git: vendor/OPENSSL Import OpenSSL 1.0.1n.
Sascha Wildner
swildner at crater.dragonflybsd.org
Thu Jun 11 12:44:19 PDT 2015
commit 25952ef9630b0828388a6b4180dc54899e136622
Author: Sascha Wildner <saw at online.de>
Date: Thu Jun 11 21:03:27 2015 +0200
Import OpenSSL 1.0.1n.
Fixes CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791,
and CVE-2015-1792.
Rejects DH handshakes with parameters shorter than 768 bits.
Summary of changes:
crypto/openssl/CHANGES | 71 ++++++
crypto/openssl/NEWS | 8 +
crypto/openssl/README | 2 +-
crypto/openssl/apps/apps.c | 6 +-
crypto/openssl/apps/asn1pars.c | 2 +-
crypto/openssl/apps/ca.c | 10 +-
crypto/openssl/apps/cms.c | 2 +
crypto/openssl/apps/dhparam.c | 4 +-
crypto/openssl/apps/enc.c | 13 +-
crypto/openssl/apps/gendh.c | 2 +-
crypto/openssl/apps/ocsp.c | 2 +
crypto/openssl/apps/s_cb.c | 3 +-
crypto/openssl/apps/s_client.c | 15 +-
crypto/openssl/apps/s_server.c | 73 +++++--
crypto/openssl/apps/s_time.c | 2 +-
crypto/openssl/apps/smime.c | 2 +
crypto/openssl/apps/srp.c | 4 +-
crypto/openssl/apps/verify.c | 2 +-
crypto/openssl/crypto/asn1/a_int.c | 6 +-
crypto/openssl/crypto/asn1/asn1_gen.c | 40 +++-
crypto/openssl/crypto/asn1/asn_mime.c | 3 +-
crypto/openssl/crypto/asn1/bio_ndef.c | 4 +-
crypto/openssl/crypto/asn1/tasn_new.c | 3 -
crypto/openssl/crypto/asn1/tasn_prn.c | 2 +-
crypto/openssl/crypto/asn1/x_x509.c | 4 +-
crypto/openssl/crypto/bio/b_print.c | 45 ++--
crypto/openssl/crypto/bio/bf_nbio.c | 6 +-
crypto/openssl/crypto/bio/bio_lib.c | 8 +-
crypto/openssl/crypto/bio/bss_dgram.c | 21 +-
crypto/openssl/crypto/bn/bn.h | 5 +
crypto/openssl/crypto/bn/bn_err.c | 6 +-
crypto/openssl/crypto/bn/bn_gf2m.c | 15 +-
crypto/openssl/crypto/bn/bn_lcl.h | 2 +-
crypto/openssl/crypto/bn/bn_print.c | 7 +-
crypto/openssl/crypto/bn/bn_rand.c | 10 +-
crypto/openssl/crypto/bn/bn_shift.c | 10 +
crypto/openssl/crypto/buffer/buffer.c | 2 +-
crypto/openssl/crypto/cmac/cmac.c | 2 +
crypto/openssl/crypto/cms/cms_pwri.c | 7 +-
crypto/openssl/crypto/cms/cms_smime.c | 2 +-
crypto/openssl/crypto/cryptlib.c | 2 -
crypto/openssl/crypto/des/enc_writ.c | 7 +-
crypto/openssl/crypto/dh/dh_ameth.c | 2 +-
crypto/openssl/crypto/dsa/dsa_gen.c | 3 +-
crypto/openssl/crypto/dsa/dsa_ossl.c | 8 +-
crypto/openssl/crypto/dso/dso_lib.c | 2 +-
crypto/openssl/crypto/ec/ec2_oct.c | 2 +-
crypto/openssl/crypto/ec/ec_asn1.c | 20 +-
crypto/openssl/crypto/ec/ec_check.c | 2 +-
crypto/openssl/crypto/ec/ec_key.c | 2 +-
crypto/openssl/crypto/ec/ec_lcl.h | 8 -
crypto/openssl/crypto/ec/ec_lib.c | 7 +
crypto/openssl/crypto/ec/eck_prn.c | 4 +-
crypto/openssl/crypto/ec/ecp_oct.c | 2 +-
crypto/openssl/crypto/engine/eng_table.c | 6 +-
crypto/openssl/crypto/evp/bio_ok.c | 3 +-
crypto/openssl/crypto/evp/e_aes.c | 7 +-
crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c | 9 +-
crypto/openssl/crypto/evp/e_rc4_hmac_md5.c | 10 +-
crypto/openssl/crypto/evp/encode.c | 2 +-
crypto/openssl/crypto/evp/evp.h | 4 +-
crypto/openssl/crypto/evp/p_seal.c | 5 +-
crypto/openssl/crypto/hmac/hmac.c | 28 ++-
crypto/openssl/crypto/hmac/hmac.h | 1 +
crypto/openssl/crypto/md32_common.h | 4 +-
crypto/openssl/crypto/mem.c | 3 +
crypto/openssl/crypto/modes/gcm128.c | 2 +-
crypto/openssl/crypto/objects/o_names.c | 2 +-
crypto/openssl/crypto/objects/obj_dat.c | 7 +-
crypto/openssl/crypto/objects/objects.README | 8 +-
crypto/openssl/crypto/ocsp/ocsp_ext.c | 4 +-
crypto/openssl/crypto/ocsp/ocsp_vfy.c | 21 +-
crypto/openssl/crypto/opensslv.h | 6 +-
crypto/openssl/crypto/pem/pem_lib.c | 2 +-
crypto/openssl/crypto/pem/pem_pk8.c | 2 +
crypto/openssl/crypto/pkcs12/p12_mutl.c | 3 +-
crypto/openssl/crypto/pkcs7/pk7_doit.c | 16 +-
crypto/openssl/crypto/rsa/rsa_pmeth.c | 8 +-
crypto/openssl/crypto/srp/srp_vfy.c | 9 +-
crypto/openssl/crypto/threads/th-lock.c | 12 +-
crypto/openssl/crypto/x509/x509_lu.c | 2 +
crypto/openssl/crypto/x509/x509_vfy.c | 226 +++++++++++++-------
crypto/openssl/crypto/x509/x509_vfy.h | 6 +
crypto/openssl/crypto/x509/x509_vpm.c | 2 +
crypto/openssl/crypto/x509/x509type.c | 3 -
crypto/openssl/crypto/x509v3/v3_alt.c | 18 +-
crypto/openssl/crypto/x509v3/v3_cpols.c | 8 +-
crypto/openssl/crypto/x509v3/v3_utl.c | 4 +
crypto/openssl/e_os2.h | 8 +-
crypto/openssl/engines/ccgost/e_gost_err.c | 3 +-
crypto/openssl/engines/ccgost/e_gost_err.h | 1 +
crypto/openssl/engines/ccgost/gost2001.c | 229 +++++++++++++++-----
crypto/openssl/engines/ccgost/gost94_keyx.c | 6 +-
crypto/openssl/engines/ccgost/gost_ameth.c | 36 +++-
crypto/openssl/engines/ccgost/gost_pmeth.c | 2 +-
crypto/openssl/engines/ccgost/gost_sign.c | 87 ++++++--
crypto/openssl/engines/e_sureware.c | 27 ++-
crypto/openssl/ssl/d1_both.c | 46 ++--
crypto/openssl/ssl/d1_clnt.c | 10 +
crypto/openssl/ssl/d1_lib.c | 3 +
crypto/openssl/ssl/d1_pkt.c | 2 +-
crypto/openssl/ssl/d1_srvr.c | 28 ++-
crypto/openssl/ssl/s2_pkt.c | 14 ++
crypto/openssl/ssl/s2_srvr.c | 104 +++++----
crypto/openssl/ssl/s3_both.c | 2 +-
crypto/openssl/ssl/s3_cbc.c | 16 +-
crypto/openssl/ssl/s3_clnt.c | 273 ++++++++++++++++++++----
crypto/openssl/ssl/s3_pkt.c | 13 +-
crypto/openssl/ssl/s3_srvr.c | 230 +++++++++++++-------
crypto/openssl/ssl/ssl.h | 4 +
crypto/openssl/ssl/ssl_err.c | 3 +
crypto/openssl/ssl/ssl_lib.c | 8 +-
crypto/openssl/ssl/ssl_locl.h | 1 +
crypto/openssl/ssl/ssl_sess.c | 131 +++++++++++-
crypto/openssl/ssl/ssl_stat.c | 6 +
crypto/openssl/ssl/t1_enc.c | 9 +-
crypto/openssl/ssl/t1_lib.c | 176 +++++++--------
crypto/openssl/ssl/tls_srp.c | 3 +-
118 files changed, 1749 insertions(+), 689 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/25952ef9630b0828388a6b4180dc54899e136622
--
DragonFly BSD source repository
More information about the Commits
mailing list