Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-10]: src/doc Pull up the following revisions, requested by kim in...
details: https://anonhg.NetBSD.org/src/rev/b1fe023663d9
branches: netbsd-10
changeset: 373689:b1fe023663d9
user: martin <martin%NetBSD.org@localhost>
date: Fri Feb 24 13:42:05 2023 +0000
description:
Pull up the following revisions, requested by kim in ticket #104:
crypto/external/bsd/openssl/dist/crypto/bn/rsa_sup_mul.c up to 1.1.1.1
crypto/external/bsd/openssl/dist/test/certs/embeddedSCTs1_issuer-key.pem up to 1.1.1.1
crypto/external/bsd/openssl/dist/test/smime-certs/badrsa.pem up to 1.1.1.1
crypto/external/bsd/openssl/dist/test/ssl-tests/30-supported-groups.conf up to 1.1.1.1
crypto/external/bsd/openssl/dist/test/ssl-tests/30-supported-groups.conf.in up to 1.1.1.1
crypto/external/bsd/openssl/dist/util/perl/OpenSSL/copyright.pm up to 1.1.1.1
crypto/external/bsd/openssl/dist/test/ssl-tests/16-certstatus.conf delete
crypto/external/bsd/openssl/dist/CHANGES up to 1.30
crypto/external/bsd/openssl/dist/Configure up to 1.31
crypto/external/bsd/openssl/dist/NEWS up to 1.30
crypto/external/bsd/openssl/dist/README up to 1.30
crypto/external/bsd/openssl/dist/config up to 1.1.1.14
crypto/external/bsd/openssl/dist/Configurations/10-main.conf up to 1.1.1.12
crypto/external/bsd/openssl/dist/apps/apps.c up to 1.1.1.23
crypto/external/bsd/openssl/dist/apps/apps.h up to 1.1.1.16
crypto/external/bsd/openssl/dist/apps/ca.c up to 1.22
crypto/external/bsd/openssl/dist/apps/ocsp.c up to 1.23
crypto/external/bsd/openssl/dist/apps/s_cb.c up to 1.1.1.21
crypto/external/bsd/openssl/dist/apps/s_server.c up to 1.25
crypto/external/bsd/openssl/dist/apps/x509.c up to 1.1.1.17
crypto/external/bsd/openssl/dist/crypto/init.c up to 1.1.1.9
crypto/external/bsd/openssl/dist/crypto/s390x_arch.h up to 1.1.1.3
crypto/external/bsd/openssl/dist/crypto/s390xcap.c up to 1.1.1.8
crypto/external/bsd/openssl/dist/crypto/aes/asm/aesni-x86.pl up to 1.1.1.9
crypto/external/bsd/openssl/dist/crypto/aes/asm/aesv8-armx.pl up to 1.1.1.7
crypto/external/bsd/openssl/dist/crypto/asn1/asn_mime.c up to 1.13
crypto/external/bsd/openssl/dist/crypto/asn1/bio_asn1.c up to 1.1.1.9
crypto/external/bsd/openssl/dist/crypto/asn1/bio_ndef.c up to 1.1.1.10
crypto/external/bsd/openssl/dist/crypto/asn1/charmap.pl up to 1.1.1.7
crypto/external/bsd/openssl/dist/crypto/bio/b_print.c up to 1.1.1.11
crypto/external/bsd/openssl/dist/crypto/bn/bn_blind.c up to 1.1.1.7
crypto/external/bsd/openssl/dist/crypto/bn/bn_div.c up to 1.1.1.15
crypto/external/bsd/openssl/dist/crypto/bn/bn_err.c up to 1.1.1.6
crypto/external/bsd/openssl/dist/crypto/bn/bn_exp.c up to 1.21
crypto/external/bsd/openssl/dist/crypto/bn/bn_gcd.c up to 1.1.1.10
crypto/external/bsd/openssl/dist/crypto/bn/bn_local.h up to 1.1.1.3
crypto/external/bsd/openssl/dist/crypto/bn/bn_mont.c up to 1.13
crypto/external/bsd/openssl/dist/crypto/bn/bn_nist.c up to 1.7
crypto/external/bsd/openssl/dist/crypto/bn/bn_prime.pl up to 1.1.1.5
crypto/external/bsd/openssl/dist/crypto/bn/build.info up to 1.1.1.4
crypto/external/bsd/openssl/dist/crypto/bn/rsaz_exp.c up to 1.1.1.4
crypto/external/bsd/openssl/dist/crypto/bn/rsaz_exp.h up to 1.1.1.5
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-mont5.pl up to 1.1.1.14
crypto/external/bsd/openssl/dist/crypto/cms/cms_enc.c up to 1.1.1.10
crypto/external/bsd/openssl/dist/crypto/cms/cms_err.c up to 1.1.1.10
crypto/external/bsd/openssl/dist/crypto/conf/keysets.pl up to 1.1.1.6
crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c up to 1.13
crypto/external/bsd/openssl/dist/crypto/ec/ec_key.c up to 1.7
crypto/external/bsd/openssl/dist/crypto/ec/ecp_nistz256.c up to 1.1.1.9
crypto/external/bsd/openssl/dist/crypto/ec/curve448/curve448.c up to 1.1.1.4
crypto/external/bsd/openssl/dist/crypto/engine/eng_dyn.c up to 1.1.1.10
crypto/external/bsd/openssl/dist/crypto/err/err.c up to 1.1.1.14
crypto/external/bsd/openssl/dist/crypto/err/openssl.txt up to 1.1.1.10
crypto/external/bsd/openssl/dist/crypto/evp/bio_enc.c up to 1.1.1.9
crypto/external/bsd/openssl/dist/crypto/evp/evp_enc.c up to 1.15
crypto/external/bsd/openssl/dist/crypto/evp/evp_local.h up to 1.1.1.2
crypto/external/bsd/openssl/dist/crypto/objects/obj_dat.pl up to 1.1.1.6
crypto/external/bsd/openssl/dist/crypto/objects/objects.pl up to 1.1.1.7
crypto/external/bsd/openssl/dist/crypto/objects/objxref.pl up to 1.1.1.8
crypto/external/bsd/openssl/dist/crypto/pem/pem_lib.c up to 1.1.1.16
crypto/external/bsd/openssl/dist/crypto/rand/drbg_lib.c up to 1.1.1.7
crypto/external/bsd/openssl/dist/crypto/rand/rand_lib.c up to 1.1.1.16
crypto/external/bsd/openssl/dist/crypto/rand/rand_vms.c up to 1.1.1.12
crypto/external/bsd/openssl/dist/crypto/rand/rand_win.c up to 1.1.1.14
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_ameth.c up to 1.1.1.16
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_ossl.c up to 1.1.1.9
crypto/external/bsd/openssl/dist/crypto/txt_db/txt_db.c up to 1.1.1.6
crypto/external/bsd/openssl/dist/crypto/x509/by_dir.c up to 1.1.1.12
crypto/external/bsd/openssl/dist/crypto/x509/x509_cmp.c up to 1.1.1.17
crypto/external/bsd/openssl/dist/crypto/x509/x509_req.c up to 1.1.1.7
crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c up to 1.26
crypto/external/bsd/openssl/dist/crypto/x509/x_all.c up to 1.1.1.13
crypto/external/bsd/openssl/dist/crypto/x509/x_crl.c up to 1.1.1.6
crypto/external/bsd/openssl/dist/crypto/x509/x_name.c up to 1.1.1.6
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_addr.c up to 1.9
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_asid.c up to 1.1.1.8
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_genn.c up to 1.1.1.6
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_lib.c up to 1.1.1.7
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_sxnet.c up to 1.1.1.4
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_utl.c up to 1.1.1.12
crypto/external/bsd/openssl/dist/doc/fingerprints.txt up to 1.1.1.7
crypto/external/bsd/openssl/dist/doc/man1/x509.pod up to 1.1.1.7
crypto/external/bsd/openssl/dist/doc/man3/BIO_f_base64.pod up to 1.1.1.3
crypto/external/bsd/openssl/dist/doc/man3/CMS_add0_cert.pod up to 1.1.1.2
crypto/external/bsd/openssl/dist/doc/man3/CMS_verify.pod up to 1.1.1.4
crypto/external/bsd/openssl/dist/doc/man3/EC_KEY_new.pod up to 1.1.1.3
crypto/external/bsd/openssl/dist/doc/man3/EVP_EncryptInit.pod up to 1.1.1.7
crypto/external/bsd/openssl/dist/doc/man3/OPENSSL_LH_COMPFUNC.pod up to 1.1.1.3
crypto/external/bsd/openssl/dist/doc/man3/OPENSSL_init_crypto.pod up to 1.1.1.4
crypto/external/bsd/openssl/dist/doc/man3/PKCS7_sign.pod up to 1.1.1.3
crypto/external/bsd/openssl/dist/doc/man3/PKCS7_sign_add_signer.pod up to 1.1.1.3
crypto/external/bsd/openssl/dist/doc/man3/PKCS7_verify.pod up to 1.1.1.3
crypto/external/bsd/openssl/dist/doc/man3/SSL_CTX_set1_verify_cert_store.pod up to 1.1.1.3
crypto/external/bsd/openssl/dist/doc/man3/SSL_CTX_set_timeout.pod up to 1.1.1.2
crypto/external/bsd/openssl/dist/doc/man3/SSL_get_current_cipher.pod up to 1.1.1.2
crypto/external/bsd/openssl/dist/doc/man3/X509_STORE_CTX_new.pod up to 1.1.1.6
crypto/external/bsd/openssl/dist/engines/asm/e_padlock-x86.pl up to 1.1.1.3
crypto/external/bsd/openssl/dist/engines/asm/e_padlock-x86_64.pl up to 1.1.1.3
crypto/external/bsd/openssl/dist/include/crypto/bn.h up to 1.1.1.2
crypto/external/bsd/openssl/dist/include/openssl/bnerr.h up to 1.1.1.3
crypto/external/bsd/openssl/dist/include/openssl/cmserr.h up to 1.1.1.3
crypto/external/bsd/openssl/dist/include/openssl/opensslv.h up to 1.1.1.17
crypto/external/bsd/openssl/dist/include/openssl/ssl.h up to 1.1.1.10
crypto/external/bsd/openssl/dist/include/openssl/x509v3.h up to 1.1.1.7
crypto/external/bsd/openssl/dist/ssl/packet.c up to 1.1.1.3
crypto/external/bsd/openssl/dist/ssl/packet_local.h up to 1.1.1.2
crypto/external/bsd/openssl/dist/ssl/s3_enc.c up to 1.17
crypto/external/bsd/openssl/dist/ssl/s3_lib.c up to 1.30
crypto/external/bsd/openssl/dist/ssl/ssl_cert.c up to 1.1.1.17
crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c up to 1.23
crypto/external/bsd/openssl/dist/ssl/ssl_init.c up to 1.1.1.7
crypto/external/bsd/openssl/dist/ssl/ssl_lib.c up to 1.22
crypto/external/bsd/openssl/dist/ssl/ssl_local.h up to 1.1.1.4
crypto/external/bsd/openssl/dist/ssl/ssl_rsa.c up to 1.1.1.11
crypto/external/bsd/openssl/dist/ssl/ssl_txt.c up to 1.1.1.10
crypto/external/bsd/openssl/dist/ssl/t1_enc.c up to 1.22
crypto/external/bsd/openssl/dist/ssl/t1_lib.c up to 1.35
crypto/external/bsd/openssl/dist/ssl/tls13_enc.c up to 1.1.1.7
crypto/external/bsd/openssl/dist/ssl/record/rec_layer_s3.c up to 1.1.1.9
crypto/external/bsd/openssl/dist/ssl/record/ssl3_buffer.c up to 1.1.1.6
crypto/external/bsd/openssl/dist/ssl/record/ssl3_record.c up to 1.1.1.8
crypto/external/bsd/openssl/dist/ssl/statem/extensions_clnt.c up to 1.1.1.8
crypto/external/bsd/openssl/dist/ssl/statem/extensions_srvr.c up to 1.1.1.7
crypto/external/bsd/openssl/dist/ssl/statem/statem_clnt.c up to 1.1.1.14
crypto/external/bsd/openssl/dist/ssl/statem/statem_dtls.c up to 1.1.1.6
crypto/external/bsd/openssl/dist/ssl/statem/statem_srvr.c up to 1.1.1.12
crypto/external/bsd/openssl/dist/test/ct_test.c up to 1.1.1.6
crypto/external/bsd/openssl/dist/test/dtls_mtu_test.c up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/dtlstest.c up to 1.1.1.8
crypto/external/bsd/openssl/dist/test/ec_internal_test.c up to 1.1.1.5
crypto/external/bsd/openssl/dist/test/exptest.c up to 1.5
crypto/external/bsd/openssl/dist/test/pemtest.c up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/sslapitest.c up to 1.1.1.12
crypto/external/bsd/openssl/dist/test/ssltestlib.c up to 1.1.1.8
crypto/external/bsd/openssl/dist/test/ssltestlib.h up to 1.1.1.9
crypto/external/bsd/openssl/dist/test/test_test.c up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/v3ext.c up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/v3nametest.c up to 1.1.1.5
crypto/external/bsd/openssl/dist/test/x509_internal_test.c up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/certs/ee-ed25519.pem up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/certs/embeddedSCTs1-key.pem up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/certs/embeddedSCTs1.pem up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/certs/embeddedSCTs1.sct up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/certs/embeddedSCTs1_issuer.pem up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/certs/root-ed25519.pem up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/certs/rootCA.pem up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/recipes/25-test_x509.t up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/recipes/70-test_tls13hrr.t up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/recipes/80-test_cms.t up to 1.1.1.4
crypto/external/bsd/openssl/dist/test/recipes/80-test_ssl_new.t up to 1.1.1.6
crypto/external/bsd/openssl/dist/test/recipes/10-test_bn_data/bnmod.txt up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpciph.txt up to 1.1.1.5
crypto/external/bsd/openssl/dist/test/recipes/95-test_external_pyca_data/cryptography.sh up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/smime-certs/mksmime-certs.sh up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/smime-certs/smdh.pem up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/smime-certs/smdsa1.pem up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/smime-certs/smdsa2.pem up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/smime-certs/smdsa3.pem up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/smime-certs/smec1.pem up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/smime-certs/smec2.pem up to 1.1.1.2
crypto/external/bsd/openssl/dist/test/smime-certs/smroot.pem up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/smime-certs/smrsa1.pem up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/smime-certs/smrsa2.pem up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/smime-certs/smrsa3.pem up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/ssl-tests/10-resumption.conf up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/ssl-tests/11-dtls_resumption.conf up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/ssl-tests/protocol_version.pm up to 1.1.1.3
crypto/external/bsd/openssl/dist/test/testutil/driver.c up to 1.4
crypto/external/bsd/openssl/dist/tools/c_rehash.in up to 1.1.1.7
crypto/external/bsd/openssl/dist/util/private.num up to 1.1.1.4
crypto/external/bsd/openssl/lib/libcrypto/bn.inc up to 1.8
crypto/external/bsd/openssl/lib/libcrypto/shlib_version up to 1.15
distrib/sets/lists/base/shl.mi 1.944
distrib/sets/lists/debug/shl.mi 1.302
doc/3RDPARTY 1.1912
Import OpenSSL 1.1.1t.
diffstat:
crypto/external/bsd/openssl/dist/CHANGES | 172 ++
crypto/external/bsd/openssl/dist/Configurations/10-main.conf | 16 +-
crypto/external/bsd/openssl/dist/Configure | 18 +-
crypto/external/bsd/openssl/dist/NEWS | 35 +-
crypto/external/bsd/openssl/dist/README | 4 +-
crypto/external/bsd/openssl/dist/apps/apps.c | 17 +-
crypto/external/bsd/openssl/dist/apps/apps.h | 11 +-
crypto/external/bsd/openssl/dist/apps/ca.c | 8 +-
crypto/external/bsd/openssl/dist/apps/ocsp.c | 4 +-
crypto/external/bsd/openssl/dist/apps/s_cb.c | 28 +-
crypto/external/bsd/openssl/dist/apps/s_server.c | 49 +-
crypto/external/bsd/openssl/dist/apps/x509.c | 16 +-
crypto/external/bsd/openssl/dist/config | 3 +-
crypto/external/bsd/openssl/dist/crypto/aes/asm/aesni-x86.pl | 6 +-
crypto/external/bsd/openssl/dist/crypto/aes/asm/aesv8-armx.pl | 64 +-
crypto/external/bsd/openssl/dist/crypto/asn1/asn_mime.c | 6 +-
crypto/external/bsd/openssl/dist/crypto/asn1/bio_asn1.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/asn1/bio_ndef.c | 41 +-
crypto/external/bsd/openssl/dist/crypto/asn1/charmap.pl | 9 +-
crypto/external/bsd/openssl/dist/crypto/bio/b_print.c | 22 +-
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-mont5.pl | 198 +---
crypto/external/bsd/openssl/dist/crypto/bn/bn_blind.c | 16 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_div.c | 8 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_err.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_exp.c | 83 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_gcd.c | 8 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_local.h | 36 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_mont.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_nist.c | 35 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_prime.pl | 9 +-
crypto/external/bsd/openssl/dist/crypto/bn/build.info | 3 +-
crypto/external/bsd/openssl/dist/crypto/bn/rsa_sup_mul.c | 614 ++++++++++
crypto/external/bsd/openssl/dist/crypto/bn/rsaz_exp.c | 10 +-
crypto/external/bsd/openssl/dist/crypto/bn/rsaz_exp.h | 25 +-
crypto/external/bsd/openssl/dist/crypto/cms/cms_enc.c | 5 +
crypto/external/bsd/openssl/dist/crypto/cms/cms_err.c | 2 +
crypto/external/bsd/openssl/dist/crypto/conf/keysets.pl | 10 +-
crypto/external/bsd/openssl/dist/crypto/ec/curve448/curve448.c | 3 +-
crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c | 16 +-
crypto/external/bsd/openssl/dist/crypto/ec/ec_key.c | 15 +-
crypto/external/bsd/openssl/dist/crypto/ec/ecp_nistz256.c | 3 +-
crypto/external/bsd/openssl/dist/crypto/engine/eng_dyn.c | 33 +-
crypto/external/bsd/openssl/dist/crypto/err/err.c | 45 +-
crypto/external/bsd/openssl/dist/crypto/err/openssl.txt | 5 +-
crypto/external/bsd/openssl/dist/crypto/evp/bio_enc.c | 9 +-
crypto/external/bsd/openssl/dist/crypto/evp/evp_enc.c | 10 +-
crypto/external/bsd/openssl/dist/crypto/evp/evp_local.h | 4 +-
crypto/external/bsd/openssl/dist/crypto/init.c | 13 +-
crypto/external/bsd/openssl/dist/crypto/objects/obj_dat.pl | 11 +-
crypto/external/bsd/openssl/dist/crypto/objects/objects.pl | 13 +-
crypto/external/bsd/openssl/dist/crypto/objects/objxref.pl | 13 +-
crypto/external/bsd/openssl/dist/crypto/pem/pem_lib.c | 10 +-
crypto/external/bsd/openssl/dist/crypto/rand/drbg_lib.c | 20 +-
crypto/external/bsd/openssl/dist/crypto/rand/rand_lib.c | 8 +-
crypto/external/bsd/openssl/dist/crypto/rand/rand_vms.c | 90 +-
crypto/external/bsd/openssl/dist/crypto/rand/rand_win.c | 6 +-
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_ameth.c | 1 +
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_ossl.c | 19 +-
crypto/external/bsd/openssl/dist/crypto/s390x_arch.h | 5 +-
crypto/external/bsd/openssl/dist/crypto/s390xcap.c | 5 +-
crypto/external/bsd/openssl/dist/crypto/txt_db/txt_db.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/x509/by_dir.c | 18 +-
crypto/external/bsd/openssl/dist/crypto/x509/x509_cmp.c | 6 +-
crypto/external/bsd/openssl/dist/crypto/x509/x509_req.c | 46 +-
crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/x509/x_all.c | 11 +-
crypto/external/bsd/openssl/dist/crypto/x509/x_crl.c | 14 +-
crypto/external/bsd/openssl/dist/crypto/x509/x_name.c | 8 +-
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_addr.c | 33 +-
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_asid.c | 33 +-
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_genn.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_lib.c | 6 +-
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_sxnet.c | 22 +-
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_utl.c | 9 +-
crypto/external/bsd/openssl/dist/doc/fingerprints.txt | 10 +
crypto/external/bsd/openssl/dist/doc/man1/x509.pod | 24 +-
crypto/external/bsd/openssl/dist/doc/man3/BIO_f_base64.pod | 5 +-
crypto/external/bsd/openssl/dist/doc/man3/CMS_add0_cert.pod | 32 +-
crypto/external/bsd/openssl/dist/doc/man3/CMS_verify.pod | 81 +-
crypto/external/bsd/openssl/dist/doc/man3/EC_KEY_new.pod | 20 +-
crypto/external/bsd/openssl/dist/doc/man3/EVP_EncryptInit.pod | 4 +-
crypto/external/bsd/openssl/dist/doc/man3/OPENSSL_LH_COMPFUNC.pod | 4 +-
crypto/external/bsd/openssl/dist/doc/man3/OPENSSL_init_crypto.pod | 4 +-
crypto/external/bsd/openssl/dist/doc/man3/PKCS7_sign.pod | 47 +-
crypto/external/bsd/openssl/dist/doc/man3/PKCS7_sign_add_signer.pod | 55 +-
crypto/external/bsd/openssl/dist/doc/man3/PKCS7_verify.pod | 104 +-
crypto/external/bsd/openssl/dist/doc/man3/SSL_CTX_set1_verify_cert_store.pod | 15 +-
crypto/external/bsd/openssl/dist/doc/man3/SSL_CTX_set_timeout.pod | 12 +-
crypto/external/bsd/openssl/dist/doc/man3/SSL_get_current_cipher.pod | 6 +-
crypto/external/bsd/openssl/dist/doc/man3/X509_STORE_CTX_new.pod | 10 +-
crypto/external/bsd/openssl/dist/engines/asm/e_padlock-x86.pl | 4 +-
crypto/external/bsd/openssl/dist/engines/asm/e_padlock-x86_64.pl | 4 +-
crypto/external/bsd/openssl/dist/include/crypto/bn.h | 7 +-
crypto/external/bsd/openssl/dist/include/openssl/bnerr.h | 3 +-
crypto/external/bsd/openssl/dist/include/openssl/cmserr.h | 1 +
crypto/external/bsd/openssl/dist/include/openssl/opensslv.h | 6 +-
crypto/external/bsd/openssl/dist/include/openssl/ssl.h | 12 +-
crypto/external/bsd/openssl/dist/include/openssl/x509v3.h | 4 +-
crypto/external/bsd/openssl/dist/ssl/packet.c | 8 +-
crypto/external/bsd/openssl/dist/ssl/packet_local.h | 39 +-
crypto/external/bsd/openssl/dist/ssl/record/rec_layer_s3.c | 33 +-
crypto/external/bsd/openssl/dist/ssl/record/ssl3_buffer.c | 9 +-
crypto/external/bsd/openssl/dist/ssl/record/ssl3_record.c | 16 +-
crypto/external/bsd/openssl/dist/ssl/s3_enc.c | 4 +-
crypto/external/bsd/openssl/dist/ssl/s3_lib.c | 12 +
crypto/external/bsd/openssl/dist/ssl/ssl_cert.c | 6 +
crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c | 4 +-
crypto/external/bsd/openssl/dist/ssl/ssl_init.c | 19 +-
crypto/external/bsd/openssl/dist/ssl/ssl_lib.c | 28 +-
crypto/external/bsd/openssl/dist/ssl/ssl_local.h | 3 +-
crypto/external/bsd/openssl/dist/ssl/ssl_rsa.c | 83 +-
crypto/external/bsd/openssl/dist/ssl/ssl_txt.c | 6 +-
crypto/external/bsd/openssl/dist/ssl/statem/extensions_clnt.c | 23 +-
crypto/external/bsd/openssl/dist/ssl/statem/extensions_srvr.c | 21 +-
crypto/external/bsd/openssl/dist/ssl/statem/statem_clnt.c | 7 +-
crypto/external/bsd/openssl/dist/ssl/statem/statem_dtls.c | 8 +-
crypto/external/bsd/openssl/dist/ssl/statem/statem_srvr.c | 23 +-
crypto/external/bsd/openssl/dist/ssl/t1_enc.c | 4 +-
crypto/external/bsd/openssl/dist/ssl/t1_lib.c | 18 +-
crypto/external/bsd/openssl/dist/ssl/tls13_enc.c | 3 +-
crypto/external/bsd/openssl/dist/test/certs/ee-ed25519.pem | 43 +-
crypto/external/bsd/openssl/dist/test/certs/embeddedSCTs1-key.pem | 38 +-
crypto/external/bsd/openssl/dist/test/certs/embeddedSCTs1.pem | 35 +-
crypto/external/bsd/openssl/dist/test/certs/embeddedSCTs1.sct | 12 +-
crypto/external/bsd/openssl/dist/test/certs/embeddedSCTs1_issuer-key.pem | 15 +
crypto/external/bsd/openssl/dist/test/certs/embeddedSCTs1_issuer.pem | 30 +-
crypto/external/bsd/openssl/dist/test/certs/root-ed25519.pem | 45 +-
crypto/external/bsd/openssl/dist/test/certs/rootCA.pem | 94 +-
crypto/external/bsd/openssl/dist/test/ct_test.c | 4 +-
crypto/external/bsd/openssl/dist/test/dtls_mtu_test.c | 50 +-
crypto/external/bsd/openssl/dist/test/dtlstest.c | 90 +-
crypto/external/bsd/openssl/dist/test/ec_internal_test.c | 36 +-
crypto/external/bsd/openssl/dist/test/exptest.c | 33 +-
crypto/external/bsd/openssl/dist/test/pemtest.c | 32 +-
crypto/external/bsd/openssl/dist/test/recipes/10-test_bn_data/bnmod.txt | 65 +
crypto/external/bsd/openssl/dist/test/recipes/25-test_x509.t | 63 +-
crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpciph.txt | 52 +-
crypto/external/bsd/openssl/dist/test/recipes/70-test_tls13hrr.t | 53 +-
crypto/external/bsd/openssl/dist/test/recipes/80-test_cms.t | 17 +-
crypto/external/bsd/openssl/dist/test/recipes/80-test_ssl_new.t | 6 +-
crypto/external/bsd/openssl/dist/test/recipes/95-test_external_pyca_data/cryptography.sh | 20 +-
crypto/external/bsd/openssl/dist/test/smime-certs/badrsa.pem | 18 +
crypto/external/bsd/openssl/dist/test/smime-certs/mksmime-certs.sh | 24 +-
crypto/external/bsd/openssl/dist/test/smime-certs/smdh.pem | 72 +-
crypto/external/bsd/openssl/dist/test/smime-certs/smdsa1.pem | 86 +-
crypto/external/bsd/openssl/dist/test/smime-certs/smdsa2.pem | 86 +-
crypto/external/bsd/openssl/dist/test/smime-certs/smdsa3.pem | 86 +-
crypto/external/bsd/openssl/dist/test/smime-certs/smec1.pem | 36 +-
crypto/external/bsd/openssl/dist/test/smime-certs/smec2.pem | 38 +-
crypto/external/bsd/openssl/dist/test/smime-certs/smroot.pem | 90 +-
crypto/external/bsd/openssl/dist/test/smime-certs/smrsa1.pem | 90 +-
crypto/external/bsd/openssl/dist/test/smime-certs/smrsa2.pem | 90 +-
crypto/external/bsd/openssl/dist/test/smime-certs/smrsa3.pem | 90 +-
crypto/external/bsd/openssl/dist/test/ssl-tests/10-resumption.conf | 121 +-
crypto/external/bsd/openssl/dist/test/ssl-tests/11-dtls_resumption.conf | 124 ++-
crypto/external/bsd/openssl/dist/test/ssl-tests/30-supported-groups.conf | 54 +
crypto/external/bsd/openssl/dist/test/ssl-tests/30-supported-groups.conf.in | 45 +
crypto/external/bsd/openssl/dist/test/ssl-tests/protocol_version.pm | 65 +-
crypto/external/bsd/openssl/dist/test/sslapitest.c | 566 ++++++++-
crypto/external/bsd/openssl/dist/test/ssltestlib.c | 35 +-
crypto/external/bsd/openssl/dist/test/ssltestlib.h | 3 +-
crypto/external/bsd/openssl/dist/test/test_test.c | 398 +++---
crypto/external/bsd/openssl/dist/test/testutil/driver.c | 2 +-
crypto/external/bsd/openssl/dist/test/v3ext.c | 295 ++++-
crypto/external/bsd/openssl/dist/test/v3nametest.c | 10 +-
crypto/external/bsd/openssl/dist/test/x509_internal_test.c | 57 +-
crypto/external/bsd/openssl/dist/tools/c_rehash.in | 231 ++-
crypto/external/bsd/openssl/dist/util/perl/OpenSSL/copyright.pm | 41 +
crypto/external/bsd/openssl/dist/util/private.num | 4 +
crypto/external/bsd/openssl/lib/libcrypto/bn.inc | 3 +-
crypto/external/bsd/openssl/lib/libcrypto/shlib_version | 4 +-
distrib/sets/lists/base/shl.mi | 6 +-
distrib/sets/lists/debug/shl.mi | 6 +-
doc/3RDPARTY | 8 +-
174 files changed, 5030 insertions(+), 1716 deletions(-)
diffs (truncated from 10795 to 300 lines):
diff -r ca2617c274b4 -r b1fe023663d9 crypto/external/bsd/openssl/dist/CHANGES
--- a/crypto/external/bsd/openssl/dist/CHANGES Fri Feb 24 13:10:53 2023 +0000
+++ b/crypto/external/bsd/openssl/dist/CHANGES Fri Feb 24 13:42:05 2023 +0000
@@ -7,6 +7,178 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
+ Changes between 1.1.1s and 1.1.1t [7 Feb 2023]
+
+ *) Fixed X.400 address type confusion in X.509 GeneralName.
+
+ There is a type confusion vulnerability relating to X.400 address processing
+ inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
+ but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
+ vulnerability may allow an attacker who can provide a certificate chain and
+ CRL (neither of which need have a valid signature) to pass arbitrary
+ pointers to a memcmp call, creating a possible read primitive, subject to
+ some constraints. Refer to the advisory for more information. Thanks to
+ David Benjamin for discovering this issue. (CVE-2023-0286)
+
+ This issue has been fixed by changing the public header file definition of
+ GENERAL_NAME so that x400Address reflects the implementation. It was not
+ possible for any existing application to successfully use the existing
+ definition; however, if any application references the x400Address field
+ (e.g. in dead code), note that the type of this field has changed. There is
+ no ABI change.
+ [Hugo Landau]
+
+ *) Fixed Use-after-free following BIO_new_NDEF.
+
+ The public API function BIO_new_NDEF is a helper function used for
+ streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL
+ to support the SMIME, CMS and PKCS7 streaming capabilities, but may also
+ be called directly by end user applications.
+
+ The function receives a BIO from the caller, prepends a new BIO_f_asn1
+ filter BIO onto the front of it to form a BIO chain, and then returns
+ the new head of the BIO chain to the caller. Under certain conditions,
+ for example if a CMS recipient public key is invalid, the new filter BIO
+ is freed and the function returns a NULL result indicating a failure.
+ However, in this case, the BIO chain is not properly cleaned up and the
+ BIO passed by the caller still retains internal pointers to the previously
+ freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO
+ then a use-after-free will occur. This will most likely result in a crash.
+ (CVE-2023-0215)
+ [Viktor Dukhovni, Matt Caswell]
+
+ *) Fixed Double free after calling PEM_read_bio_ex.
+
+ The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
+ decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
+ data. If the function succeeds then the "name_out", "header" and "data"
+ arguments are populated with pointers to buffers containing the relevant
+ decoded data. The caller is responsible for freeing those buffers. It is
+ possible to construct a PEM file that results in 0 bytes of payload data.
+ In this case PEM_read_bio_ex() will return a failure code but will populate
+ the header argument with a pointer to a buffer that has already been freed.
+ If the caller also frees this buffer then a double free will occur. This
+ will most likely lead to a crash.
+
+ The functions PEM_read_bio() and PEM_read() are simple wrappers around
+ PEM_read_bio_ex() and therefore these functions are also directly affected.
+
+ These functions are also called indirectly by a number of other OpenSSL
+ functions including PEM_X509_INFO_read_bio_ex() and
+ SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL
+ internal uses of these functions are not vulnerable because the caller does
+ not free the header argument if PEM_read_bio_ex() returns a failure code.
+ (CVE-2022-4450)
+ [Kurt Roeckx, Matt Caswell]
+
+ *) Fixed Timing Oracle in RSA Decryption.
+
+ A timing based side channel exists in the OpenSSL RSA Decryption
+ implementation which could be sufficient to recover a plaintext across
+ a network in a Bleichenbacher style attack. To achieve a successful
+ decryption an attacker would have to be able to send a very large number
+ of trial messages for decryption. The vulnerability affects all RSA padding
+ modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
+ (CVE-2022-4304)
+ [Dmitry Belyavsky, Hubert Kario]
+
+ Changes between 1.1.1r and 1.1.1s [1 Nov 2022]
+
+ *) Fixed a regression introduced in 1.1.1r version not refreshing the
+ certificate data to be signed before signing the certificate.
+ [Gibeom Gwon]
+
+ Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
+
+ *) Fixed the linux-mips64 Configure target which was missing the
+ SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
+ platform.
+ [Adam Joseph]
+
+ *) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
+ causing incorrect results in some cases as a result.
+ [Paul Dale]
+
+ *) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
+ report correct results in some cases
+ [Matt Caswell]
+
+ *) Fixed a regression introduced in 1.1.1o for re-signing certificates with
+ different key sizes
+ [Todd Short]
+
+ *) Added the loongarch64 target
+ [Shi Pujin]
+
+ *) Fixed a DRBG seed propagation thread safety issue
+ [Bernd Edlinger]
+
+ *) Fixed a memory leak in tls13_generate_secret
+ [Bernd Edlinger]
+
+ *) Fixed reported performance degradation on aarch64. Restored the
+ implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
+ 32-bit lane assignment in CTR mode") for 64bit targets only, since it is
+ reportedly 2-17% slower and the silicon errata only affects 32bit targets.
+ The new algorithm is still used for 32 bit targets.
+ [Bernd Edlinger]
+
+ *) Added a missing header for memcmp that caused compilation failure on some
+ platforms
+ [Gregor Jasny]
+
+ Changes between 1.1.1p and 1.1.1q [5 Jul 2022]
+
+ *) AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised
+ implementation would not encrypt the entirety of the data under some
+ circumstances. This could reveal sixteen bytes of data that was
+ preexisting in the memory that wasn't written. In the special case of
+ "in place" encryption, sixteen bytes of the plaintext would be revealed.
+
+ Since OpenSSL does not support OCB based cipher suites for TLS and DTLS,
+ they are both unaffected.
+ (CVE-2022-2097)
+ [Alex Chernyakhovsky, David Benjamin, Alejandro Sedeño]
+
+ Changes between 1.1.1o and 1.1.1p [21 Jun 2022]
+
+ *) In addition to the c_rehash shell command injection identified in
+ CVE-2022-1292, further bugs where the c_rehash script does not
+ properly sanitise shell metacharacters to prevent command injection have been
+ fixed.
+
+ When the CVE-2022-1292 was fixed it was not discovered that there
+ are other places in the script where the file names of certificates
+ being hashed were possibly passed to a command executed through the shell.
+
+ This script is distributed by some operating systems in a manner where
+ it is automatically executed. On such operating systems, an attacker
+ could execute arbitrary commands with the privileges of the script.
+
+ Use of the c_rehash script is considered obsolete and should be replaced
+ by the OpenSSL rehash command line tool.
+ (CVE-2022-2068)
+ [Daniel Fiala, Tomáš Mráz]
+
+ *) When OpenSSL TLS client is connecting without any supported elliptic
+ curves and TLS-1.3 protocol is disabled the connection will no longer fail
+ if a ciphersuite that does not use a key exchange based on elliptic
+ curves can be negotiated.
+ [Tomáš Mráz]
+
+ Changes between 1.1.1n and 1.1.1o [3 May 2022]
+
+ *) Fixed a bug in the c_rehash script which was not properly sanitising shell
+ metacharacters to prevent command injection. This script is distributed
+ by some operating systems in a manner where it is automatically executed.
+ On such operating systems, an attacker could execute arbitrary commands
+ with the privileges of the script.
+
+ Use of the c_rehash script is considered obsolete and should be replaced
+ by the OpenSSL rehash command line tool.
+ (CVE-2022-1292)
+ [Tomáš Mráz]
+
Changes between 1.1.1m and 1.1.1n [15 Mar 2022]
*) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
diff -r ca2617c274b4 -r b1fe023663d9 crypto/external/bsd/openssl/dist/Configurations/10-main.conf
--- a/crypto/external/bsd/openssl/dist/Configurations/10-main.conf Fri Feb 24 13:10:53 2023 +0000
+++ b/crypto/external/bsd/openssl/dist/Configurations/10-main.conf Fri Feb 24 13:42:05 2023 +0000
@@ -742,7 +742,7 @@
inherit_from => [ "linux-generic32", asm("mips64_asm") ],
cflags => add("-mabi=n32"),
cxxflags => add("-mabi=n32"),
- bn_ops => "RC4_CHAR",
+ bn_ops => "RC4_CHAR SIXTY_FOUR_BIT",
perlasm_scheme => "n32",
multilib => "32",
},
@@ -761,6 +761,13 @@
perlasm_scheme => "linux64",
},
+ # loongarch64 below refers to contemporary LoongArch Architecture
+ # specifications,
+ "linux64-loongarch64" => {
+ inherit_from => [ "linux-generic64"],
+ perlasm_scheme => "linux64",
+ },
+
#### IA-32 targets...
#### These two targets are a bit aged and are to be used on older Linux
#### machines where gcc doesn't understand -m32 and -m64
@@ -995,6 +1002,13 @@
perlasm_scheme => "linux64",
},
+ "BSD-aarch64" => {
+ inherit_from => [ "BSD-generic64", asm("aarch64_asm") ],
+ lib_cppflags => add("-DL_ENDIAN"),
+ bn_ops => "SIXTY_FOUR_BIT_LONG",
+ perlasm_scheme => "linux64",
+ },
+
"bsdi-elf-gcc" => {
inherit_from => [ "BASE_unix", asm("x86_elf_asm") ],
CC => "gcc",
diff -r ca2617c274b4 -r b1fe023663d9 crypto/external/bsd/openssl/dist/Configure
--- a/crypto/external/bsd/openssl/dist/Configure Fri Feb 24 13:10:53 2023 +0000
+++ b/crypto/external/bsd/openssl/dist/Configure Fri Feb 24 13:42:05 2023 +0000
@@ -1,6 +1,6 @@
#! /usr/bin/env perl
# -*- mode: perl; -*-
-# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1215,7 +1215,7 @@
my ($builder, $builder_platform, @builder_opts) =
@{$target{build_scheme}};
-foreach my $checker (($builder_platform."-".$target{build_file}."-checker.pm",
+foreach my $checker (($builder_platform."-".$config{build_file}."-checker.pm",
$builder_platform."-checker.pm")) {
my $checker_path = catfile($srcdir, "Configurations", $checker);
if (-f $checker_path) {
@@ -1712,8 +1712,8 @@
# Store the name of the template file we will build the build file from
# in %config. This may be useful for the build file itself.
my @build_file_template_names =
- ( $builder_platform."-".$target{build_file}.".tmpl",
- $target{build_file}.".tmpl" );
+ ( $builder_platform."-".$config{build_file}.".tmpl",
+ $config{build_file}.".tmpl" );
my @build_file_templates = ();
# First, look in the user provided directory, if given
@@ -1937,8 +1937,8 @@
}
next if @skip && $skip[$#skip] <= 0;
push @rawlines, $_
- if ($target_kind eq $target{build_file}
- || $target_kind eq $target{build_file}."(".$builder_platform.")");
+ if ($target_kind eq $config{build_file}
+ || $target_kind eq $config{build_file}."(".$builder_platform.")");
}
},
qr/^\s*(?:#.*)?$/ => sub { },
@@ -2813,8 +2813,8 @@
my %builders = (
unified => sub {
- print 'Creating ',$target{build_file},"\n";
- run_dofile(catfile($blddir, $target{build_file}),
+ print 'Creating ',$config{build_file},"\n";
+ run_dofile(catfile($blddir, $config{build_file}),
@{$config{build_file_templates}});
},
);
@@ -2868,7 +2868,7 @@
#
sub death_handler {
die @_ if $^S; # To prevent the added message in eval blocks
- my $build_file = $target{build_file} // "build file";
+ my $build_file = $config{build_file} // "build file";
my @message = ( <<"_____", @_ );
Failure! $build_file wasn't produced.
diff -r ca2617c274b4 -r b1fe023663d9 crypto/external/bsd/openssl/dist/NEWS
--- a/crypto/external/bsd/openssl/dist/NEWS Fri Feb 24 13:10:53 2023 +0000
+++ b/crypto/external/bsd/openssl/dist/NEWS Fri Feb 24 13:42:05 2023 +0000
@@ -5,10 +5,43 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.1.1s and OpenSSL 1.1.1t [7 Feb 2023]
+
+ o Fixed X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
+ o Fixed Use-after-free following BIO_new_NDEF (CVE-2023-0215)
+ o Fixed Double free after calling PEM_read_bio_ex (CVE-2022-4450)
+ o Fixed Timing Oracle in RSA Decryption (CVE-2022-4304)
+
+ Major changes between OpenSSL 1.1.1r and OpenSSL 1.1.1s [1 Nov 2022]
+
Home |
Main Index |
Thread Index |
Old Index