Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/crypto/dist/openssl openssl 0.9.6f, with security fixes



details:   https://anonhg.NetBSD.org/src/rev/3036be63c4e6
branches:  trunk
changeset: 535033:3036be63c4e6
user:      itojun <itojun%NetBSD.org@localhost>
date:      Thu Aug 08 23:14:54 2002 +0000

description:
openssl 0.9.6f, with security fixes

diffstat:

 crypto/dist/openssl/Configure            |   4 ++--
 crypto/dist/openssl/Makefile.org         |  14 ++++++++------
 crypto/dist/openssl/Makefile.ssl         |  18 ++++++++++--------
 crypto/dist/openssl/NEWS                 |   9 +++++++++
 crypto/dist/openssl/PROBLEMS             |   8 ++++++++
 crypto/dist/openssl/README               |   2 +-
 crypto/dist/openssl/apps/CA.pl           |   2 +-
 crypto/dist/openssl/apps/der_chop        |   2 +-
 crypto/dist/openssl/config               |   1 +
 crypto/dist/openssl/crypto/bio/b_print.c |   2 +-
 crypto/dist/openssl/crypto/mem.c         |   3 +++
 crypto/dist/openssl/crypto/opensslv.h    |   4 ++--
 crypto/dist/openssl/openssl.spec         |   2 +-
 crypto/dist/openssl/ssl/s2_enc.c         |   3 ++-
 crypto/dist/openssl/tools/c_rehash       |   2 +-
 crypto/dist/openssl/util/mkerr.pl        |   2 +-
 16 files changed, 52 insertions(+), 26 deletions(-)

diffs (290 lines):

diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/Configure
--- a/crypto/dist/openssl/Configure     Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/Configure     Thu Aug 08 23:14:54 2002 +0000
@@ -344,8 +344,8 @@
 "linux-mips",   "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::",
 "linux-ppc",   "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 
DES_UNROLL::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-m68k",   "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
-"linux-s390",  "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
-"linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::SIXTY_FOUR_BIT_LONG:::::::::::linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-s390",  "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR),\$(SHLIB_MINOR)",
+"linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-ia64",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK 
RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "NetBSD-sparc",        "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX 
DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "NetBSD-m68",  "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/Makefile.org
--- a/crypto/dist/openssl/Makefile.org  Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/Makefile.org  Thu Aug 08 23:14:54 2002 +0000
@@ -247,7 +247,8 @@
                for i in $(SHLIBDIRS); do \
                        prev=lib$$i$(SHLIB_EXT); \
                        for j in $${tmp:-x}; do \
-                               ( set -x; ln -f -s $$prev lib$$i$$j ); \
+                               ( set -x; \
+                               rm -f lib$$i$$j; ln -s $$prev lib$$i$$j ); \
                                prev=lib$$i$$j; \
                        done; \
                done; \
@@ -676,7 +677,7 @@
                done; \
                (       here="`pwd`"; \
                        cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
-                       make -f $$here/Makefile link-shared ); \
+                       $(MAKE) -f $$here/Makefile link-shared ); \
        fi
 
 install_docs:
@@ -685,22 +686,23 @@
                $(INSTALL_PREFIX)$(MANDIR)/man3 \
                $(INSTALL_PREFIX)$(MANDIR)/man5 \
                $(INSTALL_PREFIX)$(MANDIR)/man7
-       @for i in doc/apps/*.pod; do \
+       @pod2man=`cd ../../util; ./pod2mantest ignore`; \
+       for i in doc/apps/*.pod; do \
                fn=`basename $$i .pod`; \
                if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
                echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
                (cd `$(PERL) util/dirname.pl $$i`; \
-               sh -c "$(PERL) `cd ../../util; ./pod2mantest ignore` \
+               sh -c "$(PERL) $$pod2man \
                        --section=$$sec --center=OpenSSL \
                        --release=$(VERSION) `basename $$i`") \
                        >  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
-       done
+       done; \
        @for i in doc/crypto/*.pod doc/ssl/*.pod; do \
                fn=`basename $$i .pod`; \
                if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
                echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
                (cd `$(PERL) util/dirname.pl $$i`; \
-               sh -c "$(PERL) `cd ../../util; ./pod2mantest ignore` \
+               sh -c "$(PERL) $$pod2man \
                        --section=$$sec --center=OpenSSL \
                        --release=$(VERSION) `basename $$i`") \
                        >  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/Makefile.ssl
--- a/crypto/dist/openssl/Makefile.ssl  Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/Makefile.ssl  Thu Aug 08 23:14:54 2002 +0000
@@ -4,7 +4,7 @@
 ## Makefile for OpenSSL
 ##
 
-VERSION=0.9.6e
+VERSION=0.9.6f
 MAJOR=0
 MINOR=9.6
 SHLIB_VERSION_NUMBER=0.9.6
@@ -64,7 +64,7 @@
 EXE_EXT= 
 AR=ar r
 RANLIB= /usr/bin/ranlib
-PERL= /usr/local/bin/perl5
+PERL= /usr/local/bin/perl
 TAR= tar
 TARFLAGS= --no-recursion
 
@@ -249,7 +249,8 @@
                for i in $(SHLIBDIRS); do \
                        prev=lib$$i$(SHLIB_EXT); \
                        for j in $${tmp:-x}; do \
-                               ( set -x; ln -f -s $$prev lib$$i$$j ); \
+                               ( set -x; \
+                               rm -f lib$$i$$j; ln -s $$prev lib$$i$$j ); \
                                prev=lib$$i$$j; \
                        done; \
                done; \
@@ -678,7 +679,7 @@
                done; \
                (       here="`pwd`"; \
                        cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
-                       make -f $$here/Makefile link-shared ); \
+                       $(MAKE) -f $$here/Makefile link-shared ); \
        fi
 
 install_docs:
@@ -687,22 +688,23 @@
                $(INSTALL_PREFIX)$(MANDIR)/man3 \
                $(INSTALL_PREFIX)$(MANDIR)/man5 \
                $(INSTALL_PREFIX)$(MANDIR)/man7
-       @for i in doc/apps/*.pod; do \
+       @pod2man=`cd ../../util; ./pod2mantest ignore`; \
+       for i in doc/apps/*.pod; do \
                fn=`basename $$i .pod`; \
                if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
                echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
                (cd `$(PERL) util/dirname.pl $$i`; \
-               sh -c "$(PERL) `cd ../../util; ./pod2mantest ignore` \
+               sh -c "$(PERL) $$pod2man \
                        --section=$$sec --center=OpenSSL \
                        --release=$(VERSION) `basename $$i`") \
                        >  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
-       done
+       done; \
        @for i in doc/crypto/*.pod doc/ssl/*.pod; do \
                fn=`basename $$i .pod`; \
                if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
                echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
                (cd `$(PERL) util/dirname.pl $$i`; \
-               sh -c "$(PERL) `cd ../../util; ./pod2mantest ignore` \
+               sh -c "$(PERL) $$pod2man \
                        --section=$$sec --center=OpenSSL \
                        --release=$(VERSION) `basename $$i`") \
                        >  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/NEWS
--- a/crypto/dist/openssl/NEWS  Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/NEWS  Thu Aug 08 23:14:54 2002 +0000
@@ -5,6 +5,15 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f:
+
+      o Various important bugfixes.
+
+  Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e:
+
+      o Important security related bugfixes.
+      o Various SSL/TLS library bugfixes.
+
   Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d:
 
       o Various SSL/TLS library bugfixes.
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/PROBLEMS
--- a/crypto/dist/openssl/PROBLEMS      Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/PROBLEMS      Thu Aug 08 23:14:54 2002 +0000
@@ -32,3 +32,11 @@
 As long as Apple doesn't fix the problem with ld, this problem building
 OpenSSL will remain as is.
 
+
+* Parallell make leads to errors
+
+While running tests, running a parallell make is a bad idea.  Many test
+scripts use the same name for output and input files, which means different
+will interfere with each other and lead to test failure.
+
+The solution is simple for now: don't run parallell make when testing.
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/README
--- a/crypto/dist/openssl/README        Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/README        Thu Aug 08 23:14:54 2002 +0000
@@ -1,5 +1,5 @@
 
- OpenSSL 0.9.6e 30 July 2002
+ OpenSSL 0.9.6f 8 August 2002
 
  Copyright (c) 1998-2002 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/apps/CA.pl
--- a/crypto/dist/openssl/apps/CA.pl    Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/apps/CA.pl    Thu Aug 08 23:14:54 2002 +0000
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl5
+#!/usr/local/bin/perl
 #
 # CA - wrapper around ca to make it easier to use ... basically ca requires
 #      some setup stuff to be done before you can use it and this makes
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/apps/der_chop
--- a/crypto/dist/openssl/apps/der_chop Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/apps/der_chop Thu Aug 08 23:14:54 2002 +0000
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl5
+#!/usr/local/bin/perl
 #
 # der_chop ... this is one total hack that Eric is really not proud of
 #              so don't look at it and don't ask for support
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/config
--- a/crypto/dist/openssl/config        Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/config        Thu Aug 08 23:14:54 2002 +0000
@@ -392,6 +392,7 @@
 else
   CC=cc
 fi
+GCCVER=${GCCVER:-0}
 if [ "$SYSTEM" = "HP-UX" ];then
   # By default gcc is a ILP32 compiler (with long long == 64).
   GCC_BITS="32"
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/crypto/bio/b_print.c
--- a/crypto/dist/openssl/crypto/bio/b_print.c  Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/crypto/bio/b_print.c  Thu Aug 08 23:14:54 2002 +0000
@@ -109,7 +109,7 @@
  * o ...                                       (for OpenSSL)
  */
 
-#if HAVE_LONG_DOUBLE
+#ifdef HAVE_LONG_DOUBLE
 #define LDOUBLE long double
 #else
 #define LDOUBLE double
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/crypto/mem.c
--- a/crypto/dist/openssl/crypto/mem.c  Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/crypto/mem.c  Thu Aug 08 23:14:54 2002 +0000
@@ -226,6 +226,9 @@
        {
        void *ret = NULL;
 
+       if (str == NULL)
+               return CRYPTO_malloc(num, file, line);
+
        if (realloc_debug_func != NULL)
                realloc_debug_func(str, NULL, num, file, line, 0);
        ret = realloc_func(str,num);
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/crypto/opensslv.h
--- a/crypto/dist/openssl/crypto/opensslv.h     Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/crypto/opensslv.h     Thu Aug 08 23:14:54 2002 +0000
@@ -25,8 +25,8 @@
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-#define OPENSSL_VERSION_NUMBER 0x0090605fL
-#define OPENSSL_VERSION_TEXT   "OpenSSL 0.9.6e 30 Jul 2002"
+#define OPENSSL_VERSION_NUMBER 0x0090606fL
+#define OPENSSL_VERSION_TEXT   "OpenSSL 0.9.6f 8 Aug 2002"
 #define OPENSSL_VERSION_PTEXT  " part of " OPENSSL_VERSION_TEXT
 
 
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/openssl.spec
--- a/crypto/dist/openssl/openssl.spec  Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/openssl.spec  Thu Aug 08 23:14:54 2002 +0000
@@ -1,7 +1,7 @@
 %define libmaj 0
 %define libmin 9
 %define librel 6
-%define librev d
+%define librev f
 Release: 1
 
 %define openssldir /var/ssl
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/ssl/s2_enc.c
--- a/crypto/dist/openssl/ssl/s2_enc.c  Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/ssl/s2_enc.c  Thu Aug 08 23:14:54 2002 +0000
@@ -96,7 +96,8 @@
        num=c->key_len;
        s->s2->key_material_length=num*2;
 
-       ssl2_generate_key_material(s);
+       if (ssl2_generate_key_material(s) <= 0)
+               return 0;
 
        EVP_EncryptInit(ws,c,&(s->s2->key_material[(client)?num:0]),
                s->session->key_arg);
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/tools/c_rehash
--- a/crypto/dist/openssl/tools/c_rehash        Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/tools/c_rehash        Thu Aug 08 23:14:54 2002 +0000
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl5
+#!/usr/local/bin/perl
 
 
 # Perl c_rehash script, scan all files in a directory
diff -r d95297ce25d1 -r 3036be63c4e6 crypto/dist/openssl/util/mkerr.pl
--- a/crypto/dist/openssl/util/mkerr.pl Thu Aug 08 22:49:09 2002 +0000
+++ b/crypto/dist/openssl/util/mkerr.pl Thu Aug 08 23:14:54 2002 +0000
@@ -320,7 +320,7 @@
        print OUT <<"EOF";
 /* $cfile */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions



Home | Main Index | Thread Index | Old Index