From owner-svn-src-stable@freebsd.org  Thu Jan  2 21:35:32 2020
Return-Path: <owner-svn-src-stable@freebsd.org>
Delivered-To: svn-src-stable@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 078931DB529;
 Thu,  2 Jan 2020 21:35:32 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 47phCm02lrz3ySH;
 Thu,  2 Jan 2020 21:35:32 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D7AEB21C1D;
 Thu,  2 Jan 2020 21:35:31 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 002LZVNf079400;
 Thu, 2 Jan 2020 21:35:31 GMT (envelope-from jkim@FreeBSD.org)
Received: (from jkim@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id 002LZT8U079383;
 Thu, 2 Jan 2020 21:35:29 GMT (envelope-from jkim@FreeBSD.org)
Message-Id: <202001022135.002LZT8U079383@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: jkim set sender to
 jkim@FreeBSD.org using -f
From: Jung-uk Kim <jkim@FreeBSD.org>
Date: Thu, 2 Jan 2020 21:35:29 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org
Subject: svn commit: r356290 - in stable/11: crypto/openssl
 crypto/openssl/apps crypto/openssl/crypto crypto/openssl/crypto/asn1
 crypto/openssl/crypto/bn/asm crypto/openssl/crypto/ec secure/lib/libcrypto
 se...
X-SVN-Group: stable-11
X-SVN-Commit-Author: jkim
X-SVN-Commit-Paths: in stable/11: crypto/openssl crypto/openssl/apps
 crypto/openssl/crypto crypto/openssl/crypto/asn1 crypto/openssl/crypto/bn/asm
 crypto/openssl/crypto/ec secure/lib/libcrypto secure/lib/libcrypto/amd64 ...
X-SVN-Commit-Revision: 356290
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-stable@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for all the -stable branches of the src tree
 <svn-src-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-stable>, 
 <mailto:svn-src-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable/>
List-Post: <mailto:svn-src-stable@freebsd.org>
List-Help: <mailto:svn-src-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-stable>,
 <mailto:svn-src-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jan 2020 21:35:32 -0000

Author: jkim
Date: Thu Jan  2 21:35:28 2020
New Revision: 356290
URL: https://svnweb.freebsd.org/changeset/base/356290

Log:
  Merge OpenSSL 1.0.2u.

Modified:
  stable/11/crypto/openssl/CHANGES
  stable/11/crypto/openssl/Makefile
  stable/11/crypto/openssl/NEWS
  stable/11/crypto/openssl/README
  stable/11/crypto/openssl/apps/s_server.c
  stable/11/crypto/openssl/appveyor.yml
  stable/11/crypto/openssl/crypto/asn1/x_bignum.c
  stable/11/crypto/openssl/crypto/bn/asm/rsaz-x86_64.pl
  stable/11/crypto/openssl/crypto/cryptlib.c
  stable/11/crypto/openssl/crypto/ec/ec_asn1.c
  stable/11/crypto/openssl/crypto/opensslv.h
  stable/11/secure/lib/libcrypto/Makefile.inc
  stable/11/secure/lib/libcrypto/amd64/rsaz-x86_64.S
  stable/11/secure/lib/libcrypto/man/ASN1_OBJECT_new.3
  stable/11/secure/lib/libcrypto/man/ASN1_STRING_length.3
  stable/11/secure/lib/libcrypto/man/ASN1_STRING_new.3
  stable/11/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3
  stable/11/secure/lib/libcrypto/man/ASN1_TIME_set.3
  stable/11/secure/lib/libcrypto/man/ASN1_generate_nconf.3
  stable/11/secure/lib/libcrypto/man/BIO_ctrl.3
  stable/11/secure/lib/libcrypto/man/BIO_f_base64.3
  stable/11/secure/lib/libcrypto/man/BIO_f_buffer.3
  stable/11/secure/lib/libcrypto/man/BIO_f_cipher.3
  stable/11/secure/lib/libcrypto/man/BIO_f_md.3
  stable/11/secure/lib/libcrypto/man/BIO_f_null.3
  stable/11/secure/lib/libcrypto/man/BIO_f_ssl.3
  stable/11/secure/lib/libcrypto/man/BIO_find_type.3
  stable/11/secure/lib/libcrypto/man/BIO_new.3
  stable/11/secure/lib/libcrypto/man/BIO_new_CMS.3
  stable/11/secure/lib/libcrypto/man/BIO_push.3
  stable/11/secure/lib/libcrypto/man/BIO_read.3
  stable/11/secure/lib/libcrypto/man/BIO_s_accept.3
  stable/11/secure/lib/libcrypto/man/BIO_s_bio.3
  stable/11/secure/lib/libcrypto/man/BIO_s_connect.3
  stable/11/secure/lib/libcrypto/man/BIO_s_fd.3
  stable/11/secure/lib/libcrypto/man/BIO_s_file.3
  stable/11/secure/lib/libcrypto/man/BIO_s_mem.3
  stable/11/secure/lib/libcrypto/man/BIO_s_null.3
  stable/11/secure/lib/libcrypto/man/BIO_s_socket.3
  stable/11/secure/lib/libcrypto/man/BIO_set_callback.3
  stable/11/secure/lib/libcrypto/man/BIO_should_retry.3
  stable/11/secure/lib/libcrypto/man/BN_BLINDING_new.3
  stable/11/secure/lib/libcrypto/man/BN_CTX_new.3
  stable/11/secure/lib/libcrypto/man/BN_CTX_start.3
  stable/11/secure/lib/libcrypto/man/BN_add.3
  stable/11/secure/lib/libcrypto/man/BN_add_word.3
  stable/11/secure/lib/libcrypto/man/BN_bn2bin.3
  stable/11/secure/lib/libcrypto/man/BN_cmp.3
  stable/11/secure/lib/libcrypto/man/BN_copy.3
  stable/11/secure/lib/libcrypto/man/BN_generate_prime.3
  stable/11/secure/lib/libcrypto/man/BN_mod_inverse.3
  stable/11/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3
  stable/11/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3
  stable/11/secure/lib/libcrypto/man/BN_new.3
  stable/11/secure/lib/libcrypto/man/BN_num_bytes.3
  stable/11/secure/lib/libcrypto/man/BN_rand.3
  stable/11/secure/lib/libcrypto/man/BN_set_bit.3
  stable/11/secure/lib/libcrypto/man/BN_swap.3
  stable/11/secure/lib/libcrypto/man/BN_zero.3
  stable/11/secure/lib/libcrypto/man/CMS_add0_cert.3
  stable/11/secure/lib/libcrypto/man/CMS_add1_recipient_cert.3
  stable/11/secure/lib/libcrypto/man/CMS_add1_signer.3
  stable/11/secure/lib/libcrypto/man/CMS_compress.3
  stable/11/secure/lib/libcrypto/man/CMS_decrypt.3
  stable/11/secure/lib/libcrypto/man/CMS_encrypt.3
  stable/11/secure/lib/libcrypto/man/CMS_final.3
  stable/11/secure/lib/libcrypto/man/CMS_get0_RecipientInfos.3
  stable/11/secure/lib/libcrypto/man/CMS_get0_SignerInfos.3
  stable/11/secure/lib/libcrypto/man/CMS_get0_type.3
  stable/11/secure/lib/libcrypto/man/CMS_get1_ReceiptRequest.3
  stable/11/secure/lib/libcrypto/man/CMS_sign.3
  stable/11/secure/lib/libcrypto/man/CMS_sign_receipt.3
  stable/11/secure/lib/libcrypto/man/CMS_uncompress.3
  stable/11/secure/lib/libcrypto/man/CMS_verify.3
  stable/11/secure/lib/libcrypto/man/CMS_verify_receipt.3
  stable/11/secure/lib/libcrypto/man/CONF_modules_free.3
  stable/11/secure/lib/libcrypto/man/CONF_modules_load_file.3
  stable/11/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3
  stable/11/secure/lib/libcrypto/man/DH_generate_key.3
  stable/11/secure/lib/libcrypto/man/DH_generate_parameters.3
  stable/11/secure/lib/libcrypto/man/DH_get_ex_new_index.3
  stable/11/secure/lib/libcrypto/man/DH_new.3
  stable/11/secure/lib/libcrypto/man/DH_set_method.3
  stable/11/secure/lib/libcrypto/man/DH_size.3
  stable/11/secure/lib/libcrypto/man/DSA_SIG_new.3
  stable/11/secure/lib/libcrypto/man/DSA_do_sign.3
  stable/11/secure/lib/libcrypto/man/DSA_dup_DH.3
  stable/11/secure/lib/libcrypto/man/DSA_generate_key.3
  stable/11/secure/lib/libcrypto/man/DSA_generate_parameters.3
  stable/11/secure/lib/libcrypto/man/DSA_get_ex_new_index.3
  stable/11/secure/lib/libcrypto/man/DSA_new.3
  stable/11/secure/lib/libcrypto/man/DSA_set_method.3
  stable/11/secure/lib/libcrypto/man/DSA_sign.3
  stable/11/secure/lib/libcrypto/man/DSA_size.3
  stable/11/secure/lib/libcrypto/man/EC_GFp_simple_method.3
  stable/11/secure/lib/libcrypto/man/EC_GROUP_copy.3
  stable/11/secure/lib/libcrypto/man/EC_GROUP_new.3
  stable/11/secure/lib/libcrypto/man/EC_KEY_new.3
  stable/11/secure/lib/libcrypto/man/EC_POINT_add.3
  stable/11/secure/lib/libcrypto/man/EC_POINT_new.3
  stable/11/secure/lib/libcrypto/man/ERR_GET_LIB.3
  stable/11/secure/lib/libcrypto/man/ERR_clear_error.3
  stable/11/secure/lib/libcrypto/man/ERR_error_string.3
  stable/11/secure/lib/libcrypto/man/ERR_get_error.3
  stable/11/secure/lib/libcrypto/man/ERR_load_crypto_strings.3
  stable/11/secure/lib/libcrypto/man/ERR_load_strings.3
  stable/11/secure/lib/libcrypto/man/ERR_print_errors.3
  stable/11/secure/lib/libcrypto/man/ERR_put_error.3
  stable/11/secure/lib/libcrypto/man/ERR_remove_state.3
  stable/11/secure/lib/libcrypto/man/ERR_set_mark.3
  stable/11/secure/lib/libcrypto/man/EVP_BytesToKey.3
  stable/11/secure/lib/libcrypto/man/EVP_DigestInit.3
  stable/11/secure/lib/libcrypto/man/EVP_DigestSignInit.3
  stable/11/secure/lib/libcrypto/man/EVP_DigestVerifyInit.3
  stable/11/secure/lib/libcrypto/man/EVP_EncodeInit.3
  stable/11/secure/lib/libcrypto/man/EVP_EncryptInit.3
  stable/11/secure/lib/libcrypto/man/EVP_OpenInit.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_CTX_new.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_cmp.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_decrypt.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_derive.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_encrypt.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_get_default_digest.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_keygen.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_meth_new.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_new.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_print_private.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_sign.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_verify.3
  stable/11/secure/lib/libcrypto/man/EVP_PKEY_verify_recover.3
  stable/11/secure/lib/libcrypto/man/EVP_SealInit.3
  stable/11/secure/lib/libcrypto/man/EVP_SignInit.3
  stable/11/secure/lib/libcrypto/man/EVP_VerifyInit.3
  stable/11/secure/lib/libcrypto/man/OBJ_nid2obj.3
  stable/11/secure/lib/libcrypto/man/OPENSSL_Applink.3
  stable/11/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
  stable/11/secure/lib/libcrypto/man/OPENSSL_config.3
  stable/11/secure/lib/libcrypto/man/OPENSSL_ia32cap.3
  stable/11/secure/lib/libcrypto/man/OPENSSL_instrument_bus.3
  stable/11/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
  stable/11/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
  stable/11/secure/lib/libcrypto/man/PEM_write_bio_CMS_stream.3
  stable/11/secure/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3
  stable/11/secure/lib/libcrypto/man/PKCS12_create.3
  stable/11/secure/lib/libcrypto/man/PKCS12_parse.3
  stable/11/secure/lib/libcrypto/man/PKCS7_decrypt.3
  stable/11/secure/lib/libcrypto/man/PKCS7_encrypt.3
  stable/11/secure/lib/libcrypto/man/PKCS7_sign.3
  stable/11/secure/lib/libcrypto/man/PKCS7_sign_add_signer.3
  stable/11/secure/lib/libcrypto/man/PKCS7_verify.3
  stable/11/secure/lib/libcrypto/man/RAND_add.3
  stable/11/secure/lib/libcrypto/man/RAND_bytes.3
  stable/11/secure/lib/libcrypto/man/RAND_cleanup.3
  stable/11/secure/lib/libcrypto/man/RAND_egd.3
  stable/11/secure/lib/libcrypto/man/RAND_load_file.3
  stable/11/secure/lib/libcrypto/man/RAND_set_rand_method.3
  stable/11/secure/lib/libcrypto/man/RSA_blinding_on.3
  stable/11/secure/lib/libcrypto/man/RSA_check_key.3
  stable/11/secure/lib/libcrypto/man/RSA_generate_key.3
  stable/11/secure/lib/libcrypto/man/RSA_get_ex_new_index.3
  stable/11/secure/lib/libcrypto/man/RSA_new.3
  stable/11/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3
  stable/11/secure/lib/libcrypto/man/RSA_print.3
  stable/11/secure/lib/libcrypto/man/RSA_private_encrypt.3
  stable/11/secure/lib/libcrypto/man/RSA_public_encrypt.3
  stable/11/secure/lib/libcrypto/man/RSA_set_method.3
  stable/11/secure/lib/libcrypto/man/RSA_sign.3
  stable/11/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3
  stable/11/secure/lib/libcrypto/man/RSA_size.3
  stable/11/secure/lib/libcrypto/man/SMIME_read_CMS.3
  stable/11/secure/lib/libcrypto/man/SMIME_read_PKCS7.3
  stable/11/secure/lib/libcrypto/man/SMIME_write_CMS.3
  stable/11/secure/lib/libcrypto/man/SMIME_write_PKCS7.3
  stable/11/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3
  stable/11/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3
  stable/11/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
  stable/11/secure/lib/libcrypto/man/X509_NAME_print_ex.3
  stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_get_error.3
  stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3
  stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_new.3
  stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3
  stable/11/secure/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3
  stable/11/secure/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3
  stable/11/secure/lib/libcrypto/man/X509_check_host.3
  stable/11/secure/lib/libcrypto/man/X509_check_private_key.3
  stable/11/secure/lib/libcrypto/man/X509_cmp_time.3
  stable/11/secure/lib/libcrypto/man/X509_new.3
  stable/11/secure/lib/libcrypto/man/X509_verify_cert.3
  stable/11/secure/lib/libcrypto/man/bio.3
  stable/11/secure/lib/libcrypto/man/blowfish.3
  stable/11/secure/lib/libcrypto/man/bn.3
  stable/11/secure/lib/libcrypto/man/bn_internal.3
  stable/11/secure/lib/libcrypto/man/buffer.3
  stable/11/secure/lib/libcrypto/man/crypto.3
  stable/11/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3
  stable/11/secure/lib/libcrypto/man/d2i_CMS_ContentInfo.3
  stable/11/secure/lib/libcrypto/man/d2i_DHparams.3
  stable/11/secure/lib/libcrypto/man/d2i_DSAPublicKey.3
  stable/11/secure/lib/libcrypto/man/d2i_ECPKParameters.3
  stable/11/secure/lib/libcrypto/man/d2i_ECPrivateKey.3
  stable/11/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3
  stable/11/secure/lib/libcrypto/man/d2i_PrivateKey.3
  stable/11/secure/lib/libcrypto/man/d2i_RSAPublicKey.3
  stable/11/secure/lib/libcrypto/man/d2i_X509.3
  stable/11/secure/lib/libcrypto/man/d2i_X509_ALGOR.3
  stable/11/secure/lib/libcrypto/man/d2i_X509_CRL.3
  stable/11/secure/lib/libcrypto/man/d2i_X509_NAME.3
  stable/11/secure/lib/libcrypto/man/d2i_X509_REQ.3
  stable/11/secure/lib/libcrypto/man/d2i_X509_SIG.3
  stable/11/secure/lib/libcrypto/man/des.3
  stable/11/secure/lib/libcrypto/man/dh.3
  stable/11/secure/lib/libcrypto/man/dsa.3
  stable/11/secure/lib/libcrypto/man/ec.3
  stable/11/secure/lib/libcrypto/man/ecdsa.3
  stable/11/secure/lib/libcrypto/man/engine.3
  stable/11/secure/lib/libcrypto/man/err.3
  stable/11/secure/lib/libcrypto/man/evp.3
  stable/11/secure/lib/libcrypto/man/hmac.3
  stable/11/secure/lib/libcrypto/man/i2d_CMS_bio_stream.3
  stable/11/secure/lib/libcrypto/man/i2d_PKCS7_bio_stream.3
  stable/11/secure/lib/libcrypto/man/lh_stats.3
  stable/11/secure/lib/libcrypto/man/lhash.3
  stable/11/secure/lib/libcrypto/man/md5.3
  stable/11/secure/lib/libcrypto/man/mdc2.3
  stable/11/secure/lib/libcrypto/man/pem.3
  stable/11/secure/lib/libcrypto/man/rand.3
  stable/11/secure/lib/libcrypto/man/rc4.3
  stable/11/secure/lib/libcrypto/man/ripemd.3
  stable/11/secure/lib/libcrypto/man/rsa.3
  stable/11/secure/lib/libcrypto/man/sha.3
  stable/11/secure/lib/libcrypto/man/threads.3
  stable/11/secure/lib/libcrypto/man/ui.3
  stable/11/secure/lib/libcrypto/man/ui_compat.3
  stable/11/secure/lib/libcrypto/man/x509.3
  stable/11/secure/lib/libssl/man/SSL_CIPHER_get_name.3
  stable/11/secure/lib/libssl/man/SSL_COMP_add_compression_method.3
  stable/11/secure/lib/libssl/man/SSL_CONF_CTX_new.3
  stable/11/secure/lib/libssl/man/SSL_CONF_CTX_set1_prefix.3
  stable/11/secure/lib/libssl/man/SSL_CONF_CTX_set_flags.3
  stable/11/secure/lib/libssl/man/SSL_CONF_CTX_set_ssl_ctx.3
  stable/11/secure/lib/libssl/man/SSL_CONF_cmd.3
  stable/11/secure/lib/libssl/man/SSL_CONF_cmd_argv.3
  stable/11/secure/lib/libssl/man/SSL_CTX_add1_chain_cert.3
  stable/11/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3
  stable/11/secure/lib/libssl/man/SSL_CTX_add_session.3
  stable/11/secure/lib/libssl/man/SSL_CTX_ctrl.3
  stable/11/secure/lib/libssl/man/SSL_CTX_flush_sessions.3
  stable/11/secure/lib/libssl/man/SSL_CTX_free.3
  stable/11/secure/lib/libssl/man/SSL_CTX_get0_param.3
  stable/11/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3
  stable/11/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3
  stable/11/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3
  stable/11/secure/lib/libssl/man/SSL_CTX_new.3
  stable/11/secure/lib/libssl/man/SSL_CTX_sess_number.3
  stable/11/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3
  stable/11/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3
  stable/11/secure/lib/libssl/man/SSL_CTX_sessions.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set1_curves.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set1_verify_cert_store.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_cert_cb.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_cert_store.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_custom_cli_ext.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_info_callback.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_mode.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_options.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_psk_client_callback.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_read_ahead.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_timeout.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3
  stable/11/secure/lib/libssl/man/SSL_CTX_set_verify.3
  stable/11/secure/lib/libssl/man/SSL_CTX_use_certificate.3
  stable/11/secure/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3
  stable/11/secure/lib/libssl/man/SSL_CTX_use_serverinfo.3
  stable/11/secure/lib/libssl/man/SSL_SESSION_free.3
  stable/11/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3
  stable/11/secure/lib/libssl/man/SSL_SESSION_get_time.3
  stable/11/secure/lib/libssl/man/SSL_accept.3
  stable/11/secure/lib/libssl/man/SSL_alert_type_string.3
  stable/11/secure/lib/libssl/man/SSL_check_chain.3
  stable/11/secure/lib/libssl/man/SSL_clear.3
  stable/11/secure/lib/libssl/man/SSL_connect.3
  stable/11/secure/lib/libssl/man/SSL_do_handshake.3
  stable/11/secure/lib/libssl/man/SSL_export_keying_material.3
  stable/11/secure/lib/libssl/man/SSL_free.3
  stable/11/secure/lib/libssl/man/SSL_get_SSL_CTX.3
  stable/11/secure/lib/libssl/man/SSL_get_ciphers.3
  stable/11/secure/lib/libssl/man/SSL_get_client_CA_list.3
  stable/11/secure/lib/libssl/man/SSL_get_current_cipher.3
  stable/11/secure/lib/libssl/man/SSL_get_default_timeout.3
  stable/11/secure/lib/libssl/man/SSL_get_error.3
  stable/11/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3
  stable/11/secure/lib/libssl/man/SSL_get_ex_new_index.3
  stable/11/secure/lib/libssl/man/SSL_get_fd.3
  stable/11/secure/lib/libssl/man/SSL_get_peer_cert_chain.3
  stable/11/secure/lib/libssl/man/SSL_get_peer_certificate.3
  stable/11/secure/lib/libssl/man/SSL_get_psk_identity.3
  stable/11/secure/lib/libssl/man/SSL_get_rbio.3
  stable/11/secure/lib/libssl/man/SSL_get_session.3
  stable/11/secure/lib/libssl/man/SSL_get_verify_result.3
  stable/11/secure/lib/libssl/man/SSL_get_version.3
  stable/11/secure/lib/libssl/man/SSL_library_init.3
  stable/11/secure/lib/libssl/man/SSL_load_client_CA_file.3
  stable/11/secure/lib/libssl/man/SSL_new.3
  stable/11/secure/lib/libssl/man/SSL_pending.3
  stable/11/secure/lib/libssl/man/SSL_read.3
  stable/11/secure/lib/libssl/man/SSL_rstate_string.3
  stable/11/secure/lib/libssl/man/SSL_session_reused.3
  stable/11/secure/lib/libssl/man/SSL_set_bio.3
  stable/11/secure/lib/libssl/man/SSL_set_connect_state.3
  stable/11/secure/lib/libssl/man/SSL_set_fd.3
  stable/11/secure/lib/libssl/man/SSL_set_session.3
  stable/11/secure/lib/libssl/man/SSL_set_shutdown.3
  stable/11/secure/lib/libssl/man/SSL_set_verify_result.3
  stable/11/secure/lib/libssl/man/SSL_shutdown.3
  stable/11/secure/lib/libssl/man/SSL_state_string.3
  stable/11/secure/lib/libssl/man/SSL_want.3
  stable/11/secure/lib/libssl/man/SSL_write.3
  stable/11/secure/lib/libssl/man/d2i_SSL_SESSION.3
  stable/11/secure/lib/libssl/man/ssl.3
  stable/11/secure/usr.bin/openssl/man/CA.pl.1
  stable/11/secure/usr.bin/openssl/man/asn1parse.1
  stable/11/secure/usr.bin/openssl/man/ca.1
  stable/11/secure/usr.bin/openssl/man/ciphers.1
  stable/11/secure/usr.bin/openssl/man/cms.1
  stable/11/secure/usr.bin/openssl/man/crl.1
  stable/11/secure/usr.bin/openssl/man/crl2pkcs7.1
  stable/11/secure/usr.bin/openssl/man/dgst.1
  stable/11/secure/usr.bin/openssl/man/dhparam.1
  stable/11/secure/usr.bin/openssl/man/dsa.1
  stable/11/secure/usr.bin/openssl/man/dsaparam.1
  stable/11/secure/usr.bin/openssl/man/ec.1
  stable/11/secure/usr.bin/openssl/man/ecparam.1
  stable/11/secure/usr.bin/openssl/man/enc.1
  stable/11/secure/usr.bin/openssl/man/errstr.1
  stable/11/secure/usr.bin/openssl/man/gendsa.1
  stable/11/secure/usr.bin/openssl/man/genpkey.1
  stable/11/secure/usr.bin/openssl/man/genrsa.1
  stable/11/secure/usr.bin/openssl/man/nseq.1
  stable/11/secure/usr.bin/openssl/man/ocsp.1
  stable/11/secure/usr.bin/openssl/man/openssl.1
  stable/11/secure/usr.bin/openssl/man/passwd.1
  stable/11/secure/usr.bin/openssl/man/pkcs12.1
  stable/11/secure/usr.bin/openssl/man/pkcs7.1
  stable/11/secure/usr.bin/openssl/man/pkcs8.1
  stable/11/secure/usr.bin/openssl/man/pkey.1
  stable/11/secure/usr.bin/openssl/man/pkeyparam.1
  stable/11/secure/usr.bin/openssl/man/pkeyutl.1
  stable/11/secure/usr.bin/openssl/man/rand.1
  stable/11/secure/usr.bin/openssl/man/req.1
  stable/11/secure/usr.bin/openssl/man/rsa.1
  stable/11/secure/usr.bin/openssl/man/rsautl.1
  stable/11/secure/usr.bin/openssl/man/s_client.1
  stable/11/secure/usr.bin/openssl/man/s_server.1
  stable/11/secure/usr.bin/openssl/man/s_time.1
  stable/11/secure/usr.bin/openssl/man/sess_id.1
  stable/11/secure/usr.bin/openssl/man/smime.1
  stable/11/secure/usr.bin/openssl/man/speed.1
  stable/11/secure/usr.bin/openssl/man/spkac.1
  stable/11/secure/usr.bin/openssl/man/ts.1
  stable/11/secure/usr.bin/openssl/man/tsget.1
  stable/11/secure/usr.bin/openssl/man/verify.1
  stable/11/secure/usr.bin/openssl/man/version.1
  stable/11/secure/usr.bin/openssl/man/x509.1
  stable/11/secure/usr.bin/openssl/man/x509v3_config.1

Modified: stable/11/crypto/openssl/CHANGES
==============================================================================
--- stable/11/crypto/openssl/CHANGES	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/crypto/openssl/CHANGES	Thu Jan  2 21:35:28 2020	(r356290)
@@ -7,6 +7,20 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.0.2t and 1.0.2u [20 Dec 2019]
+
+  *) Fixed an an overflow bug in the x64_64 Montgomery squaring procedure
+     used in exponentiation with 512-bit moduli. No EC algorithms are
+     affected. Analysis suggests that attacks against 2-prime RSA1024,
+     3-prime RSA1536, and DSA1024 as a result of this defect would be very
+     difficult to perform and are not believed likely. Attacks against DH512
+     are considered just feasible. However, for an attack the target would
+     have to re-use the DH512 private key, which is not recommended anyway.
+     Also applications directly using the low level API BN_mod_exp may be
+     affected if they use BN_FLG_CONSTTIME.
+     (CVE-2019-1551)
+     [Andy Polyakov]
+
  Changes between 1.0.2s and 1.0.2t [10 Sep 2019]
 
    *) For built-in EC curves, ensure an EC_GROUP built from the curve name is

Modified: stable/11/crypto/openssl/Makefile
==============================================================================
--- stable/11/crypto/openssl/Makefile	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/crypto/openssl/Makefile	Thu Jan  2 21:35:28 2020	(r356290)
@@ -4,7 +4,7 @@
 ## Makefile for OpenSSL
 ##
 
-VERSION=1.0.2t
+VERSION=1.0.2u
 MAJOR=1
 MINOR=0.2
 SHLIB_VERSION_NUMBER=1.0.0

Modified: stable/11/crypto/openssl/NEWS
==============================================================================
--- stable/11/crypto/openssl/NEWS	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/crypto/openssl/NEWS	Thu Jan  2 21:35:28 2020	(r356290)
@@ -5,6 +5,11 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.0.2t and OpenSSL 1.0.2u [20 Dec 2019]
+
+      o Fixed an an overflow bug in the x64_64 Montgomery squaring procedure
+        used in exponentiation with 512-bit moduli (CVE-2019-1551)
+
   Major changes between OpenSSL 1.0.2s and OpenSSL 1.0.2t [10 Sep 2019]
 
       o Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey

Modified: stable/11/crypto/openssl/README
==============================================================================
--- stable/11/crypto/openssl/README	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/crypto/openssl/README	Thu Jan  2 21:35:28 2020	(r356290)
@@ -1,5 +1,5 @@
 
- OpenSSL 1.0.2t 10 Sep 2019
+ OpenSSL 1.0.2u 20 Dec 2019
 
  Copyright (c) 1998-2019 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

Modified: stable/11/crypto/openssl/apps/s_server.c
==============================================================================
--- stable/11/crypto/openssl/apps/s_server.c	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/crypto/openssl/apps/s_server.c	Thu Jan  2 21:35:28 2020	(r356290)
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2018 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2019 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -3045,6 +3045,12 @@ static int www_body(int s, int stype, unsigned char *c
                 if (e[0] == ' ')
                     break;
 
+                if (e[0] == ':') {
+                    /* Windows drive. We treat this the same way as ".." */
+                    dot = -1;
+                    break;
+                }
+
                 switch (dot) {
                 case 1:
                     dot = (e[0] == '.') ? 2 : 0;
@@ -3053,11 +3059,11 @@ static int www_body(int s, int stype, unsigned char *c
                     dot = (e[0] == '.') ? 3 : 0;
                     break;
                 case 3:
-                    dot = (e[0] == '/') ? -1 : 0;
+                    dot = (e[0] == '/' || e[0] == '\\') ? -1 : 0;
                     break;
                 }
                 if (dot == 0)
-                    dot = (e[0] == '/') ? 1 : 0;
+                    dot = (e[0] == '/' || e[0] == '\\') ? 1 : 0;
             }
             dot = (dot == 3) || (dot == -1); /* filename contains ".."
                                               * component */
@@ -3071,11 +3077,11 @@ static int www_body(int s, int stype, unsigned char *c
 
             if (dot) {
                 BIO_puts(io, text);
-                BIO_printf(io, "'%s' contains '..' reference\r\n", p);
+                BIO_printf(io, "'%s' contains '..' or ':'\r\n", p);
                 break;
             }
 
-            if (*p == '/') {
+            if (*p == '/' || *p == '\\') {
                 BIO_puts(io, text);
                 BIO_printf(io, "'%s' is an invalid path\r\n", p);
                 break;

Modified: stable/11/crypto/openssl/appveyor.yml
==============================================================================
--- stable/11/crypto/openssl/appveyor.yml	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/crypto/openssl/appveyor.yml	Thu Jan  2 21:35:28 2020	(r356290)
@@ -15,7 +15,7 @@ configuration:
     - shared
 
 matrix:
-    allow_failures:
+    exclude:
         - platform: x64
           VSVER: 9
         - platform: x64

Modified: stable/11/crypto/openssl/crypto/asn1/x_bignum.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/x_bignum.c	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/crypto/openssl/crypto/asn1/x_bignum.c	Thu Jan  2 21:35:28 2020	(r356290)
@@ -4,7 +4,7 @@
  * 2000.
  */
 /* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2019 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -102,7 +102,7 @@ ASN1_ITEM_end(CBIGNUM)
 static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
 {
     *pval = (ASN1_VALUE *)BN_new();
-    if (*pval)
+    if (*pval != NULL)
         return 1;
     else
         return 0;
@@ -110,7 +110,7 @@ static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *
 
 static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
 {
-    if (!*pval)
+    if (*pval == NULL)
         return;
     if (it->size & BN_SENSITIVE)
         BN_clear_free((BIGNUM *)*pval);
@@ -124,7 +124,7 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *co
 {
     BIGNUM *bn;
     int pad;
-    if (!*pval)
+    if (*pval == NULL)
         return -1;
     bn = (BIGNUM *)*pval;
     /* If MSB set in an octet we need a padding byte */

Modified: stable/11/crypto/openssl/crypto/bn/asm/rsaz-x86_64.pl
==============================================================================
--- stable/11/crypto/openssl/crypto/bn/asm/rsaz-x86_64.pl	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/crypto/openssl/crypto/bn/asm/rsaz-x86_64.pl	Thu Jan  2 21:35:28 2020	(r356290)
@@ -140,7 +140,7 @@ rsaz_512_sqr:				# 25-29% faster than rsaz_512_mul
 
 	subq	\$128+24, %rsp
 .Lsqr_body:
-	movq	$mod, %rbp		# common argument
+	movq	$mod, %xmm1		# common off-load
 	movq	($inp), %rdx
 	movq	8($inp), %rax
 	movq	$n0, 128(%rsp)
@@ -158,7 +158,8 @@ $code.=<<___;
 .Loop_sqr:
 	movl	$times,128+8(%rsp)
 #first iteration
-	movq	%rdx, %rbx
+	movq	%rdx, %rbx		# 0($inp)
+	mov	%rax, %rbp		# 8($inp)
 	mulq	%rdx
 	movq	%rax, %r8
 	movq	16($inp), %rax
@@ -197,31 +198,29 @@ $code.=<<___;
 	mulq	%rbx
 	addq	%rax, %r14
 	movq	%rbx, %rax
-	movq	%rdx, %r15
-	adcq	\$0, %r15
+	adcq	\$0, %rdx
 
-	addq	%r8, %r8		#shlq	\$1, %r8
-	movq	%r9, %rcx
-	adcq	%r9, %r9		#shld	\$1, %r8, %r9
+	xorq	%rcx,%rcx		# rcx:r8 = r8 << 1
+	addq	%r8, %r8
+	 movq	%rdx, %r15
+	adcq	\$0, %rcx
 
 	mulq	%rax
+	addq	%r8, %rdx
+	adcq	\$0, %rcx
+
 	movq	%rax, (%rsp)
-	addq	%rdx, %r8
-	adcq	\$0, %r9
+	movq	%rdx, 8(%rsp)
 
-	movq	%r8, 8(%rsp)
-	shrq	\$63, %rcx
-
 #second iteration
-	movq	8($inp), %r8
 	movq	16($inp), %rax
-	mulq	%r8
+	mulq	%rbp
 	addq	%rax, %r10
 	movq	24($inp), %rax
 	movq	%rdx, %rbx
 	adcq	\$0, %rbx
 
-	mulq	%r8
+	mulq	%rbp
 	addq	%rax, %r11
 	movq	32($inp), %rax
 	adcq	\$0, %rdx
@@ -229,7 +228,7 @@ $code.=<<___;
 	movq	%rdx, %rbx
 	adcq	\$0, %rbx
 
-	mulq	%r8
+	mulq	%rbp
 	addq	%rax, %r12
 	movq	40($inp), %rax
 	adcq	\$0, %rdx
@@ -237,7 +236,7 @@ $code.=<<___;
 	movq	%rdx, %rbx
 	adcq	\$0, %rbx
 
-	mulq	%r8
+	mulq	%rbp
 	addq	%rax, %r13
 	movq	48($inp), %rax
 	adcq	\$0, %rdx
@@ -245,7 +244,7 @@ $code.=<<___;
 	movq	%rdx, %rbx
 	adcq	\$0, %rbx
 
-	mulq	%r8
+	mulq	%rbp
 	addq	%rax, %r14
 	movq	56($inp), %rax
 	adcq	\$0, %rdx
@@ -253,39 +252,39 @@ $code.=<<___;
 	movq	%rdx, %rbx
 	adcq	\$0, %rbx
 
-	mulq	%r8
+	mulq	%rbp
 	addq	%rax, %r15
-	movq	%r8, %rax
+	movq	%rbp, %rax
 	adcq	\$0, %rdx
 	addq	%rbx, %r15
-	movq	%rdx, %r8
-	movq	%r10, %rdx
-	adcq	\$0, %r8
+	adcq	\$0, %rdx
 
-	add	%rdx, %rdx
-	lea	(%rcx,%r10,2), %r10	#shld	\$1, %rcx, %r10
-	movq	%r11, %rbx
-	adcq	%r11, %r11		#shld	\$1, %r10, %r11
+	xorq	%rbx, %rbx		# rbx:r10:r9 = r10:r9 << 1
+	addq	%r9, %r9
+	 movq	%rdx, %r8
+	adcq	%r10, %r10
+	adcq	\$0, %rbx
 
 	mulq	%rax
+	# rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	addq	%rcx, %rax
+	 movq	16($inp), %rbp
 	addq	%rax, %r9
+	 movq	24($inp), %rax
 	adcq	%rdx, %r10
-	adcq	\$0, %r11
+	adcq	\$0, %rbx
 
 	movq	%r9, 16(%rsp)
 	movq	%r10, 24(%rsp)
-	shrq	\$63, %rbx
-	
+
 #third iteration
-	movq	16($inp), %r9	
-	movq	24($inp), %rax
-	mulq	%r9
+	mulq	%rbp
 	addq	%rax, %r12
 	movq	32($inp), %rax
 	movq	%rdx, %rcx
 	adcq	\$0, %rcx
 
-	mulq	%r9
+	mulq	%rbp
 	addq	%rax, %r13
 	movq	40($inp), %rax
 	adcq	\$0, %rdx
@@ -293,7 +292,7 @@ $code.=<<___;
 	movq	%rdx, %rcx
 	adcq	\$0, %rcx
 
-	mulq	%r9
+	mulq	%rbp
 	addq	%rax, %r14
 	movq	48($inp), %rax
 	adcq	\$0, %rdx
@@ -301,9 +300,7 @@ $code.=<<___;
 	movq	%rdx, %rcx
 	adcq	\$0, %rcx
 
-	mulq	%r9
-	 movq	%r12, %r10
-	 lea	(%rbx,%r12,2), %r12	#shld	\$1, %rbx, %r12
+	mulq	%rbp
 	addq	%rax, %r15
 	movq	56($inp), %rax
 	adcq	\$0, %rdx
@@ -311,36 +308,40 @@ $code.=<<___;
 	movq	%rdx, %rcx
 	adcq	\$0, %rcx
 
-	mulq	%r9
-	 shrq	\$63, %r10
+	mulq	%rbp
 	addq	%rax, %r8
-	movq	%r9, %rax
+	movq	%rbp, %rax
 	adcq	\$0, %rdx
 	addq	%rcx, %r8
-	movq	%rdx, %r9
-	adcq	\$0, %r9
+	adcq	\$0, %rdx
 
-	movq	%r13, %rcx
-	leaq	(%r10,%r13,2), %r13	#shld	\$1, %r12, %r13
+	xorq	%rcx, %rcx		# rcx:r12:r11 = r12:r11 << 1
+	addq	%r11, %r11
+	 movq	%rdx, %r9
+	adcq	%r12, %r12
+	adcq	\$0, %rcx
 
 	mulq	%rax
+	# rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	addq	%rbx, %rax
+	 movq	24($inp), %r10
 	addq	%rax, %r11
+	 movq	32($inp), %rax
 	adcq	%rdx, %r12
-	adcq	\$0, %r13
+	adcq	\$0, %rcx
 
 	movq	%r11, 32(%rsp)
 	movq	%r12, 40(%rsp)
-	shrq	\$63, %rcx
 
 #fourth iteration
-	movq	24($inp), %r10
-	movq	32($inp), %rax
+	mov	%rax, %r11		# 32($inp)
 	mulq	%r10
 	addq	%rax, %r14
 	movq	40($inp), %rax
 	movq	%rdx, %rbx
 	adcq	\$0, %rbx
 
+	mov	%rax, %r12		# 40($inp)
 	mulq	%r10
 	addq	%rax, %r15
 	movq	48($inp), %rax
@@ -349,9 +350,8 @@ $code.=<<___;
 	movq	%rdx, %rbx
 	adcq	\$0, %rbx
 
+	mov	%rax, %rbp		# 48($inp)
 	mulq	%r10
-	 movq	%r14, %r12
-	 leaq	(%rcx,%r14,2), %r14	#shld	\$1, %rcx, %r14
 	addq	%rax, %r8
 	movq	56($inp), %rax
 	adcq	\$0, %rdx
@@ -360,32 +360,33 @@ $code.=<<___;
 	adcq	\$0, %rbx
 
 	mulq	%r10
-	 shrq	\$63, %r12
 	addq	%rax, %r9
 	movq	%r10, %rax
 	adcq	\$0, %rdx
 	addq	%rbx, %r9
-	movq	%rdx, %r10
-	adcq	\$0, %r10
+	adcq	\$0, %rdx
 
-	movq	%r15, %rbx
-	leaq	(%r12,%r15,2),%r15	#shld	\$1, %r14, %r15
+	xorq	%rbx, %rbx		# rbx:r13:r14 = r13:r14 << 1
+	addq	%r13, %r13
+	 movq	%rdx, %r10
+	adcq	%r14, %r14
+	adcq	\$0, %rbx
 
 	mulq	%rax
+	# rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	addq	%rcx, %rax
 	addq	%rax, %r13
+	 movq	%r12, %rax		# 40($inp)
 	adcq	%rdx, %r14
-	adcq	\$0, %r15
+	adcq	\$0, %rbx
 
 	movq	%r13, 48(%rsp)
 	movq	%r14, 56(%rsp)
-	shrq	\$63, %rbx
 
 #fifth iteration
-	movq	32($inp), %r11
-	movq	40($inp), %rax
 	mulq	%r11
 	addq	%rax, %r8
-	movq	48($inp), %rax
+	movq	%rbp, %rax		# 48($inp)
 	movq	%rdx, %rcx
 	adcq	\$0, %rcx
 
@@ -393,98 +394,100 @@ $code.=<<___;
 	addq	%rax, %r9
 	movq	56($inp), %rax
 	adcq	\$0, %rdx
-	 movq	%r8, %r12
-	 leaq	(%rbx,%r8,2), %r8	#shld	\$1, %rbx, %r8
 	addq	%rcx, %r9
 	movq	%rdx, %rcx
 	adcq	\$0, %rcx
 
+	mov	%rax, %r14		# 56($inp)
 	mulq	%r11
-	 shrq	\$63, %r12
 	addq	%rax, %r10
 	movq	%r11, %rax
 	adcq	\$0, %rdx
 	addq	%rcx, %r10
-	movq	%rdx, %r11
-	adcq	\$0, %r11
+	adcq	\$0, %rdx
 
-	movq	%r9, %rcx
-	leaq	(%r12,%r9,2), %r9	#shld	\$1, %r8, %r9
+	xorq	%rcx, %rcx		# rcx:r8:r15 = r8:r15 << 1
+	addq	%r15, %r15
+	 movq	%rdx, %r11
+	adcq	%r8, %r8
+	adcq	\$0, %rcx
 
 	mulq	%rax
+	# rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	addq	%rbx, %rax
 	addq	%rax, %r15
+	 movq	%rbp, %rax		# 48($inp)
 	adcq	%rdx, %r8
-	adcq	\$0, %r9
+	adcq	\$0, %rcx
 
 	movq	%r15, 64(%rsp)
 	movq	%r8, 72(%rsp)
-	shrq	\$63, %rcx
 
 #sixth iteration
-	movq	40($inp), %r12
-	movq	48($inp), %rax
 	mulq	%r12
 	addq	%rax, %r10
-	movq	56($inp), %rax
+	movq	%r14, %rax		# 56($inp)
 	movq	%rdx, %rbx
 	adcq	\$0, %rbx
 
 	mulq	%r12
 	addq	%rax, %r11
 	movq	%r12, %rax
-	 movq	%r10, %r15
-	 leaq	(%rcx,%r10,2), %r10	#shld	\$1, %rcx, %r10
 	adcq	\$0, %rdx
-	 shrq	\$63, %r15
 	addq	%rbx, %r11
-	movq	%rdx, %r12
-	adcq	\$0, %r12
+	adcq	\$0, %rdx
 
-	movq	%r11, %rbx
-	leaq	(%r15,%r11,2), %r11	#shld	\$1, %r10, %r11
+	xorq	%rbx, %rbx		# rbx:r10:r9 = r10:r9 << 1
+	addq	%r9, %r9
+	 movq	%rdx, %r12
+	adcq	%r10, %r10
+	adcq	\$0, %rbx
 
 	mulq	%rax
+	# rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	addq	%rcx, %rax
 	addq	%rax, %r9
+	 movq	%r14, %rax		# 56($inp)
 	adcq	%rdx, %r10
-	adcq	\$0, %r11
+	adcq	\$0, %rbx
 
 	movq	%r9, 80(%rsp)
 	movq	%r10, 88(%rsp)
 
 #seventh iteration
-	movq	48($inp), %r13
-	movq	56($inp), %rax
-	mulq	%r13
+	mulq	%rbp
 	addq	%rax, %r12
-	movq	%r13, %rax
-	movq	%rdx, %r13
-	adcq	\$0, %r13
+	movq	%rbp, %rax
+	adcq	\$0, %rdx
 
-	xorq	%r14, %r14
-	shlq	\$1, %rbx
-	adcq	%r12, %r12		#shld	\$1, %rbx, %r12
-	adcq	%r13, %r13		#shld	\$1, %r12, %r13
-	adcq	%r14, %r14		#shld	\$1, %r13, %r14
+	xorq	%rcx, %rcx		# rcx:r12:r11 = r12:r11 << 1
+	addq	%r11, %r11
+	 movq	%rdx, %r13
+	adcq	%r12, %r12
+	adcq	\$0, %rcx
 
 	mulq	%rax
+	# rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	addq	%rbx, %rax
 	addq	%rax, %r11
+	 movq	%r14, %rax		# 56($inp)
 	adcq	%rdx, %r12
-	adcq	\$0, %r13
+	adcq	\$0, %rcx
 
 	movq	%r11, 96(%rsp)
 	movq	%r12, 104(%rsp)
 
 #eighth iteration
-	movq	56($inp), %rax
+	xorq	%rbx, %rbx		# rbx:r13 = r13 << 1
+	addq	%r13, %r13
+	adcq	\$0, %rbx
+
 	mulq	%rax
-	addq	%rax, %r13
-	adcq	\$0, %rdx
+	# rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	addq	%rcx, %rax
+	addq	%r13, %rax
+	adcq	%rbx, %rdx
 
-	addq	%rdx, %r14
-
-	movq	%r13, 112(%rsp)
-	movq	%r14, 120(%rsp)
-
 	movq	(%rsp), %r8
 	movq	8(%rsp), %r9
 	movq	16(%rsp), %r10
@@ -493,7 +496,11 @@ $code.=<<___;
 	movq	40(%rsp), %r13
 	movq	48(%rsp), %r14
 	movq	56(%rsp), %r15
+	movq	%xmm1, %rbp
 
+	movq	%rax, 112(%rsp)
+	movq	%rdx, 120(%rsp)
+
 	call	__rsaz_512_reduce
 
 	addq	64(%rsp), %r8
@@ -524,9 +531,9 @@ $code.=<<___;
 .Loop_sqrx:
 	movl	$times,128+8(%rsp)
 	movq	$out, %xmm0		# off-load
-	movq	%rbp, %xmm1		# off-load
-#first iteration	
+#first iteration
 	mulx	%rax, %r8, %r9
+	mov	%rax, %rbx
 
 	mulx	16($inp), %rcx, %r10
 	xor	%rbp, %rbp		# cf=0, of=0
@@ -534,40 +541,39 @@ $code.=<<___;
 	mulx	24($inp), %rax, %r11
 	adcx	%rcx, %r9
 
-	mulx	32($inp), %rcx, %r12
+	.byte	0xc4,0x62,0xf3,0xf6,0xa6,0x20,0x00,0x00,0x00	# mulx	32($inp), %rcx, %r12
 	adcx	%rax, %r10
 
-	mulx	40($inp), %rax, %r13
+	.byte	0xc4,0x62,0xfb,0xf6,0xae,0x28,0x00,0x00,0x00	# mulx	40($inp), %rax, %r13
 	adcx	%rcx, %r11
 
-	.byte	0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00	# mulx	48($inp), %rcx, %r14
+	mulx	48($inp), %rcx, %r14
 	adcx	%rax, %r12
 	adcx	%rcx, %r13
 
-	.byte	0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00	# mulx	56($inp), %rax, %r15
+	mulx	56($inp), %rax, %r15
 	adcx	%rax, %r14
 	adcx	%rbp, %r15		# %rbp is 0
 
-	mov	%r9, %rcx
-	shld	\$1, %r8, %r9
-	shl	\$1, %r8
+	mulx	%rdx, %rax, $out
+	 mov	%rbx, %rdx		# 8($inp)
+	xor	%rcx, %rcx
+	adox	%r8, %r8
+	adcx	$out, %r8
+	adox	%rbp, %rcx
+	adcx	%rbp, %rcx
 
-	xor	%ebp, %ebp
-	mulx	%rdx, %rax, %rdx
-	adcx	%rdx, %r8
-	 mov	8($inp), %rdx
-	adcx	%rbp, %r9
-
 	mov	%rax, (%rsp)
 	mov	%r8, 8(%rsp)
 
-#second iteration	
-	mulx	16($inp), %rax, %rbx
+#second iteration
+	.byte	0xc4,0xe2,0xfb,0xf6,0x9e,0x10,0x00,0x00,0x00	# mulx	16($inp), %rax, %rbx
 	adox	%rax, %r10
 	adcx	%rbx, %r11
 
-	.byte	0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00	# mulx	24($inp), $out, %r8
+	mulx	24($inp), $out, %r8
 	adox	$out, %r11
+	.byte	0x66
 	adcx	%r8, %r12
 
 	mulx	32($inp), %rax, %rbx
@@ -585,24 +591,25 @@ $code.=<<___;
 	.byte	0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00	# mulx	56($inp), $out, %r8
 	adox	$out, %r15
 	adcx	%rbp, %r8
+	 mulx	%rdx, %rax, $out
 	adox	%rbp, %r8
+	 .byte	0x48,0x8b,0x96,0x10,0x00,0x00,0x00		# mov	16($inp), %rdx
 
-	mov	%r11, %rbx
-	shld	\$1, %r10, %r11
-	shld	\$1, %rcx, %r10
-
-	xor	%ebp,%ebp
-	mulx	%rdx, %rax, %rcx
-	 mov	16($inp), %rdx
+	xor	%rbx, %rbx
+	 adox	%r9, %r9
+	# rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	adcx	%rcx, %rax
+	adox	%r10, %r10
 	adcx	%rax, %r9
-	adcx	%rcx, %r10
-	adcx	%rbp, %r11
+	adox	%rbp, %rbx
+	adcx	$out, %r10
+	adcx	%rbp, %rbx
 
 	mov	%r9, 16(%rsp)
 	.byte	0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00		# mov	%r10, 24(%rsp)
-	
-#third iteration	
-	.byte	0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00	# mulx	24($inp), $out, %r9
+
+#third iteration
+	mulx	24($inp), $out, %r9
 	adox	$out, %r12
 	adcx	%r9, %r13
 
@@ -610,7 +617,7 @@ $code.=<<___;
 	adox	%rax, %r13
 	adcx	%rcx, %r14
 
-	mulx	40($inp), $out, %r9
+	.byte	0xc4,0x62,0xc3,0xf6,0x8e,0x28,0x00,0x00,0x00	# mulx	40($inp), $out, %r9
 	adox	$out, %r14
 	adcx	%r9, %r15
 
@@ -618,27 +625,28 @@ $code.=<<___;
 	adox	%rax, %r15
 	adcx	%rcx, %r8
 
-	.byte	0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00	# mulx	56($inp), $out, %r9
+	mulx	56($inp), $out, %r9
 	adox	$out, %r8
 	adcx	%rbp, %r9
+	 mulx	%rdx, %rax, $out
 	adox	%rbp, %r9
+	 mov	24($inp), %rdx
 
-	mov	%r13, %rcx
-	shld	\$1, %r12, %r13
-	shld	\$1, %rbx, %r12
-
-	xor	%ebp, %ebp
-	mulx	%rdx, %rax, %rdx
+	xor	%rcx, %rcx
+	 adox	%r11, %r11
+	# rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	adcx	%rbx, %rax
+	adox	%r12, %r12
 	adcx	%rax, %r11
-	adcx	%rdx, %r12
-	 mov	24($inp), %rdx
-	adcx	%rbp, %r13
+	adox	%rbp, %rcx
+	adcx	$out, %r12
+	adcx	%rbp, %rcx
 
 	mov	%r11, 32(%rsp)
-	.byte	0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00		# mov	%r12, 40(%rsp)
-	
-#fourth iteration	
-	.byte	0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00	# mulx	32($inp), %rax, %rbx
+	mov	%r12, 40(%rsp)
+
+#fourth iteration
+	mulx	32($inp), %rax, %rbx
 	adox	%rax, %r14
 	adcx	%rbx, %r15
 
@@ -653,25 +661,25 @@ $code.=<<___;
 	mulx	56($inp), $out, %r10
 	adox	$out, %r9
 	adcx	%rbp, %r10
+	 mulx	%rdx, %rax, $out
 	adox	%rbp, %r10
+	 mov	32($inp), %rdx
 
-	.byte	0x66
-	mov	%r15, %rbx
-	shld	\$1, %r14, %r15
-	shld	\$1, %rcx, %r14
-
-	xor	%ebp, %ebp
-	mulx	%rdx, %rax, %rdx
+	xor	%rbx, %rbx
+	 adox	%r13, %r13
+	# rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	adcx	%rcx, %rax
+	adox	%r14, %r14
 	adcx	%rax, %r13
-	adcx	%rdx, %r14
-	 mov	32($inp), %rdx
-	adcx	%rbp, %r15
+	adox	%rbp, %rbx
+	adcx	$out, %r14
+	adcx	%rbp, %rbx
 
 	mov	%r13, 48(%rsp)
 	mov	%r14, 56(%rsp)
-	
-#fifth iteration	
-	.byte	0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00	# mulx	40($inp), $out, %r11
+
+#fifth iteration
+	mulx	40($inp), $out, %r11
 	adox	$out, %r8
 	adcx	%r11, %r9
 
@@ -682,18 +690,19 @@ $code.=<<___;
 	mulx	56($inp), $out, %r11
 	adox	$out, %r10
 	adcx	%rbp, %r11
+	 mulx	%rdx, %rax, $out
+	 mov	40($inp), %rdx
 	adox	%rbp, %r11
 
-	mov	%r9, %rcx
-	shld	\$1, %r8, %r9
-	shld	\$1, %rbx, %r8
-
-	xor	%ebp, %ebp
-	mulx	%rdx, %rax, %rdx
+	xor	%rcx, %rcx
+	 adox	%r15, %r15
+	# rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	adcx	%rbx, %rax
+	adox	%r8, %r8
 	adcx	%rax, %r15
-	adcx	%rdx, %r8
-	 mov	40($inp), %rdx
-	adcx	%rbp, %r9
+	adox	%rbp, %rcx
+	adcx	$out, %r8
+	adcx	%rbp, %rcx
 
 	mov	%r15, 64(%rsp)
 	mov	%r8, 72(%rsp)
@@ -706,18 +715,19 @@ $code.=<<___;
 	.byte	0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00	# mulx	56($inp), $out, %r12
 	adox	$out, %r11
 	adcx	%rbp, %r12
+	 mulx	%rdx, %rax, $out
 	adox	%rbp, %r12
+	 mov	48($inp), %rdx
 
-	mov	%r11, %rbx
-	shld	\$1, %r10, %r11
-	shld	\$1, %rcx, %r10
-
-	xor	%ebp, %ebp
-	mulx	%rdx, %rax, %rdx
+	xor	%rbx, %rbx
+	 adox	%r9, %r9
+	# rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	adcx	%rcx, %rax
+	adox	%r10, %r10
 	adcx	%rax, %r9
-	adcx	%rdx, %r10
-	 mov	48($inp), %rdx
-	adcx	%rbp, %r11
+	adcx	$out, %r10
+	adox	%rbp, %rbx
+	adcx	%rbp, %rbx
 
 	mov	%r9, 80(%rsp)
 	mov	%r10, 88(%rsp)
@@ -727,31 +737,31 @@ $code.=<<___;
 	adox	%rax, %r12
 	adox	%rbp, %r13
 
-	xor	%r14, %r14
-	shld	\$1, %r13, %r14
-	shld	\$1, %r12, %r13
-	shld	\$1, %rbx, %r12
-
-	xor	%ebp, %ebp
-	mulx	%rdx, %rax, %rdx
-	adcx	%rax, %r11
-	adcx	%rdx, %r12
+	mulx	%rdx, %rax, $out
+	xor	%rcx, %rcx
 	 mov	56($inp), %rdx
-	adcx	%rbp, %r13
+	 adox	%r11, %r11
+	# rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	adcx	%rbx, %rax
+	adox	%r12, %r12
+	adcx	%rax, %r11
+	adox	%rbp, %rcx
+	adcx	$out, %r12
+	adcx	%rbp, %rcx
 
 	.byte	0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00		# mov	%r11, 96(%rsp)
 	.byte	0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00		# mov	%r12, 104(%rsp)
 
 #eighth iteration
 	mulx	%rdx, %rax, %rdx
-	adox	%rax, %r13
-	adox	%rbp, %rdx
+	xor	%rbx, %rbx
+	 adox	%r13, %r13
+	# rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+	adcx	%rcx, %rax
+	adox	%rbp, %rbx
+	adcx	%r13, %rax
+	adcx	%rdx, %rbx
 
-	.byte	0x66
-	add	%rdx, %r14
-
-	movq	%r13, 112(%rsp)
-	movq	%r14, 120(%rsp)
 	movq	%xmm0, $out
 	movq	%xmm1, %rbp
 
@@ -764,6 +774,9 @@ $code.=<<___;
 	movq	40(%rsp), %r13
 	movq	48(%rsp), %r14
 	movq	56(%rsp), %r15
+
+	movq	%rax, 112(%rsp)
+	movq	%rbx, 120(%rsp)
 
 	call	__rsaz_512_reducex
 

Modified: stable/11/crypto/openssl/crypto/cryptlib.c
==============================================================================
--- stable/11/crypto/openssl/crypto/cryptlib.c	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/crypto/openssl/crypto/cryptlib.c	Thu Jan  2 21:35:28 2020	(r356290)
@@ -1,6 +1,6 @@
 /* crypto/cryptlib.c */
 /* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2019 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -744,6 +744,11 @@ int OPENSSL_NONPIC_relocated = 0;
 #if !defined(OPENSSL_CPUID_SETUP) && !defined(OPENSSL_CPUID_OBJ)
 void OPENSSL_cpuid_setup(void)
 {
+}
+
+unsigned long OPENSSL_rdtsc(void)
+{
+    return 0;
 }
 #endif
 

Modified: stable/11/crypto/openssl/crypto/ec/ec_asn1.c
==============================================================================
--- stable/11/crypto/openssl/crypto/ec/ec_asn1.c	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/crypto/openssl/crypto/ec/ec_asn1.c	Thu Jan  2 21:35:28 2020	(r356290)
@@ -973,6 +973,20 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARA
          * 0x0 = OPENSSL_EC_EXPLICIT_CURVE
          */
         EC_GROUP_set_asn1_flag(ret, 0x0);
+
+        /*
+         * If the input params do not contain the optional seed field we make
+         * sure it is not added to the returned group.
+         *
+         * The seed field is not really used inside libcrypto anyway, and
+         * adding it to parsed explicit parameter keys would alter their DER
+         * encoding output (because of the extra field) which could impact
+         * applications fingerprinting keys by their DER encoding.
+         */
+        if (params->curve->seed == NULL) {
+            if (EC_GROUP_set_seed(ret, NULL, 0) != 1)
+                goto err;
+        }
     }
 
     ok = 1;

Modified: stable/11/crypto/openssl/crypto/opensslv.h
==============================================================================
--- stable/11/crypto/openssl/crypto/opensslv.h	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/crypto/openssl/crypto/opensslv.h	Thu Jan  2 21:35:28 2020	(r356290)
@@ -30,11 +30,11 @@ extern "C" {
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x1000214fL
+# define OPENSSL_VERSION_NUMBER  0x1000215fL
 # ifdef OPENSSL_FIPS
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2t-fips  10 Sep 2019"
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2u-fips  20 Dec 2019"
 # else
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2t-freebsd  10 Sep 2019"
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2u-freebsd  20 Dec 2019"
 # endif
 # define OPENSSL_VERSION_PTEXT   " part of " OPENSSL_VERSION_TEXT
 

Modified: stable/11/secure/lib/libcrypto/Makefile.inc
==============================================================================
--- stable/11/secure/lib/libcrypto/Makefile.inc	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/secure/lib/libcrypto/Makefile.inc	Thu Jan  2 21:35:28 2020	(r356290)
@@ -3,8 +3,8 @@
 .include <bsd.own.mk>
 
 # OpenSSL version used for manual page generation
-OPENSSL_VER=	1.0.2t
-OPENSSL_DATE=	2019-09-10
+OPENSSL_VER=	1.0.2u
+OPENSSL_DATE=	2019-12-20
 
 LCRYPTO_SRC=	${SRCTOP}/crypto/openssl
 LCRYPTO_DOC=	${LCRYPTO_SRC}/doc

Modified: stable/11/secure/lib/libcrypto/amd64/rsaz-x86_64.S
==============================================================================
--- stable/11/secure/lib/libcrypto/amd64/rsaz-x86_64.S	Thu Jan  2 21:34:44 2020	(r356289)
+++ stable/11/secure/lib/libcrypto/amd64/rsaz-x86_64.S	Thu Jan  2 21:35:28 2020	(r356290)
@@ -17,7 +17,7 @@ rsaz_512_sqr:
 
 	subq	$128+24,%rsp
 .Lsqr_body:
-	movq	%rdx,%rbp
+.byte	102,72,15,110,202
 	movq	(%rsi),%rdx
 	movq	8(%rsi),%rax
 	movq	%rcx,128(%rsp)
@@ -32,6 +32,7 @@ rsaz_512_sqr:
 	movl	%r8d,128+8(%rsp)
 
 	movq	%rdx,%rbx
+	movq	%rax,%rbp
 	mulq	%rdx
 	movq	%rax,%r8
 	movq	16(%rsi),%rax
@@ -70,31 +71,29 @@ rsaz_512_sqr:
 	mulq	%rbx
 	addq	%rax,%r14
 	movq	%rbx,%rax
-	movq	%rdx,%r15
-	adcq	$0,%r15
+	adcq	$0,%rdx

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***