Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/dist/openssl openssl 0.9.6f, with security fixes
details: https://anonhg.NetBSD.org/src/rev/3036be63c4e6
branches: trunk
changeset: 535033:3036be63c4e6
user: itojun <itojun%NetBSD.org@localhost>
date: Thu Aug 08 23:14:54 2002 +0000
description:
openssl 0.9.6f, with security fixes
diffstat:
crypto/dist/openssl/Configure | 4 ++--
crypto/dist/openssl/Makefile.org | 14 ++++++++------
crypto/dist/openssl/Makefile.ssl | 18 ++++++++++--------
crypto/dist/openssl/NEWS | 9 +++++++++
crypto/dist/openssl/PROBLEMS | 8 ++++++++
crypto/dist/openssl/README | 2 +-
crypto/dist/openssl/apps/CA.pl | 2 +-
crypto/dist/openssl/apps/der_chop | 2 +-
crypto/dist/openssl/config | 1 +
crypto/dist/openssl/crypto/bio/b_print.c | 2 +-
crypto/dist/openssl/crypto/mem.c | 3 +++
crypto/dist/openssl/crypto/opensslv.h | 4 ++--
crypto/dist/openssl/openssl.spec | 2 +-
crypto/dist/openssl/ssl/s2_enc.c | 3 ++-
crypto/dist/openssl/tools/c_rehash | 2 +-
crypto/dist/openssl/util/mkerr.pl | 2 +-
16 files changed, 52 insertions(+), 26 deletions(-)
diffs (290 lines):
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/Configure
--- a/crypto/dist/openssl/Configure Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/Configure Thu Aug 08 23:14:54 2002 +0000
@@ -344,8 +344,8 @@
"linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::",
"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1
DES_UNROLL::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
-"linux-s390", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
-"linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::SIXTY_FOUR_BIT_LONG:::::::::::linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-s390", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR),\$(SHLIB_MINOR)",
+"linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK
RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX
DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/Makefile.org
--- a/crypto/dist/openssl/Makefile.org Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/Makefile.org Thu Aug 08 23:14:54 2002 +0000
@@ -247,7 +247,8 @@
for i in $(SHLIBDIRS); do \
prev=lib$$i$(SHLIB_EXT); \
for j in $${tmp:-x}; do \
- ( set -x; ln -f -s $$prev lib$$i$$j ); \
+ ( set -x; \
+ rm -f lib$$i$$j; ln -s $$prev lib$$i$$j ); \
prev=lib$$i$$j; \
done; \
done; \
@@ -676,7 +677,7 @@
done; \
( here="`pwd`"; \
cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
- make -f $$here/Makefile link-shared ); \
+ $(MAKE) -f $$here/Makefile link-shared ); \
fi
install_docs:
@@ -685,22 +686,23 @@
$(INSTALL_PREFIX)$(MANDIR)/man3 \
$(INSTALL_PREFIX)$(MANDIR)/man5 \
$(INSTALL_PREFIX)$(MANDIR)/man7
- @for i in doc/apps/*.pod; do \
+ @pod2man=`cd ../../util; ./pod2mantest ignore`; \
+ for i in doc/apps/*.pod; do \
fn=`basename $$i .pod`; \
if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
(cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$(PERL) `cd ../../util; ./pod2mantest ignore` \
+ sh -c "$(PERL) $$pod2man \
--section=$$sec --center=OpenSSL \
--release=$(VERSION) `basename $$i`") \
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
- done
+ done; \
@for i in doc/crypto/*.pod doc/ssl/*.pod; do \
fn=`basename $$i .pod`; \
if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
(cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$(PERL) `cd ../../util; ./pod2mantest ignore` \
+ sh -c "$(PERL) $$pod2man \
--section=$$sec --center=OpenSSL \
--release=$(VERSION) `basename $$i`") \
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/Makefile.ssl
--- a/crypto/dist/openssl/Makefile.ssl Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/Makefile.ssl Thu Aug 08 23:14:54 2002 +0000
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=0.9.6e
+VERSION=0.9.6f
MAJOR=0
MINOR=9.6
SHLIB_VERSION_NUMBER=0.9.6
@@ -64,7 +64,7 @@
EXE_EXT=
AR=ar r
RANLIB= /usr/bin/ranlib
-PERL= /usr/local/bin/perl5
+PERL= /usr/local/bin/perl
TAR= tar
TARFLAGS= --no-recursion
@@ -249,7 +249,8 @@
for i in $(SHLIBDIRS); do \
prev=lib$$i$(SHLIB_EXT); \
for j in $${tmp:-x}; do \
- ( set -x; ln -f -s $$prev lib$$i$$j ); \
+ ( set -x; \
+ rm -f lib$$i$$j; ln -s $$prev lib$$i$$j ); \
prev=lib$$i$$j; \
done; \
done; \
@@ -678,7 +679,7 @@
done; \
( here="`pwd`"; \
cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
- make -f $$here/Makefile link-shared ); \
+ $(MAKE) -f $$here/Makefile link-shared ); \
fi
install_docs:
@@ -687,22 +688,23 @@
$(INSTALL_PREFIX)$(MANDIR)/man3 \
$(INSTALL_PREFIX)$(MANDIR)/man5 \
$(INSTALL_PREFIX)$(MANDIR)/man7
- @for i in doc/apps/*.pod; do \
+ @pod2man=`cd ../../util; ./pod2mantest ignore`; \
+ for i in doc/apps/*.pod; do \
fn=`basename $$i .pod`; \
if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
(cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$(PERL) `cd ../../util; ./pod2mantest ignore` \
+ sh -c "$(PERL) $$pod2man \
--section=$$sec --center=OpenSSL \
--release=$(VERSION) `basename $$i`") \
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
- done
+ done; \
@for i in doc/crypto/*.pod doc/ssl/*.pod; do \
fn=`basename $$i .pod`; \
if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
(cd `$(PERL) util/dirname.pl $$i`; \
- sh -c "$(PERL) `cd ../../util; ./pod2mantest ignore` \
+ sh -c "$(PERL) $$pod2man \
--section=$$sec --center=OpenSSL \
--release=$(VERSION) `basename $$i`") \
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/NEWS
--- a/crypto/dist/openssl/NEWS Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/NEWS Thu Aug 08 23:14:54 2002 +0000
@@ -5,6 +5,15 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f:
+
+ o Various important bugfixes.
+
+ Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e:
+
+ o Important security related bugfixes.
+ o Various SSL/TLS library bugfixes.
+
Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d:
o Various SSL/TLS library bugfixes.
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/PROBLEMS
--- a/crypto/dist/openssl/PROBLEMS Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/PROBLEMS Thu Aug 08 23:14:54 2002 +0000
@@ -32,3 +32,11 @@
As long as Apple doesn't fix the problem with ld, this problem building
OpenSSL will remain as is.
+
+* Parallell make leads to errors
+
+While running tests, running a parallell make is a bad idea. Many test
+scripts use the same name for output and input files, which means different
+will interfere with each other and lead to test failure.
+
+The solution is simple for now: don't run parallell make when testing.
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/README
--- a/crypto/dist/openssl/README Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/README Thu Aug 08 23:14:54 2002 +0000
@@ -1,5 +1,5 @@
- OpenSSL 0.9.6e 30 July 2002
+ OpenSSL 0.9.6f 8 August 2002
Copyright (c) 1998-2002 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/apps/CA.pl
--- a/crypto/dist/openssl/apps/CA.pl Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/apps/CA.pl Thu Aug 08 23:14:54 2002 +0000
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl5
+#!/usr/local/bin/perl
#
# CA - wrapper around ca to make it easier to use ... basically ca requires
# some setup stuff to be done before you can use it and this makes
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/apps/der_chop
--- a/crypto/dist/openssl/apps/der_chop Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/apps/der_chop Thu Aug 08 23:14:54 2002 +0000
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl5
+#!/usr/local/bin/perl
#
# der_chop ... this is one total hack that Eric is really not proud of
# so don't look at it and don't ask for support
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/config
--- a/crypto/dist/openssl/config Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/config Thu Aug 08 23:14:54 2002 +0000
@@ -392,6 +392,7 @@
else
CC=cc
fi
+GCCVER=${GCCVER:-0}
if [ "$SYSTEM" = "HP-UX" ];then
# By default gcc is a ILP32 compiler (with long long == 64).
GCC_BITS="32"
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/crypto/bio/b_print.c
--- a/crypto/dist/openssl/crypto/bio/b_print.c Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/crypto/bio/b_print.c Thu Aug 08 23:14:54 2002 +0000
@@ -109,7 +109,7 @@
* o ... (for OpenSSL)
*/
-#if HAVE_LONG_DOUBLE
+#ifdef HAVE_LONG_DOUBLE
#define LDOUBLE long double
#else
#define LDOUBLE double
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/crypto/mem.c
--- a/crypto/dist/openssl/crypto/mem.c Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/crypto/mem.c Thu Aug 08 23:14:54 2002 +0000
@@ -226,6 +226,9 @@
{
void *ret = NULL;
+ if (str == NULL)
+ return CRYPTO_malloc(num, file, line);
+
if (realloc_debug_func != NULL)
realloc_debug_func(str, NULL, num, file, line, 0);
ret = realloc_func(str,num);
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/crypto/opensslv.h
--- a/crypto/dist/openssl/crypto/opensslv.h Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/crypto/opensslv.h Thu Aug 08 23:14:54 2002 +0000
@@ -25,8 +25,8 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-#define OPENSSL_VERSION_NUMBER 0x0090605fL
-#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6e 30 Jul 2002"
+#define OPENSSL_VERSION_NUMBER 0x0090606fL
+#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6f 8 Aug 2002"
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/openssl.spec
--- a/crypto/dist/openssl/openssl.spec Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/openssl.spec Thu Aug 08 23:14:54 2002 +0000
@@ -1,7 +1,7 @@
%define libmaj 0
%define libmin 9
%define librel 6
-%define librev d
+%define librev f
Release: 1
%define openssldir /var/ssl
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/ssl/s2_enc.c
--- a/crypto/dist/openssl/ssl/s2_enc.c Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/ssl/s2_enc.c Thu Aug 08 23:14:54 2002 +0000
@@ -96,7 +96,8 @@
num=c->key_len;
s->s2->key_material_length=num*2;
- ssl2_generate_key_material(s);
+ if (ssl2_generate_key_material(s) <= 0)
+ return 0;
EVP_EncryptInit(ws,c,&(s->s2->key_material[(client)?num:0]),
s->session->key_arg);
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/tools/c_rehash
--- a/crypto/dist/openssl/tools/c_rehash Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/tools/c_rehash Thu Aug 08 23:14:54 2002 +0000
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl5
+#!/usr/local/bin/perl
# Perl c_rehash script, scan all files in a directory
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/util/mkerr.pl
--- a/crypto/dist/openssl/util/mkerr.pl Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/util/mkerr.pl Thu Aug 08 23:14:54 2002 +0000
@@ -320,7 +320,7 @@
print OUT <<"EOF";
/* $cfile */
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Home |
Main Index |
Thread Index |
Old Index