subject:"CVS commit\: \[netbsd\-8\] src\/crypto\/external\/bsd\/openssl"

CVS commit: [netbsd-8] src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386

2018-08-25 Thread Martin Husemann

Module Name:src
Committed By:   martin
Date:   Sat Aug 25 14:33:04 UTC 2018

Modified Files:
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386 [netbsd-8]:
modes.inc

Log Message:
Pull up following revision(s) (requested by manu in ticket #985):

crypto/external/bsd/openssl/lib/libcrypto/arch/i386/modes.inc: revision 
1.2
crypto/external/bsd/openssl/lib/libcrypto/arch/i386/modes.inc: revision 
1.3

Add missing defines:
https://github.com/openssl/openssl/pull/6828

When ghash-x86.S is generated with -DOPENSSL_IA32_SSE2 we need to
compile
gcm128.c with the same flags.

Reported by manu@

remove -DGHASH_ASM_X86; it is already defined.


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.1.8.1 \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/modes.inc

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/modes.inc
diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/modes.inc:1.1 src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/modes.inc:1.1.8.1
--- src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/modes.inc:1.1	Sat May 16 17:32:54 2015
+++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/modes.inc	Sat Aug 25 14:33:04 2018
@@ -1,4 +1,5 @@
 .PATH.S: ${.PARSEDIR}
 MODES_SRCS += ghash-x86.o
-MODESCPPFLAGS = -DGHASH_ASM
+MODESCPPFLAGS = -DGHASH_ASM -DOPENSSL_IA32_SSE2
+
 .include "../../modes.inc"

CVS commit: [netbsd-8] src/crypto/external/bsd/openssl/dist/crypto

2018-08-09 Thread Martin Husemann

Module Name:src
Committed By:   martin
Date:   Thu Aug  9 13:21:36 UTC 2018

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto/evp [netbsd-8]: evp.h
src/crypto/external/bsd/openssl/dist/crypto/x509 [netbsd-8]: x509_vfy.h

Log Message:
Pull up following revision(s) (requested by christos in ticket #967):

crypto/external/bsd/openssl.old/dist/crypto/evp/evp.h: revision 1.6
crypto/external/bsd/openssl.old/dist/crypto/x509/x509_vfy.h: revision 
1.2
(applied to crypto/external/bsd/openssl/)

Add missing functions for racoon2 to compile under netbsd-8
>From Chuck Zmudzinski

XXX: pullup-8 (to openssl not openssl.old)


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.9.4.1 -r1.1.1.9.4.2 \
src/crypto/external/bsd/openssl/dist/crypto/evp/evp.h
cvs rdiff -u -r1.2 -r1.2.6.1 \
src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/crypto/evp/evp.h
diff -u src/crypto/external/bsd/openssl/dist/crypto/evp/evp.h:1.1.1.9.4.1 src/crypto/external/bsd/openssl/dist/crypto/evp/evp.h:1.1.1.9.4.2
--- src/crypto/external/bsd/openssl/dist/crypto/evp/evp.h:1.1.1.9.4.1	Sat Jun 23 10:52:31 2018
+++ src/crypto/external/bsd/openssl/dist/crypto/evp/evp.h	Thu Aug  9 13:21:36 2018
@@ -1559,6 +1559,14 @@ static inline RSA *EVP_PKEY_get0_RSA(EVP
 	return pkey->pkey.rsa;
 }
 
+static inline DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey)
+{
+	if (pkey->type != EVP_PKEY_DSA) {
+		return NULL;
+	}
+	return pkey->pkey.dsa;
+}
+
 #endif
 
 

Index: src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.h
diff -u src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.h:1.2 src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.h:1.2.6.1
--- src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.h:1.2	Fri Oct 14 16:23:21 2016
+++ src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.h	Thu Aug  9 13:21:36 2018
@@ -645,6 +645,15 @@ STACK_OF(POLICYQUALINFO) *X509_policy_no
*node);
 const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
  *node);
+#if OPENSSL_API_COMPAT >= 0x1010L
+
+static inline X509 *
+X509_STORE_CTX_get0_cert(X509_STORE_CTX *x)
+{ 
+	return X509_STORE_CTX_get_current_cert(x);
+}
+ 
+#endif
 
 #ifdef  __cplusplus
 }

CVS commit: [netbsd-8] src/crypto/external/bsd/openssl/dist/crypto

2018-06-23 Thread Martin Husemann

Module Name:src
Committed By:   martin
Date:   Sat Jun 23 10:52:31 UTC 2018

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto/asn1 [netbsd-8]: asn1.h
src/crypto/external/bsd/openssl/dist/crypto/dh [netbsd-8]: dh.h
src/crypto/external/bsd/openssl/dist/crypto/dsa [netbsd-8]: dsa.h
src/crypto/external/bsd/openssl/dist/crypto/ecdsa [netbsd-8]: ecdsa.h
src/crypto/external/bsd/openssl/dist/crypto/evp [netbsd-8]: evp.h
src/crypto/external/bsd/openssl/dist/crypto/hmac [netbsd-8]: hmac.h
src/crypto/external/bsd/openssl/dist/crypto/rsa [netbsd-8]: rsa.h
src/crypto/external/bsd/openssl/dist/crypto/x509v3 [netbsd-8]: x509v3.h

Log Message:
Apply patch, requested by christos in ticket #891:

Provide future compatibility API when OPENSSL_API_COMPAT is
defined to >= 0x1010L.


To generate a diff of this commit:
cvs rdiff -u -r1.2.6.1 -r1.2.6.2 \
src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h
cvs rdiff -u -r1.2 -r1.2.6.1 \
src/crypto/external/bsd/openssl/dist/crypto/dh/dh.h
cvs rdiff -u -r1.2 -r1.2.6.1 \
src/crypto/external/bsd/openssl/dist/crypto/dsa/dsa.h
cvs rdiff -u -r1.2 -r1.2.6.1 \
src/crypto/external/bsd/openssl/dist/crypto/ecdsa/ecdsa.h
cvs rdiff -u -r1.1.1.9 -r1.1.1.9.4.1 \
src/crypto/external/bsd/openssl/dist/crypto/evp/evp.h
cvs rdiff -u -r1.2 -r1.2.8.1 \
src/crypto/external/bsd/openssl/dist/crypto/hmac/hmac.h
cvs rdiff -u -r1.4 -r1.4.6.1 \
src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa.h
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.6.1 \
src/crypto/external/bsd/openssl/dist/crypto/x509v3/x509v3.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h
diff -u src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h:1.2.6.1 src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h:1.2.6.2
--- src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h:1.2.6.1	Wed Apr 18 13:51:35 2018
+++ src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h	Sat Jun 23 10:52:30 2018
@@ -1414,6 +1414,14 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_WRONG_TAG 168
 # define ASN1_R_WRONG_TYPE169
 
+#if OPENSSL_API_COMPAT >= 0x1010L
+static inline const unsigned char *
+ASN1_STRING_get0_data(const ASN1_STRING *x)
+{
+	return ASN1_STRING_data(__UNCONST(x));
+}
+#endif
+
 #ifdef  __cplusplus
 }
 #endif

Index: src/crypto/external/bsd/openssl/dist/crypto/dh/dh.h
diff -u src/crypto/external/bsd/openssl/dist/crypto/dh/dh.h:1.2 src/crypto/external/bsd/openssl/dist/crypto/dh/dh.h:1.2.6.1
--- src/crypto/external/bsd/openssl/dist/crypto/dh/dh.h:1.2	Fri Oct 14 16:23:18 2016
+++ src/crypto/external/bsd/openssl/dist/crypto/dh/dh.h	Sat Jun 23 10:52:31 2018
@@ -387,6 +387,69 @@ void ERR_load_DH_strings(void);
 # define DH_R_PEER_KEY_ERROR  113
 # define DH_R_SHARED_INFO_ERROR   114
 
+#if OPENSSL_API_COMPAT >= 0x1010L
+static inline void
+DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
+{
+	if (pub_key)
+		*pub_key = dh->pub_key;
+	if (priv_key)
+		*priv_key = dh->priv_key;
+}
+
+static inline int
+DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
+{
+	if (pub_key) {
+		BN_free(dh->pub_key);
+		dh->pub_key = pub_key;
+	}
+	if (priv_key) {
+		BN_free(dh->priv_key);
+		dh->priv_key = priv_key;
+	}
+	return 1;
+}
+
+static inline void
+DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q,
+const BIGNUM **g)
+{
+	if (p)
+		*p = dh->p;
+	if (q)
+		*q = dh->q;
+	if (g)
+		*g = dh->g;
+}
+
+static inline int
+DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
+{
+	if (p)
+		dh->p = p;
+	if (q)
+		dh->q = q;
+	if (g)
+		dh->g = g;
+	return 1;
+}
+
+static inline void
+DH_set_length(DH *dh, long length)
+{
+	dh->length = length;
+}
+
+static inline const char *
+DH_meth_get0_name(const DH_METHOD *meth)
+{
+	return meth->name;
+}   
+
+
+#endif
+
 #ifdef  __cplusplus
 }
 #endif

Index: src/crypto/external/bsd/openssl/dist/crypto/dsa/dsa.h
diff -u src/crypto/external/bsd/openssl/dist/crypto/dsa/dsa.h:1.2 src/crypto/external/bsd/openssl/dist/crypto/dsa/dsa.h:1.2.6.1
--- src/crypto/external/bsd/openssl/dist/crypto/dsa/dsa.h:1.2	Fri Oct 14 16:23:19 2016
+++ src/crypto/external/bsd/openssl/dist/crypto/dsa/dsa.h	Sat Jun 23 10:52:31 2018
@@ -326,6 +326,89 @@ void ERR_load_DSA_strings(void);
 # define DSA_R_PARAMETER_ENCODING_ERROR   105
 # define DSA_R_Q_NOT_PRIME113
 
+#if OPENSSL_API_COMPAT >= 0x1010L
+static inline void
+DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **r, const BIGNUM **s)
+{
+	if (r)
+		*r = sig->r;
+	if (s)
+		*s = sig->s;
+}
+
+static inline int
+DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s)
+{
+	if (r) {
+		BN_free(r);
+		sig->r = r;
+	}
+	if (s) {
+

CVS commit: [netbsd-8] src/crypto/external/bsd/openssl

2018-04-18 Thread Martin Husemann

Module Name:src
Committed By:   martin
Date:   Wed Apr 18 13:51:36 UTC 2018

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto/asn1 [netbsd-8]: asn1.h
asn1_err.c tasn_dec.c
src/crypto/external/bsd/openssl/dist/crypto/bn/asm [netbsd-8]:
rsaz-avx2.pl x86_64-mont5.pl
src/crypto/external/bsd/openssl/dist/crypto/rsa [netbsd-8]: rsa_gen.c
src/crypto/external/bsd/openssl/dist/crypto/x509v3 [netbsd-8]:
v3_addr.c
src/crypto/external/bsd/openssl/dist/ssl [netbsd-8]: ssl.h
src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64 [netbsd-8]:
rsaz-avx2.S x86_64-mont5.S

Log Message:
Apply upstream fixes for CVE-2017-3735, CVE-2017-3736, CVE-2017-3737,
CVE-2017-3738, CVE-2018-0737, CVE-2018-0739. Regen.

Requested by christos in ticket #774.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.2.6.1 \
src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.8.1 \
src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1_err.c
cvs rdiff -u -r1.6 -r1.6.6.1 \
src/crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.8.1 \
src/crypto/external/bsd/openssl/dist/crypto/bn/asm/rsaz-avx2.pl
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.4.1 \
src/crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-mont5.pl
cvs rdiff -u -r1.1.1.6 -r1.1.1.6.4.1 \
src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c
cvs rdiff -u -r1.5 -r1.5.6.1 \
src/crypto/external/bsd/openssl/dist/crypto/x509v3/v3_addr.c
cvs rdiff -u -r1.16 -r1.16.6.1 src/crypto/external/bsd/openssl/dist/ssl/ssl.h
cvs rdiff -u -r1.2 -r1.2.6.1 \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/rsaz-avx2.S
cvs rdiff -u -r1.5 -r1.5.4.1 \
src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/x86_64-mont5.S

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h
diff -u src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h:1.2 src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h:1.2.6.1
--- src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h:1.2	Fri Oct 14 16:23:18 2016
+++ src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h	Wed Apr 18 13:51:35 2018
@@ -1365,6 +1365,7 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_MSTRING_NOT_UNIVERSAL 139
 # define ASN1_R_MSTRING_WRONG_TAG 140
 # define ASN1_R_NESTED_ASN1_STRING197
+# define ASN1_R_NESTED_TOO_DEEP   219
 # define ASN1_R_NON_HEX_CHARACTERS141
 # define ASN1_R_NOT_ASCII_FORMAT  190
 # define ASN1_R_NOT_ENOUGH_DATA   142

Index: src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1_err.c
diff -u src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1_err.c:1.1.1.7 src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1_err.c:1.1.1.7.8.1
--- src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1_err.c:1.1.1.7	Mon Mar 23 08:28:38 2015
+++ src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1_err.c	Wed Apr 18 13:51:35 2018
@@ -1,6 +1,6 @@
 /* crypto/asn1/asn1_err.c */
 /* 
- * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2018 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -279,6 +279,7 @@ static ERR_STRING_DATA ASN1_str_reasons[
 {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"},
 {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"},
 {ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"},
+{ERR_REASON(ASN1_R_NESTED_TOO_DEEP), "nested too deep"},
 {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"},
 {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
 {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},

Index: src/crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c
diff -u src/crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c:1.6 src/crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c:1.6.6.1
--- src/crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c:1.6	Fri Oct 14 16:23:18 2016
+++ src/crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c	Wed Apr 18 13:51:35 2018
@@ -65,6 +65,14 @@
 #include 
 #include 
 
+/*
+ * Constructed types with a recursive definition (such as can be found in PKCS7)
+ * could eventually exceed the stack given malicious input with excessive
+ * recursion. Therefore we limit the stack depth. This is the maximum number of
+ * recursive invocations of asn1_item_embed_d2i().
+ */
+#define ASN1_MAX_CONSTRUCTED_NEST 30
+
 static

CVS commit: [netbsd-8] src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386

CVS commit: [netbsd-8] src/crypto/external/bsd/openssl/dist/crypto

CVS commit: [netbsd-8] src/crypto/external/bsd/openssl/dist/crypto

CVS commit: [netbsd-8] src/crypto/external/bsd/openssl

4 matches

Site Navigation

Mail list logo

Footer information