git: vendor/OPENSSL Import OpenSSL 1.0.1n.

Sascha Wildner swildner at crater.dragonflybsd.org
Thu Jun 11 12:44:19 PDT 2015


commit 25952ef9630b0828388a6b4180dc54899e136622
Author: Sascha Wildner <saw at online.de>
Date:   Thu Jun 11 21:03:27 2015 +0200

    Import OpenSSL 1.0.1n.
    
    Fixes CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791,
    and CVE-2015-1792.
    
    Rejects DH handshakes with parameters shorter than 768 bits.

Summary of changes:
 crypto/openssl/CHANGES                          |  71 ++++++
 crypto/openssl/NEWS                             |   8 +
 crypto/openssl/README                           |   2 +-
 crypto/openssl/apps/apps.c                      |   6 +-
 crypto/openssl/apps/asn1pars.c                  |   2 +-
 crypto/openssl/apps/ca.c                        |  10 +-
 crypto/openssl/apps/cms.c                       |   2 +
 crypto/openssl/apps/dhparam.c                   |   4 +-
 crypto/openssl/apps/enc.c                       |  13 +-
 crypto/openssl/apps/gendh.c                     |   2 +-
 crypto/openssl/apps/ocsp.c                      |   2 +
 crypto/openssl/apps/s_cb.c                      |   3 +-
 crypto/openssl/apps/s_client.c                  |  15 +-
 crypto/openssl/apps/s_server.c                  |  73 +++++--
 crypto/openssl/apps/s_time.c                    |   2 +-
 crypto/openssl/apps/smime.c                     |   2 +
 crypto/openssl/apps/srp.c                       |   4 +-
 crypto/openssl/apps/verify.c                    |   2 +-
 crypto/openssl/crypto/asn1/a_int.c              |   6 +-
 crypto/openssl/crypto/asn1/asn1_gen.c           |  40 +++-
 crypto/openssl/crypto/asn1/asn_mime.c           |   3 +-
 crypto/openssl/crypto/asn1/bio_ndef.c           |   4 +-
 crypto/openssl/crypto/asn1/tasn_new.c           |   3 -
 crypto/openssl/crypto/asn1/tasn_prn.c           |   2 +-
 crypto/openssl/crypto/asn1/x_x509.c             |   4 +-
 crypto/openssl/crypto/bio/b_print.c             |  45 ++--
 crypto/openssl/crypto/bio/bf_nbio.c             |   6 +-
 crypto/openssl/crypto/bio/bio_lib.c             |   8 +-
 crypto/openssl/crypto/bio/bss_dgram.c           |  21 +-
 crypto/openssl/crypto/bn/bn.h                   |   5 +
 crypto/openssl/crypto/bn/bn_err.c               |   6 +-
 crypto/openssl/crypto/bn/bn_gf2m.c              |  15 +-
 crypto/openssl/crypto/bn/bn_lcl.h               |   2 +-
 crypto/openssl/crypto/bn/bn_print.c             |   7 +-
 crypto/openssl/crypto/bn/bn_rand.c              |  10 +-
 crypto/openssl/crypto/bn/bn_shift.c             |  10 +
 crypto/openssl/crypto/buffer/buffer.c           |   2 +-
 crypto/openssl/crypto/cmac/cmac.c               |   2 +
 crypto/openssl/crypto/cms/cms_pwri.c            |   7 +-
 crypto/openssl/crypto/cms/cms_smime.c           |   2 +-
 crypto/openssl/crypto/cryptlib.c                |   2 -
 crypto/openssl/crypto/des/enc_writ.c            |   7 +-
 crypto/openssl/crypto/dh/dh_ameth.c             |   2 +-
 crypto/openssl/crypto/dsa/dsa_gen.c             |   3 +-
 crypto/openssl/crypto/dsa/dsa_ossl.c            |   8 +-
 crypto/openssl/crypto/dso/dso_lib.c             |   2 +-
 crypto/openssl/crypto/ec/ec2_oct.c              |   2 +-
 crypto/openssl/crypto/ec/ec_asn1.c              |  20 +-
 crypto/openssl/crypto/ec/ec_check.c             |   2 +-
 crypto/openssl/crypto/ec/ec_key.c               |   2 +-
 crypto/openssl/crypto/ec/ec_lcl.h               |   8 -
 crypto/openssl/crypto/ec/ec_lib.c               |   7 +
 crypto/openssl/crypto/ec/eck_prn.c              |   4 +-
 crypto/openssl/crypto/ec/ecp_oct.c              |   2 +-
 crypto/openssl/crypto/engine/eng_table.c        |   6 +-
 crypto/openssl/crypto/evp/bio_ok.c              |   3 +-
 crypto/openssl/crypto/evp/e_aes.c               |   7 +-
 crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c |   9 +-
 crypto/openssl/crypto/evp/e_rc4_hmac_md5.c      |  10 +-
 crypto/openssl/crypto/evp/encode.c              |   2 +-
 crypto/openssl/crypto/evp/evp.h                 |   4 +-
 crypto/openssl/crypto/evp/p_seal.c              |   5 +-
 crypto/openssl/crypto/hmac/hmac.c               |  28 ++-
 crypto/openssl/crypto/hmac/hmac.h               |   1 +
 crypto/openssl/crypto/md32_common.h             |   4 +-
 crypto/openssl/crypto/mem.c                     |   3 +
 crypto/openssl/crypto/modes/gcm128.c            |   2 +-
 crypto/openssl/crypto/objects/o_names.c         |   2 +-
 crypto/openssl/crypto/objects/obj_dat.c         |   7 +-
 crypto/openssl/crypto/objects/objects.README    |   8 +-
 crypto/openssl/crypto/ocsp/ocsp_ext.c           |   4 +-
 crypto/openssl/crypto/ocsp/ocsp_vfy.c           |  21 +-
 crypto/openssl/crypto/opensslv.h                |   6 +-
 crypto/openssl/crypto/pem/pem_lib.c             |   2 +-
 crypto/openssl/crypto/pem/pem_pk8.c             |   2 +
 crypto/openssl/crypto/pkcs12/p12_mutl.c         |   3 +-
 crypto/openssl/crypto/pkcs7/pk7_doit.c          |  16 +-
 crypto/openssl/crypto/rsa/rsa_pmeth.c           |   8 +-
 crypto/openssl/crypto/srp/srp_vfy.c             |   9 +-
 crypto/openssl/crypto/threads/th-lock.c         |  12 +-
 crypto/openssl/crypto/x509/x509_lu.c            |   2 +
 crypto/openssl/crypto/x509/x509_vfy.c           | 226 +++++++++++++-------
 crypto/openssl/crypto/x509/x509_vfy.h           |   6 +
 crypto/openssl/crypto/x509/x509_vpm.c           |   2 +
 crypto/openssl/crypto/x509/x509type.c           |   3 -
 crypto/openssl/crypto/x509v3/v3_alt.c           |  18 +-
 crypto/openssl/crypto/x509v3/v3_cpols.c         |   8 +-
 crypto/openssl/crypto/x509v3/v3_utl.c           |   4 +
 crypto/openssl/e_os2.h                          |   8 +-
 crypto/openssl/engines/ccgost/e_gost_err.c      |   3 +-
 crypto/openssl/engines/ccgost/e_gost_err.h      |   1 +
 crypto/openssl/engines/ccgost/gost2001.c        | 229 +++++++++++++++-----
 crypto/openssl/engines/ccgost/gost94_keyx.c     |   6 +-
 crypto/openssl/engines/ccgost/gost_ameth.c      |  36 +++-
 crypto/openssl/engines/ccgost/gost_pmeth.c      |   2 +-
 crypto/openssl/engines/ccgost/gost_sign.c       |  87 ++++++--
 crypto/openssl/engines/e_sureware.c             |  27 ++-
 crypto/openssl/ssl/d1_both.c                    |  46 ++--
 crypto/openssl/ssl/d1_clnt.c                    |  10 +
 crypto/openssl/ssl/d1_lib.c                     |   3 +
 crypto/openssl/ssl/d1_pkt.c                     |   2 +-
 crypto/openssl/ssl/d1_srvr.c                    |  28 ++-
 crypto/openssl/ssl/s2_pkt.c                     |  14 ++
 crypto/openssl/ssl/s2_srvr.c                    | 104 +++++----
 crypto/openssl/ssl/s3_both.c                    |   2 +-
 crypto/openssl/ssl/s3_cbc.c                     |  16 +-
 crypto/openssl/ssl/s3_clnt.c                    | 273 ++++++++++++++++++++----
 crypto/openssl/ssl/s3_pkt.c                     |  13 +-
 crypto/openssl/ssl/s3_srvr.c                    | 230 +++++++++++++-------
 crypto/openssl/ssl/ssl.h                        |   4 +
 crypto/openssl/ssl/ssl_err.c                    |   3 +
 crypto/openssl/ssl/ssl_lib.c                    |   8 +-
 crypto/openssl/ssl/ssl_locl.h                   |   1 +
 crypto/openssl/ssl/ssl_sess.c                   | 131 +++++++++++-
 crypto/openssl/ssl/ssl_stat.c                   |   6 +
 crypto/openssl/ssl/t1_enc.c                     |   9 +-
 crypto/openssl/ssl/t1_lib.c                     | 176 +++++++--------
 crypto/openssl/ssl/tls_srp.c                    |   3 +-
 118 files changed, 1749 insertions(+), 689 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/25952ef9630b0828388a6b4180dc54899e136622


-- 
DragonFly BSD source repository


More information about the Commits mailing list