-crypto/openssl/dist/crypto/aes/aes_core.c vendor-crypto/openssl/dist/crypto/aes/aes_ige.c vendor-crypto/openssl/dist/crypto/aes/asm/aesni-mb-x86_64.pl vendor-crypto/openssl/dist/crypto/aes/asm/aesni-sha1-x86_64.pl vendor-crypto/openssl/dist/crypto/aes/asm/aesni-sha256-x86_64.pl vendor-crypto/openssl/dist/crypto/asn1/d2i_pr.c vendor-crypto/openssl/dist/crypto/asn1/x_algor.c vendor-crypto/openssl/dist/crypto/bio/b_print.c vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c vendor-crypto/openssl/dist/crypto/bio/bss_conn.c vendor-crypto/openssl/dist/crypto/bn/asm/rsaz-avx2.pl vendor-crypto/openssl/dist/crypto/bn/asm/rsaz-x86_64.pl vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont.pl vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont5.pl vendor-crypto/openssl/dist/crypto/bn/bn_gcd.c vendor-crypto/openssl/dist/crypto/bn/bn_lib.c vendor-crypto/openssl/dist/crypto/bn/bn_mpi.c vendor-crypto/openssl/dist/crypto/chacha/asm/chacha-x86.pl vendor-crypto/openssl/dist/crypto/chacha/asm/chacha-x86_64.pl vendor-crypto/openssl/dist/crypto/cmac/cmac.c vendor-crypto/openssl/dist/crypto/cms/cms_lib.c vendor-crypto/openssl/dist/crypto/cms/cms_sd.c vendor-crypto/openssl/dist/crypto/conf/conf_def.c vendor-crypto/openssl/dist/crypto/ec/asm/ecp_nistz256-armv4.pl vendor-crypto/openssl/dist/crypto/ec/asm/ecp_nistz256-x86_64.pl vendor-crypto/openssl/dist/crypto/ec/asm/x25519-x86_64.pl vendor-crypto/openssl/dist/crypto/ec/ec_ameth.c vendor-crypto/openssl/dist/crypto/ec/ec_asn1.c vendor-crypto/openssl/dist/crypto/ec/ec_err.c vendor-crypto/openssl/dist/crypto/ec/ec_key.c vendor-crypto/openssl/dist/crypto/ec/ec_lib.c vendor-crypto/openssl/dist/crypto/ec/ec_local.h vendor-crypto/openssl/dist/crypto/ec/ecp_nistp224.c vendor-crypto/openssl/dist/crypto/ec/ecp_nistp521.c vendor-crypto/openssl/dist/crypto/ec/ecp_nistz256.c vendor-crypto/openssl/dist/crypto/engine/eng_lib.c vendor-crypto/openssl/dist/crypto/err/openssl.txt vendor-crypto/openssl/dist/crypto/evp/e_aes.c vendor-crypto/openssl/dist/crypto/evp/encode.c vendor-crypto/openssl/dist/crypto/mem_sec.c vendor-crypto/openssl/dist/crypto/modes/asm/aesni-gcm-x86_64.pl vendor-crypto/openssl/dist/crypto/modes/asm/ghash-x86_64.pl vendor-crypto/openssl/dist/crypto/modes/cbc128.c vendor-crypto/openssl/dist/crypto/modes/ccm128.c vendor-crypto/openssl/dist/crypto/modes/cfb128.c vendor-crypto/openssl/dist/crypto/modes/ctr128.c vendor-crypto/openssl/dist/crypto/modes/gcm128.c vendor-crypto/openssl/dist/crypto/modes/modes_local.h vendor-crypto/openssl/dist/crypto/modes/ofb128.c vendor-crypto/openssl/dist/crypto/modes/xts128.c vendor-crypto/openssl/dist/crypto/o_str.c vendor-crypto/openssl/dist/crypto/o_time.c vendor-crypto/openssl/dist/crypto/pem/pem_err.c vendor-crypto/openssl/dist/crypto/pem/pem_lib.c vendor-crypto/openssl/dist/crypto/pem/pem_pkey.c vendor-crypto/openssl/dist/crypto/pem/pvkfmt.c vendor-crypto/openssl/dist/crypto/poly1305/asm/poly1305-x86.pl vendor-crypto/openssl/dist/crypto/poly1305/asm/poly1305-x86_64.pl vendor-crypto/openssl/dist/crypto/rand/drbg_ctr.c vendor-crypto/openssl/dist/crypto/rand/drbg_lib.c vendor-crypto/openssl/dist/crypto/rand/rand_lib.c vendor-crypto/openssl/dist/crypto/rand/rand_local.h vendor-crypto/openssl/dist/crypto/rand/rand_unix.c vendor-crypto/openssl/dist/crypto/rand/randfile.c vendor-crypto/openssl/dist/crypto/rsa/rsa_ameth.c vendor-crypto/openssl/dist/crypto/sha/asm/sha1-586.pl vendor-crypto/openssl/dist/crypto/sha/asm/sha1-mb-x86_64.pl vendor-crypto/openssl/dist/crypto/sha/asm/sha1-x86_64.pl vendor-crypto/openssl/dist/crypto/sha/asm/sha256-586.pl vendor-crypto/openssl/dist/crypto/sha/asm/sha256-mb-x86_64.pl vendor-crypto/openssl/dist/crypto/sha/asm/sha512-x86_64.pl vendor-crypto/openssl/dist/crypto/store/loader_file.c vendor-crypto/openssl/dist/crypto/store/store_lib.c vendor-crypto/openssl/dist/crypto/ts/ts_rsp_sign.c vendor-crypto/openssl/dist/crypto/ui/ui_openssl.c vendor-crypto/openssl/dist/crypto/whrlpool/wp_block.c vendor-crypto/openssl/dist/crypto/x509/x509_err.c vendor-crypto/openssl/dist/crypto/x509/x509_local.h vendor-crypto/openssl/dist/crypto/x509/x509_req.c vendor-crypto/openssl/dist/crypto/x509/x509_txt.c vendor-crypto/openssl/dist/crypto/x509/x509_vfy.c vendor-crypto/openssl/dist/crypto/x509/x_pubkey.c vendor-crypto/openssl/dist/crypto/x509v3/pcy_data.c vendor-crypto/openssl/dist/crypto/x509v3/v3_alt.c vendor-crypto/openssl/dist/crypto/x509v3/v3_purp.c vendor-crypto/openssl/dist/doc/man1/CA.pl.pod vendor-crypto/openssl/dist/doc/man1/ca.pod vendor-crypto/openssl/dist/doc/man1/dgst.pod vendor-crypto/openssl/dist/doc/man1/enc.pod vendor-crypto/openssl/dist/doc/man1/ocsp.pod vendor-crypto/openssl/dist/doc/man1/pkcs12.pod vendor-crypto/openssl/dist/doc/man1/pkcs8.pod vendor-crypto/openssl/dist/doc/man1/pkeyutl.pod vendor-crypto/openssl/dist/doc/man1/s_client.pod vendor-crypto/openssl/dist/doc/man1/s_server.pod vendor-crypto/openssl/dist/doc/man1/s_time.pod vendor-crypto/openssl/dist/doc/man1/sess_id.pod vendor-crypto/openssl/dist/doc/man1/ts.pod vendor-crypto/openssl/dist/doc/man1/tsget.pod vendor-crypto/openssl/dist/doc/man1/verify.pod vendor-crypto/openssl/dist/doc/man1/x509.pod vendor-crypto/openssl/dist/doc/man3/ASN1_INTEGER_get_int64.pod vendor-crypto/openssl/dist/doc/man3/ASN1_STRING_length.pod vendor-crypto/openssl/dist/doc/man3/ASN1_TIME_set.pod vendor-crypto/openssl/dist/doc/man3/ASN1_TYPE_get.pod vendor-crypto/openssl/dist/doc/man3/ASYNC_WAIT_CTX_new.pod vendor-crypto/openssl/dist/doc/man3/ASYNC_start_job.pod vendor-crypto/openssl/dist/doc/man3/BF_encrypt.pod vendor-crypto/openssl/dist/doc/man3/BIO_ADDR.pod vendor-crypto/openssl/dist/doc/man3/BIO_ADDRINFO.pod vendor-crypto/openssl/dist/doc/man3/BIO_connect.pod vendor-crypto/openssl/dist/doc/man3/BIO_ctrl.pod vendor-crypto/openssl/dist/doc/man3/BIO_get_data.pod vendor-crypto/openssl/dist/doc/man3/BIO_parse_hostserv.pod vendor-crypto/openssl/dist/doc/man3/BIO_read.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_accept.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_bio.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_connect.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_file.pod vendor-crypto/openssl/dist/doc/man3/BIO_set_callback.pod vendor-crypto/openssl/dist/doc/man3/BN_add.pod vendor-crypto/openssl/dist/doc/man3/BN_bn2bin.pod vendor-crypto/openssl/dist/doc/man3/BN_generate_prime.pod vendor-crypto/openssl/dist/doc/man3/BN_mod_mul_montgomery.pod vendor-crypto/openssl/dist/doc/man3/BN_set_bit.pod vendor-crypto/openssl/dist/doc/man3/CMS_verify.pod vendor-crypto/openssl/dist/doc/man3/CRYPTO_THREAD_run_once.pod vendor-crypto/openssl/dist/doc/man3/CRYPTO_memcmp.pod vendor-crypto/openssl/dist/doc/man3/DES_random_key.pod vendor-crypto/openssl/dist/doc/man3/DH_get0_pqg.pod vendor-crypto/openssl/dist/doc/man3/DH_set_method.pod vendor-crypto/openssl/dist/doc/man3/DSA_set_method.pod vendor-crypto/openssl/dist/doc/man3/DTLSv1_listen.pod vendor-crypto/openssl/dist/doc/man3/ECDSA_SIG_new.pod vendor-crypto/openssl/dist/doc/man3/EC_GROUP_new.pod vendor-crypto/openssl/dist/doc/man3/EC_KEY_new.pod vendor-crypto/openssl/dist/doc/man3/EC_POINT_new.pod vendor-crypto/openssl/dist/doc/man3/ENGINE_add.pod vendor-crypto/openssl/dist/doc/man3/ERR_get_error.pod vendor-crypto/openssl/dist/doc/man3/ERR_print_errors.pod vendor-crypto/openssl/dist/doc/man3/ERR_put_error.pod vendor-crypto/openssl/dist/doc/man3/EVP_DigestInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_DigestSignInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_DigestVerifyInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_EncodeInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_EncryptInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_OpenInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_CTX_ctrl.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_CTX_new.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_keygen.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_new.pod vendor-crypto/openssl/dist/doc/man3/EVP_SealInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_SignInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_VerifyInit.pod vendor-crypto/openssl/dist/doc/man3/HMAC.pod vendor-crypto/openssl/dist/doc/man3/OCSP_cert_to_id.pod vendor-crypto/openssl/dist/doc/man3/OCSP_request_add1_nonce.pod vendor-crypto/openssl/dist/doc/man3/OCSP_resp_find_status.pod vendor-crypto/openssl/dist/doc/man3/OCSP_sendreq_new.pod vendor-crypto/openssl/dist/doc/man3/OPENSSL_LH_COMPFUNC.pod vendor-crypto/openssl/dist/doc/man3/OPENSSL_config.pod vendor-crypto/openssl/dist/doc/man3/OPENSSL_ia32cap.pod vendor-crypto/openssl/dist/doc/man3/OPENSSL_init_crypto.pod vendor-crypto/openssl/dist/doc/man3/OPENSSL_init_ssl.pod vendor-crypto/openssl/dist/doc/man3/OSSL_STORE_open.pod vendor-crypto/openssl/dist/doc/man3/PEM_read_bio_PrivateKey.pod vendor-crypto/openssl/dist/doc/man3/PKCS7_verify.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_new.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_set_callbacks.pod vendor-crypto/openssl/dist/doc/man3/RAND_add.pod vendor-crypto/openssl/dist/doc/man3/RAND_load_file.pod vendor-crypto/openssl/dist/doc/man3/RSA_blinding_on.pod vendor-crypto/openssl/dist/doc/man3/RSA_private_encrypt.pod vendor-crypto/openssl/dist/doc/man3/RSA_set_method.pod vendor-crypto/openssl/dist/doc/man3/SHA256_Init.pod vendor-crypto/openssl/dist/doc/man3/SSL_CONF_cmd.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_dane_enable.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_alpn_select_cb.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_generate_session_id.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_info_callback.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_max_cert_list.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_mode.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_options.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_psk_client_callback.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_read_ahead.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_security_level.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_session_cache_mode.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_session_id_context.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_session_ticket_cb.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_split_send_fragment.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_tlsext_servername_callback.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_use_psk_identity_hint.pod vendor-crypto/openssl/dist/doc/man3/SSL_accept.pod vendor-crypto/openssl/dist/doc/man3/SSL_alloc_buffers.pod vendor-crypto/openssl/dist/doc/man3/SSL_connect.pod vendor-crypto/openssl/dist/doc/man3/SSL_do_handshake.pod vendor-crypto/openssl/dist/doc/man3/SSL_get_all_async_fds.pod vendor-crypto/openssl/dist/doc/man3/SSL_get_error.pod vendor-crypto/openssl/dist/doc/man3/SSL_new.pod vendor-crypto/openssl/dist/doc/man3/SSL_pending.pod vendor-crypto/openssl/dist/doc/man3/SSL_read.pod vendor-crypto/openssl/dist/doc/man3/SSL_read_early_data.pod vendor-crypto/openssl/dist/doc/man3/SSL_set1_host.pod vendor-crypto/openssl/dist/doc/man3/SSL_set_bio.pod vendor-crypto/openssl/dist/doc/man3/SSL_set_fd.pod vendor-crypto/openssl/dist/doc/man3/SSL_set_shutdown.pod vendor-crypto/openssl/dist/doc/man3/SSL_shutdown.pod vendor-crypto/openssl/dist/doc/man3/SSL_state_string.pod vendor-crypto/openssl/dist/doc/man3/SSL_want.pod vendor-crypto/openssl/dist/doc/man3/SSL_write.pod vendor-crypto/openssl/dist/doc/man3/UI_UTIL_read_pw.pod vendor-crypto/openssl/dist/doc/man3/UI_create_method.pod vendor-crypto/openssl/dist/doc/man3/UI_new.pod vendor-crypto/openssl/dist/doc/man3/X509V3_get_d2i.pod vendor-crypto/openssl/dist/doc/man3/X509_ALGOR_dup.pod vendor-crypto/openssl/dist/doc/man3/X509_LOOKUP_hash_dir.pod vendor-crypto/openssl/dist/doc/man3/X509_LOOKUP_meth_new.pod vendor-crypto/openssl/dist/doc/man3/X509_STORE_CTX_get_error.pod vendor-crypto/openssl/dist/doc/man3/X509_STORE_CTX_new.pod vendor-crypto/openssl/dist/doc/man3/X509_STORE_CTX_set_verify_cb.pod vendor-crypto/openssl/dist/doc/man3/X509_STORE_set_verify_cb_func.pod vendor-crypto/openssl/dist/doc/man3/X509_VERIFY_PARAM_set_flags.pod vendor-crypto/openssl/dist/doc/man3/X509_check_ca.pod vendor-crypto/openssl/dist/doc/man3/X509_check_host.pod vendor-crypto/openssl/dist/doc/man3/X509_check_issued.pod vendor-crypto/openssl/dist/doc/man3/X509_check_purpose.pod vendor-crypto/openssl/dist/doc/man3/X509_get0_signature.pod vendor-crypto/openssl/dist/doc/man3/X509v3_get_ext_by_NID.pod vendor-crypto/openssl/dist/doc/man3/d2i_DHparams.pod vendor-crypto/openssl/dist/doc/man3/d2i_X509.pod vendor-crypto/openssl/dist/doc/man5/config.pod vendor-crypto/openssl/dist/doc/man5/x509v3_config.pod vendor-crypto/openssl/dist/doc/man7/SM2.pod vendor-crypto/openssl/dist/doc/man7/evp.pod vendor-crypto/openssl/dist/doc/man7/ossl_store.pod vendor-crypto/openssl/dist/e_os.h vendor-crypto/openssl/dist/include/openssl/bn.h vendor-crypto/openssl/dist/include/openssl/e_os2.h vendor-crypto/openssl/dist/include/openssl/ec.h vendor-crypto/openssl/dist/include/openssl/ecerr.h vendor-crypto/openssl/dist/include/openssl/opensslconf.h.in vendor-crypto/openssl/dist/include/openssl/opensslv.h vendor-crypto/openssl/dist/include/openssl/pemerr.h vendor-crypto/openssl/dist/include/openssl/ssl.h vendor-crypto/openssl/dist/include/openssl/ssl3.h vendor-crypto/openssl/dist/include/openssl/x509.h vendor-crypto/openssl/dist/include/openssl/x509_vfy.h vendor-crypto/openssl/dist/include/openssl/x509err.h vendor-crypto/openssl/dist/ssl/bio_ssl.c vendor-crypto/openssl/dist/ssl/record/ssl3_buffer.c vendor-crypto/openssl/dist/ssl/ssl_conf.c vendor-crypto/openssl/dist/ssl/ssl_lib.c vendor-crypto/openssl/dist/ssl/ssl_rsa.c vendor-crypto/openssl/dist/ssl/statem/extensions.c vendor-crypto/openssl/dist/ssl/statem/extensions_srvr.c vendor-crypto/openssl/dist/ssl/statem/statem_lib.c vendor-crypto/openssl/dist/ssl/t1_lib.c vendor-crypto/openssl/dist/ssl/t1_trce.c vendor-crypto/openssl/dist/ssl/tls13_enc.c Modified: vendor-crypto/openssl/dist/CHANGES ============================================================================== --- vendor-crypto/openssl/dist/CHANGES Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/CHANGES Tue Sep 22 14:27:08 2020 (r365997) @@ -7,6 +7,33 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1g and 1.1.1h [22 Sep 2020] + + *) Certificates with explicit curve parameters are now disallowed in + verification chains if the X509_V_FLAG_X509_STRICT flag is used. + [Tomas Mraz] + + *) The 'MinProtocol' and 'MaxProtocol' configuration commands now silently + ignore TLS protocol version bounds when configuring DTLS-based contexts, and + conversely, silently ignore DTLS protocol version bounds when configuring + TLS-based contexts. The commands can be repeated to set bounds of both + types. The same applies with the corresponding "min_protocol" and + "max_protocol" command-line switches, in case some application uses both TLS + and DTLS. + + SSL_CTX instances that are created for a fixed protocol version (e.g. + TLSv1_server_method()) also silently ignore version bounds. Previously + attempts to apply bounds to these protocol versions would result in an + error. Now only the "version-flexible" SSL_CTX instances are subject to + limits in configuration files in command-line options. + [Viktor Dukhovni] + + *) Handshake now fails if Extended Master Secret extension is dropped + on renegotiation. + [Tomas Mraz] + + *) The Oracle Developer Studio compiler will start reporting deprecated APIs + Changes between 1.1.1f and 1.1.1g [21 Apr 2020] *) Fixed segmentation fault in SSL_check_chain() Modified: vendor-crypto/openssl/dist/Configure ============================================================================== --- vendor-crypto/openssl/dist/Configure Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/Configure Tue Sep 22 14:27:08 2020 (r365997) @@ -217,12 +217,22 @@ sub resolve_config; # Unified build supports separate build dir my $srcdir = catdir(absolutedir(dirname($0))); # catdir ensures local syntax my $blddir = catdir(absolutedir(".")); # catdir ensures local syntax + +# File::Spec::Unix doesn't detect case insensitivity, so we make sure to +# check if the source and build directory are really the same, and make +# them so. This avoids all kinds of confusion later on. +# We must check @File::Spec::ISA rather than using File::Spec->isa() to +# know if File::Spec ended up loading File::Spec::Unix. +$srcdir = $blddir + if (grep(/::Unix$/, @File::Spec::ISA) + && samedir($srcdir, $blddir)); + my $dofile = abs2rel(catfile($srcdir, "util/dofile.pl")); my $local_config_envname = 'OPENSSL_LOCAL_CONFIG_DIR'; -$config{sourcedir} = abs2rel($srcdir); -$config{builddir} = abs2rel($blddir); +$config{sourcedir} = abs2rel($srcdir, $blddir); +$config{builddir} = abs2rel($blddir, $blddir); # Collect reconfiguration information if needed my @argvcopy=@ARGV; @@ -1049,6 +1059,9 @@ if (scalar(@seed_sources) == 0) { print "Using os-specific seed configuration\n"; push @seed_sources, 'os'; } +if (scalar(grep { $_ eq 'egd' } @seed_sources) > 0) { + delete $disabled{'egd'}; +} if (scalar(grep { $_ eq 'none' } @seed_sources) > 0) { die "Cannot seed with none and anything else" if scalar(@seed_sources) > 1; warn <<_____ if scalar(@seed_sources) == 1; @@ -3422,6 +3435,27 @@ sub absolutedir { use Cwd qw/realpath/; return realpath($dir); +} + +# Check if all paths are one and the same, using stat. They must both exist +# We need this for the cases when File::Spec doesn't detect case insensitivity +# (File::Spec::Unix assumes case sensitivity) +sub samedir { + die "samedir expects two arguments\n" unless scalar @_ == 2; + + my @stat0 = stat($_[0]); # First argument + my @stat1 = stat($_[1]); # Second argument + + die "Couldn't stat $_[0]" unless @stat0; + die "Couldn't stat $_[1]" unless @stat1; + + # Compare device number + return 0 unless ($stat0[0] == $stat1[0]); + # Compare "inode". The perl manual recommends comparing as + # string rather than as number. + return 0 unless ($stat0[1] eq $stat1[1]); + + return 1; # All the same } sub quotify { Modified: vendor-crypto/openssl/dist/FREEBSD-upgrade ============================================================================== --- vendor-crypto/openssl/dist/FREEBSD-upgrade Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/FREEBSD-upgrade Tue Sep 22 14:27:08 2020 (r365997) @@ -11,7 +11,7 @@ First, read http://wiki.freebsd.org/SubversionPrimer/V # Xlist setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist setenv FSVN "svn+ssh://repo.freebsd.org/base" -setenv OSSLVER 1.1.1g +setenv OSSLVER 1.1.1h ###setenv OSSLTAG v`echo ${OSSLVER} | tr . _` Modified: vendor-crypto/openssl/dist/NEWS ============================================================================== --- vendor-crypto/openssl/dist/NEWS Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/NEWS Tue Sep 22 14:27:08 2020 (r365997) @@ -5,6 +5,14 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.1.1g and OpenSSL 1.1.1h [22 Sep 2020] + + o Disallow explicit curve parameters in verifications chains when + X509_V_FLAG_X509_STRICT is used + o Enable 'MinProtocol' and 'MaxProtocol' to configure both TLS and DTLS + contexts + o Oracle Developer Studio will start reporting deprecation warnings + Major changes between OpenSSL 1.1.1f and OpenSSL 1.1.1g [21 Apr 2020] o Fixed segmentation fault in SSL_check_chain() (CVE-2020-1967) Modified: vendor-crypto/openssl/dist/NOTES.PERL ============================================================================== --- vendor-crypto/openssl/dist/NOTES.PERL Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/NOTES.PERL Tue Sep 22 14:27:08 2020 (r365997) @@ -109,7 +109,7 @@ $ cpan -f -i Text::Template - Note: on VMS, you must quote any argument that contains upper case + Note: on VMS, you must quote any argument that contains uppercase characters, so the lines above would be: $ cpan -i "Text::Template" Modified: vendor-crypto/openssl/dist/README ============================================================================== --- vendor-crypto/openssl/dist/README Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/README Tue Sep 22 14:27:08 2020 (r365997) @@ -1,5 +1,5 @@ - OpenSSL 1.1.1g 21 Apr 2020 + OpenSSL 1.1.1h 22 Sep 2020 Copyright (c) 1998-2020 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Modified: vendor-crypto/openssl/dist/apps/genpkey.c ============================================================================== --- vendor-crypto/openssl/dist/apps/genpkey.c Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/apps/genpkey.c Tue Sep 22 14:27:08 2020 (r365997) @@ -1,5 +1,5 @@ /* - * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -177,9 +177,12 @@ int genpkey_main(int argc, char **argv) goto end; } + ret = 0; + if (rv <= 0) { BIO_puts(bio_err, "Error writing key\n"); ERR_print_errors(bio_err); + ret = 1; } if (text) { @@ -191,10 +194,9 @@ int genpkey_main(int argc, char **argv) if (rv <= 0) { BIO_puts(bio_err, "Error printing key\n"); ERR_print_errors(bio_err); + ret = 1; } } - - ret = 0; end: EVP_PKEY_free(pkey); Modified: vendor-crypto/openssl/dist/apps/rsa8192.pem ============================================================================== --- vendor-crypto/openssl/dist/apps/rsa8192.pem Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/apps/rsa8192.pem Tue Sep 22 14:27:08 2020 (r365997) @@ -1,5 +1,4 @@ -----BEGIN RSA PRIVATE KEY----- - MIISKAIBAAKCBAEAiQ2f1X6Bte1DKD0OoCBKEikzPW+5w3oXk3WwnE97Wxzy6wJZ ebbZC3CZKKBnJeBMrysPf+lK+9+fP6Vm8bp1wvbcSIA59BDrX6irFSuM/bdnkbuF MFlDjt+uVrxwoyqfPi2IPot1HQg3l5mdyBqcTWvbOnU2L9HZxJfPUCjfzdTMPrMY @@ -62,7 +61,7 @@ JH1/Qx7C/mTAMRsN5SkOthnGq0djCNWfPv/3JV0H67Uf5krFlnwLeb yO7iBUNJzv6Qh22malLp4P8gzACkD7DGlSTnoB5cLwcjmDGg+i9WrUBbOiVTeQfZ kOj1o+Tz35ndpq/DDUVlqliB9krcxva+QHeJPH53EGI+YVg1nD+s/vUDZ3mQMGX9 DQou2L8uU6RnWNv/BihGcL8QvS4Ty6QyPOUPpD3zc70JQAEcQk9BxQNaELgJX0IN -22cYn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU +2cYUn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU ojF5U6cwextMja1ZIIZgh9eugIRUeIE7319nQNDzuXWjRCcoBLA25P7wnpHWDRpz D9ovXCIvdja74lL5psqobV6L5+fbLPkSgXoImKR0LQKCAgAIC9Jk8kxumCyIVGCP PeM5Uby9M3GMuKrfYsn0Y5e97+kSJF1dpojTodBgR2KQar6eVrvXt+8uZCcIjfx8 @@ -98,4 +97,3 @@ TwEgE67iOb2iIoUpon/NyP4LesMzvdpsu2JFlfz13PmmQ34mFI7tWv rMlMLtKfp2w8HlMZpsUlToNCx6CI+tJrohzcs3BAVAbjFAXRKWGijB1rxwyDdHPv I+/wJTNaRNPQ1M0SwtEL/zJd21y3KSPn4eL+GP3efhlDSjtlDvZqkdAUsU8= -----END RSA PRIVATE KEY----- - Modified: vendor-crypto/openssl/dist/apps/s_client.c ============================================================================== --- vendor-crypto/openssl/dist/apps/s_client.c Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/apps/s_client.c Tue Sep 22 14:27:08 2020 (r365997) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2005 Nokia. All rights reserved. * * Licensed under the OpenSSL license (the "License"). You may not use @@ -1283,22 +1283,42 @@ int s_client_main(int argc, char **argv) case OPT_SSL3: min_version = SSL3_VERSION; max_version = SSL3_VERSION; + socket_type = SOCK_STREAM; +#ifndef OPENSSL_NO_DTLS + isdtls = 0; +#endif break; case OPT_TLS1_3: min_version = TLS1_3_VERSION; max_version = TLS1_3_VERSION; + socket_type = SOCK_STREAM; +#ifndef OPENSSL_NO_DTLS + isdtls = 0; +#endif break; case OPT_TLS1_2: min_version = TLS1_2_VERSION; max_version = TLS1_2_VERSION; + socket_type = SOCK_STREAM; +#ifndef OPENSSL_NO_DTLS + isdtls = 0; +#endif break; case OPT_TLS1_1: min_version = TLS1_1_VERSION; max_version = TLS1_1_VERSION; + socket_type = SOCK_STREAM; +#ifndef OPENSSL_NO_DTLS + isdtls = 0; +#endif break; case OPT_TLS1: min_version = TLS1_VERSION; max_version = TLS1_VERSION; + socket_type = SOCK_STREAM; +#ifndef OPENSSL_NO_DTLS + isdtls = 0; +#endif break; case OPT_DTLS: #ifndef OPENSSL_NO_DTLS Modified: vendor-crypto/openssl/dist/apps/x509.c ============================================================================== --- vendor-crypto/openssl/dist/apps/x509.c Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/apps/x509.c Tue Sep 22 14:27:08 2020 (r365997) @@ -140,9 +140,9 @@ const OPTIONS x509_options[] = { {"", OPT_MD, '-', "Any supported digest"}, #ifndef OPENSSL_NO_MD5 {"subject_hash_old", OPT_SUBJECT_HASH_OLD, '-', - "Print old-style (MD5) issuer hash value"}, - {"issuer_hash_old", OPT_ISSUER_HASH_OLD, '-', "Print old-style (MD5) subject hash value"}, + {"issuer_hash_old", OPT_ISSUER_HASH_OLD, '-', + "Print old-style (MD5) issuer hash value"}, #endif #ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, Modified: vendor-crypto/openssl/dist/appveyor.yml ============================================================================== --- vendor-crypto/openssl/dist/appveyor.yml Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/appveyor.yml Tue Sep 22 14:27:08 2020 (r365997) @@ -46,7 +46,8 @@ before_build: - cd .. - ps: >- if (-not $env:APPVEYOR_PULL_REQUEST_NUMBER` - -or (&git log -2 | Select-String "\[extended tests\]") ) { + -or (&git log -1 $env:APPVEYOR_PULL_REQUEST_HEAD_COMMIT | + Select-String "\[extended tests\]") ) { $env:EXTENDED_TESTS="yes" } Modified: vendor-crypto/openssl/dist/crypto/aes/aes_core.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/aes/aes_core.c Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/aes/aes_core.c Tue Sep 22 14:27:08 2020 (r365997) @@ -673,357 +673,6 @@ void AES_decrypt(const unsigned char *in, unsigned cha InvCipher(in, out, rk, key->rounds); } - -# ifndef OPENSSL_SMALL_FOOTPRINT -void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out, - size_t blocks, const AES_KEY *key, - const unsigned char *ivec); - -static void RawToBits(const u8 raw[64], u64 bits[8]) -{ - int i, j; - u64 in, out; - - memset(bits, 0, 64); - for (i = 0; i < 8; i++) { - in = 0; - for (j = 0; j < 8; j++) - in |= ((u64)raw[i * 8 + j]) << (8 * j); - out = in & 0xF0F0F0F00F0F0F0FuLL; - out |= (in & 0x0F0F0F0F00000000uLL) >> 28; - out |= (in & 0x00000000F0F0F0F0uLL) << 28; - in = out & 0xCCCC3333CCCC3333uLL; - in |= (out & 0x3333000033330000uLL) >> 14; - in |= (out & 0x0000CCCC0000CCCCuLL) << 14; - out = in & 0xAA55AA55AA55AA55uLL; - out |= (in & 0x5500550055005500uLL) >> 7; - out |= (in & 0x00AA00AA00AA00AAuLL) << 7; - for (j = 0; j < 8; j++) { - bits[j] |= (out & 0xFFuLL) << (8 * i); - out = out >> 8; - } - } -} - -static void BitsToRaw(const u64 bits[8], u8 raw[64]) -{ - int i, j; - u64 in, out; - - for (i = 0; i < 8; i++) { - in = 0; - for (j = 0; j < 8; j++) - in |= ((bits[j] >> (8 * i)) & 0xFFuLL) << (8 * j); - out = in & 0xF0F0F0F00F0F0F0FuLL; - out |= (in & 0x0F0F0F0F00000000uLL) >> 28; - out |= (in & 0x00000000F0F0F0F0uLL) << 28; - in = out & 0xCCCC3333CCCC3333uLL; - in |= (out & 0x3333000033330000uLL) >> 14; - in |= (out & 0x0000CCCC0000CCCCuLL) << 14; - out = in & 0xAA55AA55AA55AA55uLL; - out |= (in & 0x5500550055005500uLL) >> 7; - out |= (in & 0x00AA00AA00AA00AAuLL) << 7; - for (j = 0; j < 8; j++) { - raw[i * 8 + j] = (u8)out; - out = out >> 8; - } - } -} - -static void BitsXtime(u64 state[8]) -{ - u64 b; - - b = state[7]; - state[7] = state[6]; - state[6] = state[5]; - state[5] = state[4]; - state[4] = state[3] ^ b; - state[3] = state[2] ^ b; - state[2] = state[1]; - state[1] = state[0] ^ b; - state[0] = b; -} - -/* - * This S-box implementation follows a circuit described in - * Boyar and Peralta: "A new combinational logic minimization - * technique with applications to cryptology." - * https://eprint.iacr.org/2009/191.pdf - * - * The math is similar to above, in that it uses - * a tower field of GF(2^2^2^2) but with a different - * basis representation, that is better suited to - * logic designs. - */ -static void BitsSub(u64 state[8]) -{ - u64 x0, x1, x2, x3, x4, x5, x6, x7; - u64 y1, y2, y3, y4, y5, y6, y7, y8, y9, y10, y11; - u64 y12, y13, y14, y15, y16, y17, y18, y19, y20, y21; - u64 t0, t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11; - u64 t12, t13, t14, t15, t16, t17, t18, t19, t20, t21; - u64 t22, t23, t24, t25, t26, t27, t28, t29, t30, t31; - u64 t32, t33, t34, t35, t36, t37, t38, t39, t40, t41; - u64 t42, t43, t44, t45, t46, t47, t48, t49, t50, t51; - u64 t52, t53, t54, t55, t56, t57, t58, t59, t60, t61; - u64 t62, t63, t64, t65, t66, t67; - u64 z0, z1, z2, z3, z4, z5, z6, z7, z8, z9, z10, z11; - u64 z12, z13, z14, z15, z16, z17; - u64 s0, s1, s2, s3, s4, s5, s6, s7; - - x7 = state[0]; - x6 = state[1]; - x5 = state[2]; - x4 = state[3]; - x3 = state[4]; - x2 = state[5]; - x1 = state[6]; - x0 = state[7]; - y14 = x3 ^ x5; - y13 = x0 ^ x6; - y9 = x0 ^ x3; - y8 = x0 ^ x5; - t0 = x1 ^ x2; - y1 = t0 ^ x7; - y4 = y1 ^ x3; - y12 = y13 ^ y14; - y2 = y1 ^ x0; - y5 = y1 ^ x6; - y3 = y5 ^ y8; - t1 = x4 ^ y12; - y15 = t1 ^ x5; - y20 = t1 ^ x1; - y6 = y15 ^ x7; - y10 = y15 ^ t0; - y11 = y20 ^ y9; - y7 = x7 ^ y11; - y17 = y10 ^ y11; - y19 = y10 ^ y8; - y16 = t0 ^ y11; - y21 = y13 ^ y16; - y18 = x0 ^ y16; - t2 = y12 & y15; - t3 = y3 & y6; - t4 = t3 ^ t2; - t5 = y4 & x7; - t6 = t5 ^ t2; - t7 = y13 & y16; - t8 = y5 & y1; - t9 = t8 ^ t7; - t10 = y2 & y7; - t11 = t10 ^ t7; - t12 = y9 & y11; - t13 = y14 & y17; - t14 = t13 ^ t12; - t15 = y8 & y10; - t16 = t15 ^ t12; - t17 = t4 ^ t14; - t18 = t6 ^ t16; - t19 = t9 ^ t14; - t20 = t11 ^ t16; - t21 = t17 ^ y20; - t22 = t18 ^ y19; - t23 = t19 ^ y21; - t24 = t20 ^ y18; - t25 = t21 ^ t22; - t26 = t21 & t23; - t27 = t24 ^ t26; - t28 = t25 & t27; - t29 = t28 ^ t22; - t30 = t23 ^ t24; - t31 = t22 ^ t26; - t32 = t31 & t30; - t33 = t32 ^ t24; - t34 = t23 ^ t33; - t35 = t27 ^ t33; - t36 = t24 & t35; - t37 = t36 ^ t34; - t38 = t27 ^ t36; - t39 = t29 & t38; - t40 = t25 ^ t39; - t41 = t40 ^ t37; - t42 = t29 ^ t33; - t43 = t29 ^ t40; - t44 = t33 ^ t37; - t45 = t42 ^ t41; - z0 = t44 & y15; - z1 = t37 & y6; - z2 = t33 & x7; - z3 = t43 & y16; - z4 = t40 & y1; - z5 = t29 & y7; - z6 = t42 & y11; - z7 = t45 & y17; - z8 = t41 & y10; - z9 = t44 & y12; - z10 = t37 & y3; - z11 = t33 & y4; - z12 = t43 & y13; - z13 = t40 & y5; - z14 = t29 & y2; - z15 = t42 & y9; - z16 = t45 & y14; - z17 = t41 & y8; - t46 = z15 ^ z16; - t47 = z10 ^ z11; - t48 = z5 ^ z13; - t49 = z9 ^ z10; - t50 = z2 ^ z12; - t51 = z2 ^ z5; - t52 = z7 ^ z8; - t53 = z0 ^ z3; - t54 = z6 ^ z7; - t55 = z16 ^ z17; - t56 = z12 ^ t48; - t57 = t50 ^ t53; - t58 = z4 ^ t46; - t59 = z3 ^ t54; - t60 = t46 ^ t57; - t61 = z14 ^ t57; - t62 = t52 ^ t58; - t63 = t49 ^ t58; - t64 = z4 ^ t59; - t65 = t61 ^ t62; - t66 = z1 ^ t63; - s0 = t59 ^ t63; - s6 = ~(t56 ^ t62); - s7 = ~(t48 ^ t60); - t67 = t64 ^ t65; - s3 = t53 ^ t66; - s4 = t51 ^ t66; - s5 = t47 ^ t65; - s1 = ~(t64 ^ s3); - s2 = ~(t55 ^ t67); - state[0] = s7; - state[1] = s6; - state[2] = s5; - state[3] = s4; - state[4] = s3; - state[5] = s2; - state[6] = s1; - state[7] = s0; -} - -static void BitsShiftRows(u64 state[8]) -{ - u64 s, s0; - int i; - - for (i = 0; i < 8; i++) { - s = state[i]; - s0 = s & 0x1111111111111111uLL; - s0 |= ((s & 0x2220222022202220uLL) >> 4) | ((s & 0x0002000200020002uLL) << 12); - s0 |= ((s & 0x4400440044004400uLL) >> 8) | ((s & 0x0044004400440044uLL) << 8); - s0 |= ((s & 0x8000800080008000uLL) >> 12) | ((s & 0x0888088808880888uLL) << 4); - state[i] = s0; - } -} - -static void BitsMixColumns(u64 state[8]) -{ - u64 s1, s; - u64 s0[8]; - int i; - - for (i = 0; i < 8; i++) { - s1 = state[i]; - s = s1; - s ^= ((s & 0xCCCCCCCCCCCCCCCCuLL) >> 2) | ((s & 0x3333333333333333uLL) << 2); - s ^= ((s & 0xAAAAAAAAAAAAAAAAuLL) >> 1) | ((s & 0x5555555555555555uLL) << 1); - s ^= s1; - s0[i] = s; - } - BitsXtime(state); - for (i = 0; i < 8; i++) { - s1 = state[i]; - s = s0[i]; - s ^= s1; - s ^= ((s1 & 0xEEEEEEEEEEEEEEEEuLL) >> 1) | ((s1 & 0x1111111111111111uLL) << 3); - state[i] = s; - } -} - -static void BitsAddRoundKey(u64 state[8], const u64 key[8]) -{ - int i; - - for (i = 0; i < 8; i++) - state[i] ^= key[i]; -} - -void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out, - size_t blocks, const AES_KEY *key, - const unsigned char *ivec) -{ - struct { - u8 cipher[64]; - u64 state[8]; - u64 rd_key[AES_MAXNR + 1][8]; - } *bs; - u32 ctr32; - int i; - - ctr32 = GETU32(ivec + 12); - if (blocks >= 4 - && (bs = OPENSSL_malloc(sizeof(*bs)))) { - for (i = 0; i < key->rounds + 1; i++) { - memcpy(bs->cipher + 0, &key->rd_key[4 * i], 16); - memcpy(bs->cipher + 16, bs->cipher, 16); - memcpy(bs->cipher + 32, bs->cipher, 32); - RawToBits(bs->cipher, bs->rd_key[i]); - } - while (blocks) { - memcpy(bs->cipher, ivec, 12); - PUTU32(bs->cipher + 12, ctr32); - ctr32++; - memcpy(bs->cipher + 16, ivec, 12); - PUTU32(bs->cipher + 28, ctr32); - ctr32++; - memcpy(bs->cipher + 32, ivec, 12); - PUTU32(bs->cipher + 44, ctr32); - ctr32++; - memcpy(bs->cipher + 48, ivec, 12); - PUTU32(bs->cipher + 60, ctr32); - ctr32++; - RawToBits(bs->cipher, bs->state); - BitsAddRoundKey(bs->state, bs->rd_key[0]); - for (i = 1; i < key->rounds; i++) { - BitsSub(bs->state); - BitsShiftRows(bs->state); - BitsMixColumns(bs->state); - BitsAddRoundKey(bs->state, bs->rd_key[i]); - } - BitsSub(bs->state); - BitsShiftRows(bs->state); - BitsAddRoundKey(bs->state, bs->rd_key[key->rounds]); - BitsToRaw(bs->state, bs->cipher); - for (i = 0; i < 64 && blocks; i++) { - out[i] = in[i] ^ bs->cipher[i]; - if ((i & 15) == 15) - blocks--; - } - in += i; - out += i; - } - OPENSSL_clear_free(bs, sizeof(*bs)); - } else { - unsigned char cipher[16]; - - while (blocks) { - memcpy(cipher, ivec, 12); - PUTU32(cipher + 12, ctr32); - AES_encrypt(cipher, cipher, key); - for (i = 0; i < 16; i++) - out[i] = in[i] ^ cipher[i]; - in += 16; - out += 16; - ctr32++; - blocks--; - } - } -} -# endif #elif !defined(AES_ASM) /*- Te0[x] = S [x].[02, 01, 01, 03]; Modified: vendor-crypto/openssl/dist/crypto/aes/aes_ige.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/aes/aes_ige.c Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/aes/aes_ige.c Tue Sep 22 14:27:08 2020 (r365997) @@ -1,5 +1,5 @@ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,16 +12,20 @@ #include #include "aes_local.h" -#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long)) -typedef struct { - unsigned long data[N_WORDS]; -} aes_block_t; - /* XXX: probably some better way to do this */ #if defined(__i386__) || defined(__x86_64__) # define UNALIGNED_MEMOPS_ARE_FAST 1 #else # define UNALIGNED_MEMOPS_ARE_FAST 0 +#endif + +#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long)) +typedef struct { + unsigned long data[N_WORDS]; +#if defined(__GNUC__) && UNALIGNED_MEMOPS_ARE_FAST +} aes_block_t __attribute((__aligned__(1))); +#else +} aes_block_t; #endif #if UNALIGNED_MEMOPS_ARE_FAST Modified: vendor-crypto/openssl/dist/crypto/aes/asm/aesni-mb-x86_64.pl ============================================================================== --- vendor-crypto/openssl/dist/crypto/aes/asm/aesni-mb-x86_64.pl Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/aes/asm/aesni-mb-x86_64.pl Tue Sep 22 14:27:08 2020 (r365997) @@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM $avx = ($1>=10) + ($1>=11); } -if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) { +if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) { $avx = ($2>=3.0) + ($2>3.0); } Modified: vendor-crypto/openssl/dist/crypto/aes/asm/aesni-sha1-x86_64.pl ============================================================================== --- vendor-crypto/openssl/dist/crypto/aes/asm/aesni-sha1-x86_64.pl Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/aes/asm/aesni-sha1-x86_64.pl Tue Sep 22 14:27:08 2020 (r365997) @@ -108,7 +108,7 @@ $avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ $avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) && `ml64 2>&1` =~ /Version ([0-9]+)\./ && $1>=10); -$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/ && $2>=3.0); +$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/ && $2>=3.0); $shaext=1; ### set to zero if compiling for 1.0.1 Modified: vendor-crypto/openssl/dist/crypto/aes/asm/aesni-sha256-x86_64.pl ============================================================================== --- vendor-crypto/openssl/dist/crypto/aes/asm/aesni-sha256-x86_64.pl Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/aes/asm/aesni-sha256-x86_64.pl Tue Sep 22 14:27:08 2020 (r365997) @@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM $avx = ($1>=10) + ($1>=12); } -if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) { +if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) { $avx = ($2>=3.0) + ($2>3.0); } Modified: vendor-crypto/openssl/dist/crypto/asn1/d2i_pr.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/asn1/d2i_pr.c Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/asn1/d2i_pr.c Tue Sep 22 14:27:08 2020 (r365997) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -56,6 +56,8 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const goto err; EVP_PKEY_free(ret); ret = tmp; + if (EVP_PKEY_type(type) != EVP_PKEY_base_id(ret)) + goto err; } else { ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB); goto err; Modified: vendor-crypto/openssl/dist/crypto/asn1/x_algor.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/asn1/x_algor.c Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/asn1/x_algor.c Tue Sep 22 14:27:08 2020 (r365997) @@ -1,5 +1,5 @@ /* - * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -91,4 +91,36 @@ int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALG if (!a->parameter && !b->parameter) return 0; return ASN1_TYPE_cmp(a->parameter, b->parameter); +} + +int X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src) +{ + if (src == NULL || dest == NULL) + return 0; + + if (dest->algorithm) + ASN1_OBJECT_free(dest->algorithm); + dest->algorithm = NULL; + + if (dest->parameter) + ASN1_TYPE_free(dest->parameter); + dest->parameter = NULL; + + if (src->algorithm) + if ((dest->algorithm = OBJ_dup(src->algorithm)) == NULL) + return 0; + + if (src->parameter) { + dest->parameter = ASN1_TYPE_new(); + if (dest->parameter == NULL) + return 0; + + /* Assuming this is also correct for a BOOL. + * set does copy as a side effect. + */ + if (ASN1_TYPE_set1(dest->parameter, + src->parameter->type, src->parameter->value.ptr) == 0) + return 0; + } + return 1; } Modified: vendor-crypto/openssl/dist/crypto/bio/b_print.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bio/b_print.c Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/bio/b_print.c Tue Sep 22 14:27:08 2020 (r365997) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -635,7 +635,11 @@ fmtfp(char **sbuffer, fvalue = tmpvalue; } ufvalue = abs_val(fvalue); - if (ufvalue > ULONG_MAX) { + /* + * By subtracting 65535 (2^16-1) we cancel the low order 15 bits + * of ULONG_MAX to avoid using imprecise floating point values. + */ + if (ufvalue >= (double)(ULONG_MAX - 65535) + 65536.0) { /* Number too big */ return 0; } Modified: vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c Tue Sep 22 14:27:08 2020 (r365997) @@ -434,8 +434,10 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void b->init = 1; } else if (num == 1) { OPENSSL_free(data->param_serv); - data->param_serv = BUF_strdup(ptr); - b->init = 1; + if ((data->param_serv = OPENSSL_strdup(ptr)) == NULL) + ret = 0; + else + b->init = 1; } else if (num == 2) { data->bind_mode |= BIO_SOCK_NONBLOCK; } else if (num == 3) { Modified: vendor-crypto/openssl/dist/crypto/bio/bss_conn.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bio/bss_conn.c Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/bio/bss_conn.c Tue Sep 22 14:27:08 2020 (r365997) @@ -186,8 +186,17 @@ static int conn_state(BIO *b, BIO_CONNECT *c) case BIO_CONN_S_BLOCKED_CONNECT: i = BIO_sock_error(b->num); - if (i) { + if (i != 0) { BIO_clear_retry_flags(b); + if ((c->addr_iter = BIO_ADDRINFO_next(c->addr_iter)) != NULL) { + /* + * if there are more addresses to try, do that first + */ + BIO_closesocket(b->num); + c->state = BIO_CONN_S_CREATE_SOCKET; + ERR_clear_error(); + break; + } SYSerr(SYS_F_CONNECT, i); ERR_add_error_data(4, "hostname=", c->param_hostname, @@ -407,12 +416,13 @@ static long conn_ctrl(BIO *b, int cmd, long num, void case BIO_C_SET_CONNECT: if (ptr != NULL) { b->init = 1; - if (num == 0) { + if (num == 0) { /* BIO_set_conn_hostname */ char *hold_service = data->param_service; /* We affect the hostname regardless. However, the input * string might contain a host:service spec, so we must * parse it, which might or might not affect the service */ + OPENSSL_free(data->param_hostname); data->param_hostname = NULL; ret = BIO_parse_hostserv(ptr, @@ -421,19 +431,29 @@ static long conn_ctrl(BIO *b, int cmd, long num, void BIO_PARSE_PRIO_HOST); if (hold_service != data->param_service) OPENSSL_free(hold_service); - } else if (num == 1) { + } else if (num == 1) { /* BIO_set_conn_port */ OPENSSL_free(data->param_service); - data->param_service = BUF_strdup(ptr); - } else if (num == 2) { + if ((data->param_service = OPENSSL_strdup(ptr)) == NULL) + ret = 0; + } else if (num == 2) { /* BIO_set_conn_address */ const BIO_ADDR *addr = (const BIO_ADDR *)ptr; + char *host = BIO_ADDR_hostname_string(addr, 1); + char *service = BIO_ADDR_service_string(addr, 1); + + ret = host != NULL && service != NULL; if (ret) { - data->param_hostname = BIO_ADDR_hostname_string(addr, 1); - data->param_service = BIO_ADDR_service_string(addr, 1); + OPENSSL_free(data->param_hostname); + data->param_hostname = host; + OPENSSL_free(data->param_service); + data->param_service = service; BIO_ADDRINFO_free(data->addr_first); data->addr_first = NULL; data->addr_iter = NULL; + } else { + OPENSSL_free(host); + OPENSSL_free(service); } - } else if (num == 3) { + } else if (num == 3) { /* BIO_set_conn_ip_family */ data->connect_family = *(int *)ptr; } else { ret = 0; Modified: vendor-crypto/openssl/dist/crypto/bn/asm/rsaz-avx2.pl ============================================================================== --- vendor-crypto/openssl/dist/crypto/bn/asm/rsaz-avx2.pl Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/bn/asm/rsaz-avx2.pl Tue Sep 22 14:27:08 2020 (r365997) @@ -66,7 +66,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM $addx = ($1>=11); } -if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) { +if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) { my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10 $avx = ($ver>=3.0) + ($ver>=3.01); $addx = ($ver>=3.03); Modified: vendor-crypto/openssl/dist/crypto/bn/asm/rsaz-x86_64.pl ============================================================================== --- vendor-crypto/openssl/dist/crypto/bn/asm/rsaz-x86_64.pl Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/bn/asm/rsaz-x86_64.pl Tue Sep 22 14:27:08 2020 (r365997) @@ -81,7 +81,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{AS $addx = ($1>=12); } -if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) { +if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) { my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10 $addx = ($ver>=3.03); } Modified: vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont.pl ============================================================================== --- vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont.pl Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont.pl Tue Sep 22 14:27:08 2020 (r365997) @@ -75,7 +75,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{AS $addx = ($1>=12); } -if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) { +if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) { my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10 $addx = ($ver>=3.03); } Modified: vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont5.pl ============================================================================== --- vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont5.pl Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont5.pl Tue Sep 22 14:27:08 2020 (r365997) @@ -60,7 +60,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{AS $addx = ($1>=12); } -if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) { +if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) { my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10 $addx = ($ver>=3.03); } Modified: vendor-crypto/openssl/dist/crypto/bn/bn_gcd.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bn/bn_gcd.c Tue Sep 22 14:15:06 2020 (r365996) +++ vendor-crypto/openssl/dist/crypto/bn/bn_gcd.c Tue Sep 22 14:27:08 2020 (r365997) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -10,22 +10,189 @@ #include "internal/cryptlib.h" #include "bn_local.h" -/* solves ax == 1 (mod n) */ -static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in, - const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx); - -BIGNUM *BN_mod_inverse(BIGNUM *in, - const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) +/* + * bn_mod_inverse_no_branch is a special version of BN_mod_inverse. It does + * not contain branches that may leak sensitive information. + * + * This is a static function, we ensure all callers in this file pass valid + * arguments: all passed pointers here are non-NULL. + */ +static ossl_inline +BIGNUM *bn_mod_inverse_no_branch(BIGNUM *in, + const BIGNUM *a, const BIGNUM *n, + BN_CTX *ctx, int *pnoinv) { - BIGNUM *rv; - int noinv; - rv = int_bn_mod_inverse(in, a, n, ctx, &noinv); - if (noinv) - BNerr(BN_F_BN_MOD_INVERSE, BN_R_NO_INVERSE); - return rv; + BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; + BIGNUM *ret = NULL; + int sign; + + bn_check_top(a); + bn_check_top(n); + + BN_CTX_start(ctx); + A = BN_CTX_get(ctx); + B = BN_CTX_get(ctx); + X = BN_CTX_get(ctx); + D = BN_CTX_get(ctx); + M = BN_CTX_get(ctx); + Y = BN_CTX_get(ctx); + T = BN_CTX_get(ctx); + if (T == NULL) + goto err; + + if (in == NULL) + R = BN_new(); + else + R = in; + if (R == NULL) + goto err; + + BN_one(X); + BN_zero(Y); + if (BN_copy(B, a) == NULL) + goto err; + if (BN_copy(A, n) == NULL) + goto err; + A->neg = 0; + + if (B->neg || (BN_ucmp(B, A) >= 0)) { *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-vendor@freebsd.org Tue Sep 22 14:28:01 2020 Return-Path: Delivered-To: svn-src-vendor@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 10A1A3EAC40; Tue, 22 Sep 2020 14:28:01 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BwkDc6mMLz45M3; Tue, 22 Sep 2020 14:28:00 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B158220CE8; Tue, 22 Sep 2020 14:28:00 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08MES0fM053890; Tue, 22 Sep 2020 14:28:00 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08MES0Kn053889; Tue, 22 Sep 2020 14:28:00 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <202009221428.08MES0Kn053889@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Tue, 22 Sep 2020 14:28:00 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r365998 - vendor-crypto/openssl/1.1.1h X-SVN-Group: vendor-crypto X-SVN-Commit-Author: jkim X-SVN-Commit-Paths: vendor-crypto/openssl/1.1.1h X-SVN-Commit-Revision: 365998 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2020 14:28:01 -0000 Author: jkim Date: Tue Sep 22 14:28:00 2020 New Revision: 365998 URL: https://svnweb.freebsd.org/changeset/base/365998 Log: Tag OpenSSL 1.1.1h. Added: vendor-crypto/openssl/1.1.1h/ - copied from r365997, vendor-crypto/openssl/dist/