Skip to content

Upgrade to openssl102j #8786

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
shigeki wants to merge 6 commits into from
Closed

Upgrade to openssl102j #8786

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
a767354
deps: upgrade openssl sources to 1.0.2j
shigeki Sep 26, 2016
e803410
deps: copy all openssl header files to include dir
shigeki Sep 26, 2016
82a298d
deps: fix openssl assembly error on ia32 win32
indutny Jan 8, 2014
8c8a9df
deps: fix asm build error of openssl in x86_win32
Feb 13, 2015
6ab5b81
openssl: fix keypress requirement in apps on win32
Feb 17, 2015
e5f306d
deps: add -no_rand_screen to openssl s_client
May 27, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
deps: upgrade openssl sources to 1.0.2j 
This replaces all sources of openssl-1.0.2j.tar.gz into
deps/openssl/openssl
  • Loading branch information
@shigeki
shigeki committed Sep 26, 2016
commit a767354c200992e714d79492ca56d392dd7bee5a
12 changes: 12 additions & 0 deletions deps/openssl/openssl/CHANGES
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,18 @@
OpenSSL CHANGES
_______________

Changes between 1.0.2i and 1.0.2j [26 Sep 2016]

*) Missing CRL sanity check

A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0
but was omitted from OpenSSL 1.0.2i. As a result any attempt to use
CRLs in OpenSSL 1.0.2i will crash with a null pointer exception.

This issue only affects the OpenSSL 1.0.2i
(CVE-2016-7052)
[Matt Caswell]

Changes between 1.0.2h and 1.0.2i [22 Sep 2016]

*) OCSP Status Request extension unbounded memory growth
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
## Makefile for OpenSSL
##

VERSION=1.0.2i
VERSION=1.0.2j
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/Makefile.bak
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
## Makefile for OpenSSL
##

VERSION=1.0.2i
VERSION=1.0.2j
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
Expand Down
4 changes: 4 additions & 0 deletions deps/openssl/openssl/NEWS
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.

Major changes between OpenSSL 1.0.2i and OpenSSL 1.0.2j [26 Sep 2016]

o Fix Use After Free for large message sizes (CVE-2016-6309)

Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016]

o OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/README
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@

OpenSSL 1.0.2i 22 Sep 2016
OpenSSL 1.0.2j 26 Sep 2016

Copyright (c) 1998-2015 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Expand Down
11 changes: 1 addition & 10 deletions deps/openssl/openssl/apps/app_rand.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -124,16 +124,7 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
char buffer[200];

#ifdef OPENSSL_SYS_WINDOWS
/*
* allocate 2 to dont_warn not to use RAND_screen() via
* -no_rand_screen option in s_client
*/
if (dont_warn != 2) {
BIO_printf(bio_e, "Loading 'screen' into random state -");
BIO_flush(bio_e);
RAND_screen();
BIO_printf(bio_e, " done\n");
}
RAND_screen();
#endif

if (file == NULL)
Expand Down
31 changes: 8 additions & 23 deletions deps/openssl/openssl/apps/s_client.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -180,13 +180,6 @@ typedef unsigned int u_int;
# include <fcntl.h>
#endif

/* Use Windows API with STD_INPUT_HANDLE when checking for input?
Don't look at OPENSSL_SYS_MSDOS for this, since it is always defined if
OPENSSL_SYS_WINDOWS is defined */
#if defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_WINCE) && defined(STD_INPUT_HANDLE)
#define OPENSSL_USE_STD_INPUT_HANDLE
#endif

#undef PROG
#define PROG s_client_main

Expand Down Expand Up @@ -236,7 +229,6 @@ static BIO *bio_c_msg = NULL;
static int c_quiet = 0;
static int c_ign_eof = 0;
static int c_brief = 0;
static int c_no_rand_screen = 0;

#ifndef OPENSSL_NO_PSK
/* Default PSK identity and key */
Expand Down Expand Up @@ -452,10 +444,6 @@ static void sc_usage(void)
" -keymatexport label - Export keying material using label\n");
BIO_printf(bio_err,
" -keymatexportlen len - Export len bytes of keying material (default 20)\n");
#ifdef OPENSSL_SYS_WINDOWS
BIO_printf(bio_err,
" -no_rand_screen - Do not use RAND_screen() to initialize random state\n");
#endif
}

#ifndef OPENSSL_NO_TLSEXT
Expand Down Expand Up @@ -1148,10 +1136,6 @@ int MAIN(int argc, char **argv)
keymatexportlen = atoi(*(++argv));
if (keymatexportlen == 0)
goto bad;
#ifdef OPENSSL_SYS_WINDOWS
} else if (strcmp(*argv, "-no_rand_screen") == 0) {
c_no_rand_screen = 1;
#endif
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badop = 1;
Expand Down Expand Up @@ -1268,7 +1252,7 @@ int MAIN(int argc, char **argv)
if (!load_excert(&exc, bio_err))
goto end;

if (!app_RAND_load_file(NULL, bio_err, ++c_no_rand_screen) && inrand == NULL
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status()) {
BIO_printf(bio_err,
"warning, not much extra random data, consider using the -rand option\n");
Expand Down Expand Up @@ -1806,16 +1790,17 @@ int MAIN(int argc, char **argv)
tv.tv_usec = 0;
i = select(width, (void *)&readfds, (void *)&writefds,
NULL, &tv);
#if defined(OPENSSL_USE_STD_INPUT_HANDLE)
# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
if (!i && (!_kbhit() || !read_tty))
continue;
# else
if (!i && (!((_kbhit())
|| (WAIT_OBJECT_0 ==
WaitForSingleObject(GetStdHandle
(STD_INPUT_HANDLE),
0)))
|| !read_tty))
continue;
#else
if(!i && (!_kbhit() || !read_tty) ) continue;
# endif
} else
i = select(width, (void *)&readfds, (void *)&writefds,
Expand Down Expand Up @@ -2017,12 +2002,12 @@ int MAIN(int argc, char **argv)
}
}
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
#if defined(OPENSSL_USE_STD_INPUT_HANDLE)
# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
else if (_kbhit())
# else
else if ((_kbhit())
|| (WAIT_OBJECT_0 ==
WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
#else
else if (_kbhit())
# endif
#elif defined (OPENSSL_SYS_NETWARE)
else if (_kbhit())
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/crypto/engine/eng_cryptodev.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -939,7 +939,7 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
if (fstate->mac_len != 0) {
if (fstate->mac_data != NULL) {
dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
if (dstate->ac_data == NULL) {
if (dstate->mac_data == NULL) {
printf("cryptodev_digest_init: malloc failed\n");
return 0;
}
Expand Down
Loading