remerge local tweaks, update per-arch configuration headers, update

Makefiles, crank shlib_version
author: djm <> 2008-09-06 12:20:16 +0000
committer: djm <> 2008-09-06 12:20:16 +0000
commit: 1cc2a70b2a8b91d243c2e4ac4e779efd950db5a2 (patch)
tree: 8bad2049c8c0044c7964fd985794ad61777e7163 /src/lib/libssl/src
parent: 6b62d1fdd8a4fd35acfcc0c4bb1bf8b757fa8cda (diff)
download: openbsd-1cc2a70b2a8b91d243c2e4ac4e779efd950db5a2.tar.gz
openbsd-1cc2a70b2a8b91d243c2e4ac4e779efd950db5a2.tar.bz2
openbsd-1cc2a70b2a8b91d243c2e4ac4e779efd950db5a2.zip
8 files changed, 30 insertions, 28 deletions
diff --git a/src/lib/libssl/src/apps/s_apps.h b/src/lib/libssl/src/apps/s_apps.h
index 023faa8467..0b461083eb 100644
--- a/src/lib/libssl/src/apps/s_apps.h
+++ b/src/lib/libssl/src/apps/s_apps.h
@@ -156,7 +156,7 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
 int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
 int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
 #endif
-int init_client(int *sock, char *server, int port, int type, int af);
+int init_client(int *sock, char *server, char *port, int type, int af);
 int should_retry(int i);
 int extract_port(char *str, short *port_ptr);
 int extract_host_port(char *str,char **host_ptr,unsigned char *ip,char **p);
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c
index f01017ba48..3a52853c82 100644
--- a/src/lib/libssl/src/apps/s_client.c
+++ b/src/lib/libssl/src/apps/s_client.c
@@ -319,7 +319,6 @@ int MAIN(int argc, char **argv)
        int sock_type=SOCK_STREAM;
        BIO *sbio;
        char *inrand=NULL;
-        int mbuf_len=0;
 #ifndef OPENSSL_NO_ENGINE
        char *engine_id=NULL;
        ENGINE *e=NULL;
diff --git a/src/lib/libssl/src/apps/s_socket.c b/src/lib/libssl/src/apps/s_socket.c
index 981650bddd..7e47d5118d 100644
--- a/src/lib/libssl/src/apps/s_socket.c
+++ b/src/lib/libssl/src/apps/s_socket.c
@@ -226,18 +226,16 @@ static int ssl_sock_init(void)
        return(1);
        }
-int init_client(int *sock, char *host, int port, int type, int af)
+int init_client(int *sock, char *host, char *port, int type, int af)
        {
        struct addrinfo hints, *ai_top, *ai;
        int i, s;
-        char port_s[NI_MAXSERV];
        memset(&hints, '\0', sizeof(hints));
        hints.ai_family = af;
        hints.ai_socktype = type;
-        snprintf(port_s, sizeof(port_s), "%d", port);
+        if ((i = getaddrinfo(host, port, &hints, &ai_top)) != 0 ||
-        if ((i = getaddrinfo(host, port_s, &hints, &ai_top)) != 0 ||
            ai_top == NULL || ai_top->ai_addr == NULL)
                {
                BIO_printf(bio_err,"getaddrinfo: %s\n", gai_strerror(i));
@@ -246,7 +244,7 @@ int init_client(int *sock, char *host, int port, int type, int af)
        for (ai = ai_top; ai != NULL; ai = ai->ai_next)
                {
-                s=socket(ai->ai_addr->sa_family, SOCK_STREAM, SOCKET_PROTOCOL);
+                s=socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
                if (s == INVALID_SOCKET) { continue; }
 #ifndef OPENSSL_SYS_MPE
        if (type == SOCK_STREAM)
@@ -256,7 +254,7 @@ int init_client(int *sock, char *host, int port, int type, int af)
                if (i < 0) { perror("keepalive"); return(0); }
                }
 #endif
-                if ((i = connect(s, ai->ai_addr, ai->ai_addr->sa_len)) == 0)
+                if ((i = connect(s, ai->ai_addr, ai->ai_addrlen)) == 0)
                        { *sock=s; freeaddrinfo(ai_top); return (1);}
                close(s);
diff --git a/src/lib/libssl/src/crypto/des/des_enc.c b/src/lib/libssl/src/crypto/des/des_enc.c
index 53705b9f5b..0fe4e0b2ad 100644
--- a/src/lib/libssl/src/crypto/des/des_enc.c
+++ b/src/lib/libssl/src/crypto/des/des_enc.c
@@ -58,6 +58,8 @@
 #include "des_locl.h"
+#ifndef OPENBSD_DES_ASM
 void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
        {
        register DES_LONG l,r,t,u;
@@ -246,7 +248,8 @@ void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
        data[1]=ROTATE(r,3)&0xffffffffL;
        l=r=t=u=0;
        }
-#endif
+#endif /* OPENBSD_DES_ASM */
 void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
                  DES_key_schedule *ks2, DES_key_schedule *ks3)
diff --git a/src/lib/libssl/src/crypto/des/fcrypt_b.c b/src/lib/libssl/src/crypto/des/fcrypt_b.c
index 1390138787..c56b461e91 100644
--- a/src/lib/libssl/src/crypto/des/fcrypt_b.c
+++ b/src/lib/libssl/src/crypto/des/fcrypt_b.c
@@ -68,6 +68,8 @@
 #include "des_locl.h"
 #undef DES_FCRYPT
+#ifndef OPENBSD_DES_ASM
 #undef PERM_OP
 #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
        (b)^=(t),\
@@ -143,3 +145,4 @@ void fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0,
        out[1]=l;
        }
+#endif /* OPENBSD_DES_ASM */
diff --git a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
index f734c1c6b7..656cd496f8 100644
--- a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
+++ b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
@@ -269,6 +269,7 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1,
        const char *filespec2)
        {
        char *merged;
+        size_t len;
        if(!filespec1 && !filespec2)
                {
@@ -280,18 +281,20 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1,
           same goes if the second file specification is missing. */
        if (!filespec2 || filespec1[0] == '/')
                {
-                merged = OPENSSL_malloc(strlen(filespec1) + 1);
+                len = strlen(filespec1) + 1;
+                merged = OPENSSL_malloc(len);
                if(!merged)
                        {
                        DSOerr(DSO_F_DLFCN_MERGER,
                                ERR_R_MALLOC_FAILURE);
                        return(NULL);
                        }
-                strcpy(merged, filespec1);
+                strlcpy(merged, filespec1, len);
                }
        /* If the first file specification is missing, the second one rules. */
        else if (!filespec1)
                {
+                len = strlen(filespec2) + 1;
                merged = OPENSSL_malloc(strlen(filespec2) + 1);
                if(!merged)
                        {
@@ -299,7 +302,7 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1,
                                ERR_R_MALLOC_FAILURE);
                        return(NULL);
                        }
-                strcpy(merged, filespec2);
+                strlcpy(merged, filespec2, len);
                }
        else
                /* This part isn't as trivial as it looks.  It assumes that
@@ -325,9 +328,9 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1,
                                ERR_R_MALLOC_FAILURE);
                        return(NULL);
                        }
-                strcpy(merged, filespec2);
+                strlcpy(merged, filespec2, len + 2);
                merged[spec2len] = '/';
-                strcpy(&merged[spec2len + 1], filespec1);
+                strlcpy(&merged[spec2len + 1], filespec1, len + 1 - spec2len);
                }
        return(merged);
        }
diff --git a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c
index a98f5d7e57..4af40cdfc3 100644
--- a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c
+++ b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c
@@ -114,8 +114,9 @@ static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r,
 static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
    const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
 static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I,
-    RSA *rsa);
+    RSA *rsa, BN_CTX *ctx);
-static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+    BN_CTX *ctx);
 static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
    const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
 static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
@@ -978,19 +979,14 @@ err:
 }
 static int
-cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
+cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+    BN_CTX *ctx)
 {
-        int r;
+        return (RSA_PKCS1_SSLeay()->rsa_mod_exp)(r0, I, rsa, ctx);
-        BN_CTX *ctx;
-        ctx = BN_CTX_new();
-        r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
-        BN_CTX_free(ctx);
-        return (r);
 }
 static int
-cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
+cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 {
        struct crypt_kop kop;
        int ret = 1;
@@ -1019,7 +1015,7 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
        if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {
                const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-                ret = (*meth->rsa_mod_exp)(r0, I, rsa);
+                ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
        }
 err:
        zapparams(&kop);
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_alt.c b/src/lib/libssl/src/crypto/x509v3/v3_alt.c
index bb2f5bc54e..ac3139d1e6 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_alt.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_alt.c
@@ -147,9 +147,9 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
                                BIO_snprintf(htmp, sizeof htmp,
                                             "%X", p[0] << 8 | p[1]);
                                p += 2;
-                                strcat(oline, htmp);
+                                strlcat(oline, htmp, sizeof oline);
                                if (i != 7)
-                                        strcat(oline, ":");
+                                        strlcat(oline, ":", sizeof oline);
                                }
                        }
                else
author	djm <>	2008-09-06 12:20:16 +0000
committer	djm <>	2008-09-06 12:20:16 +0000
commit	1cc2a70b2a8b91d243c2e4ac4e779efd950db5a2 (patch)
tree	8bad2049c8c0044c7964fd985794ad61777e7163 /src/lib/libssl/src
parent	6b62d1fdd8a4fd35acfcc0c4bb1bf8b757fa8cda (diff)
download	openbsd-1cc2a70b2a8b91d243c2e4ac4e779efd950db5a2.tar.gz openbsd-1cc2a70b2a8b91d243c2e4ac4e779efd950db5a2.tar.bz2 openbsd-1cc2a70b2a8b91d243c2e4ac4e779efd950db5a2.zip

diff --git a/src/lib/libssl/src/apps/s_apps.h b/src/lib/libssl/src/apps/s_apps.h index 023faa8467..0b461083eb 100644 --- a/src/lib/libssl/src/apps/s_apps.h +++ b/src/lib/libssl/src/apps/s_apps.h
@@ -156,7 +156,7 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
156	int set_cert_stuff(SSL_CTX ctx, char cert_file, char *key_file);	156	int set_cert_stuff(SSL_CTX ctx, char cert_file, char *key_file);
157	int set_cert_key_stuff(SSL_CTX ctx, X509 cert, EVP_PKEY *key);	157	int set_cert_key_stuff(SSL_CTX ctx, X509 cert, EVP_PKEY *key);
158	#endif	158	#endif
159	int init_client(int sock, char server, int port, int type, int af);	159	int init_client(int sock, char server, char *port, int type, int af);
160	int should_retry(int i);	160	int should_retry(int i);
161	int extract_port(char str, short port_ptr);	161	int extract_port(char str, short port_ptr);
162	int extract_host_port(char str,char host_ptr,unsigned char ip,char **p);	162	int extract_host_port(char str,char host_ptr,unsigned char ip,char **p);


diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c index f01017ba48..3a52853c82 100644 --- a/src/lib/libssl/src/apps/s_client.c +++ b/src/lib/libssl/src/apps/s_client.c
@@ -319,7 +319,6 @@ int MAIN(int argc, char **argv)
319	int sock_type=SOCK_STREAM;	319	int sock_type=SOCK_STREAM;
320	BIO *sbio;	320	BIO *sbio;
321	char *inrand=NULL;	321	char *inrand=NULL;
322	int mbuf_len=0;
323	#ifndef OPENSSL_NO_ENGINE	322	#ifndef OPENSSL_NO_ENGINE
324	char *engine_id=NULL;	323	char *engine_id=NULL;
325	ENGINE *e=NULL;	324	ENGINE *e=NULL;


diff --git a/src/lib/libssl/src/apps/s_socket.c b/src/lib/libssl/src/apps/s_socket.c index 981650bddd..7e47d5118d 100644 --- a/src/lib/libssl/src/apps/s_socket.c +++ b/src/lib/libssl/src/apps/s_socket.c
@@ -226,18 +226,16 @@ static int ssl_sock_init(void)
226	return(1);	226	return(1);
227	}	227	}
228		228
229	int init_client(int sock, char host, int port, int type, int af)	229	int init_client(int sock, char host, char *port, int type, int af)
230	{	230	{
231	struct addrinfo hints, ai_top, ai;	231	struct addrinfo hints, ai_top, ai;
232	int i, s;	232	int i, s;
233	char port_s[NI_MAXSERV];
234		233
235	memset(&hints, '\0', sizeof(hints));	234	memset(&hints, '\0', sizeof(hints));
236	hints.ai_family = af;	235	hints.ai_family = af;
237	hints.ai_socktype = type;	236	hints.ai_socktype = type;
238		237
239	snprintf(port_s, sizeof(port_s), "%d", port);	238	if ((i = getaddrinfo(host, port, &hints, &ai_top)) != 0 \|\|
240	if ((i = getaddrinfo(host, port_s, &hints, &ai_top)) != 0 \|\|
241	ai_top == NULL \|\| ai_top->ai_addr == NULL)	239	ai_top == NULL \|\| ai_top->ai_addr == NULL)
242	{	240	{
243	BIO_printf(bio_err,"getaddrinfo: %s\n", gai_strerror(i));	241	BIO_printf(bio_err,"getaddrinfo: %s\n", gai_strerror(i));
@@ -246,7 +244,7 @@ int init_client(int sock, char host, int port, int type, int af)
246		244
247	for (ai = ai_top; ai != NULL; ai = ai->ai_next)	245	for (ai = ai_top; ai != NULL; ai = ai->ai_next)
248	{	246	{
249	s=socket(ai->ai_addr->sa_family, SOCK_STREAM, SOCKET_PROTOCOL);	247	s=socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
250	if (s == INVALID_SOCKET) { continue; }	248	if (s == INVALID_SOCKET) { continue; }
251	#ifndef OPENSSL_SYS_MPE	249	#ifndef OPENSSL_SYS_MPE
252	if (type == SOCK_STREAM)	250	if (type == SOCK_STREAM)
@@ -256,7 +254,7 @@ int init_client(int sock, char host, int port, int type, int af)
256	if (i < 0) { perror("keepalive"); return(0); }	254	if (i < 0) { perror("keepalive"); return(0); }
257	}	255	}
258	#endif	256	#endif
259	if ((i = connect(s, ai->ai_addr, ai->ai_addr->sa_len)) == 0)	257	if ((i = connect(s, ai->ai_addr, ai->ai_addrlen)) == 0)
260	{ *sock=s; freeaddrinfo(ai_top); return (1);}	258	{ *sock=s; freeaddrinfo(ai_top); return (1);}
261		259
262	close(s);	260	close(s);


diff --git a/src/lib/libssl/src/crypto/des/des_enc.c b/src/lib/libssl/src/crypto/des/des_enc.c index 53705b9f5b..0fe4e0b2ad 100644 --- a/src/lib/libssl/src/crypto/des/des_enc.c +++ b/src/lib/libssl/src/crypto/des/des_enc.c
@@ -58,6 +58,8 @@
58		58
59	#include "des_locl.h"	59	#include "des_locl.h"
60		60
		61	#ifndef OPENBSD_DES_ASM
		62
61	void DES_encrypt1(DES_LONG data, DES_key_schedule ks, int enc)	63	void DES_encrypt1(DES_LONG data, DES_key_schedule ks, int enc)
62	{	64	{
63	register DES_LONG l,r,t,u;	65	register DES_LONG l,r,t,u;
@@ -246,7 +248,8 @@ void DES_encrypt2(DES_LONG data, DES_key_schedule ks, int enc)
246	data[1]=ROTATE(r,3)&0xffffffffL;	248	data[1]=ROTATE(r,3)&0xffffffffL;
247	l=r=t=u=0;	249	l=r=t=u=0;
248	}	250	}
249	#endif	251
		252	#endif /* OPENBSD_DES_ASM */
250		253
251	void DES_encrypt3(DES_LONG data, DES_key_schedule ks1,	254	void DES_encrypt3(DES_LONG data, DES_key_schedule ks1,
252	DES_key_schedule ks2, DES_key_schedule ks3)	255	DES_key_schedule ks2, DES_key_schedule ks3)


diff --git a/src/lib/libssl/src/crypto/des/fcrypt_b.c b/src/lib/libssl/src/crypto/des/fcrypt_b.c index 1390138787..c56b461e91 100644 --- a/src/lib/libssl/src/crypto/des/fcrypt_b.c +++ b/src/lib/libssl/src/crypto/des/fcrypt_b.c
@@ -68,6 +68,8 @@
68	#include "des_locl.h"	68	#include "des_locl.h"
69	#undef DES_FCRYPT	69	#undef DES_FCRYPT
70		70
		71	#ifndef OPENBSD_DES_ASM
		72
71	#undef PERM_OP	73	#undef PERM_OP
72	#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\	74	#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
73	(b)^=(t),\	75	(b)^=(t),\
@@ -143,3 +145,4 @@ void fcrypt_body(DES_LONG out, DES_key_schedule ks, DES_LONG Eswap0,
143	out[1]=l;	145	out[1]=l;
144	}	146	}
145		147
		148	#endif /* OPENBSD_DES_ASM */


diff --git a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c index f734c1c6b7..656cd496f8 100644 --- a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c +++ b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
@@ -269,6 +269,7 @@ static char dlfcn_merger(DSO dso, const char *filespec1,
269	const char *filespec2)	269	const char *filespec2)
270	{	270	{
271	char *merged;	271	char *merged;
		272	size_t len;
272		273
273	if(!filespec1 && !filespec2)	274	if(!filespec1 && !filespec2)
274	{	275	{
@@ -280,18 +281,20 @@ static char dlfcn_merger(DSO dso, const char *filespec1,
280	same goes if the second file specification is missing. */	281	same goes if the second file specification is missing. */
281	if (!filespec2 \|\| filespec1[0] == '/')	282	if (!filespec2 \|\| filespec1[0] == '/')
282	{	283	{
283	merged = OPENSSL_malloc(strlen(filespec1) + 1);	284	len = strlen(filespec1) + 1;
		285	merged = OPENSSL_malloc(len);
284	if(!merged)	286	if(!merged)
285	{	287	{
286	DSOerr(DSO_F_DLFCN_MERGER,	288	DSOerr(DSO_F_DLFCN_MERGER,
287	ERR_R_MALLOC_FAILURE);	289	ERR_R_MALLOC_FAILURE);
288	return(NULL);	290	return(NULL);
289	}	291	}
290	strcpy(merged, filespec1);	292	strlcpy(merged, filespec1, len);
291	}	293	}
292	/* If the first file specification is missing, the second one rules. */	294	/* If the first file specification is missing, the second one rules. */
293	else if (!filespec1)	295	else if (!filespec1)
294	{	296	{
		297	len = strlen(filespec2) + 1;
295	merged = OPENSSL_malloc(strlen(filespec2) + 1);	298	merged = OPENSSL_malloc(strlen(filespec2) + 1);
296	if(!merged)	299	if(!merged)
297	{	300	{
@@ -299,7 +302,7 @@ static char dlfcn_merger(DSO dso, const char *filespec1,
299	ERR_R_MALLOC_FAILURE);	302	ERR_R_MALLOC_FAILURE);
300	return(NULL);	303	return(NULL);
301	}	304	}
302	strcpy(merged, filespec2);	305	strlcpy(merged, filespec2, len);
303	}	306	}
304	else	307	else
305	/* This part isn't as trivial as it looks. It assumes that	308	/* This part isn't as trivial as it looks. It assumes that
@@ -325,9 +328,9 @@ static char dlfcn_merger(DSO dso, const char *filespec1,
325	ERR_R_MALLOC_FAILURE);	328	ERR_R_MALLOC_FAILURE);
326	return(NULL);	329	return(NULL);
327	}	330	}
328	strcpy(merged, filespec2);	331	strlcpy(merged, filespec2, len + 2);
329	merged[spec2len] = '/';	332	merged[spec2len] = '/';
330	strcpy(&merged[spec2len + 1], filespec1);	333	strlcpy(&merged[spec2len + 1], filespec1, len + 1 - spec2len);
331	}	334	}
332	return(merged);	335	return(merged);
333	}	336	}


diff --git a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c index a98f5d7e57..4af40cdfc3 100644 --- a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c +++ b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c
@@ -114,8 +114,9 @@ static int cryptodev_asym(struct crypt_kop kop, int rlen, BIGNUM r,
114	static int cryptodev_bn_mod_exp(BIGNUM r, const BIGNUM a,	114	static int cryptodev_bn_mod_exp(BIGNUM r, const BIGNUM a,
115	const BIGNUM p, const BIGNUM m, BN_CTX ctx, BN_MONT_CTX m_ctx);	115	const BIGNUM p, const BIGNUM m, BN_CTX ctx, BN_MONT_CTX m_ctx);
116	static int cryptodev_rsa_nocrt_mod_exp(BIGNUM r0, const BIGNUM I,	116	static int cryptodev_rsa_nocrt_mod_exp(BIGNUM r0, const BIGNUM I,
117	RSA *rsa);	117	RSA rsa, BN_CTX ctx);
118	static int cryptodev_rsa_mod_exp(BIGNUM r0, const BIGNUM I, RSA *rsa);	118	static int cryptodev_rsa_mod_exp(BIGNUM r0, const BIGNUM I, RSA *rsa,
		119	BN_CTX *ctx);
119	static int cryptodev_dsa_bn_mod_exp(DSA dsa, BIGNUM r, BIGNUM *a,	120	static int cryptodev_dsa_bn_mod_exp(DSA dsa, BIGNUM r, BIGNUM *a,
120	const BIGNUM p, const BIGNUM m, BN_CTX ctx, BN_MONT_CTX m_ctx);	121	const BIGNUM p, const BIGNUM m, BN_CTX ctx, BN_MONT_CTX m_ctx);
121	static int cryptodev_dsa_dsa_mod_exp(DSA dsa, BIGNUM t1, BIGNUM *g,	122	static int cryptodev_dsa_dsa_mod_exp(DSA dsa, BIGNUM t1, BIGNUM *g,
@@ -978,19 +979,14 @@ err:
978	}	979	}
979		980
980	static int	981	static int
981	cryptodev_rsa_nocrt_mod_exp(BIGNUM r0, const BIGNUM I, RSA *rsa)	982	cryptodev_rsa_nocrt_mod_exp(BIGNUM r0, const BIGNUM I, RSA *rsa,
		983	BN_CTX *ctx)
982	{	984	{
983	int r;	985	return (RSA_PKCS1_SSLeay()->rsa_mod_exp)(r0, I, rsa, ctx);
984	BN_CTX *ctx;
985
986	ctx = BN_CTX_new();
987	r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
988	BN_CTX_free(ctx);
989	return (r);
990	}	986	}
991		987
992	static int	988	static int
993	cryptodev_rsa_mod_exp(BIGNUM r0, const BIGNUM I, RSA *rsa)	989	cryptodev_rsa_mod_exp(BIGNUM r0, const BIGNUM I, RSA rsa, BN_CTX ctx)
994	{	990	{
995	struct crypt_kop kop;	991	struct crypt_kop kop;
996	int ret = 1;	992	int ret = 1;
@@ -1019,7 +1015,7 @@ cryptodev_rsa_mod_exp(BIGNUM r0, const BIGNUM I, RSA *rsa)
1019		1015
1020	if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {	1016	if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {
1021	const RSA_METHOD *meth = RSA_PKCS1_SSLeay();	1017	const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
1022	ret = (*meth->rsa_mod_exp)(r0, I, rsa);	1018	ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
1023	}	1019	}
1024	err:	1020	err:
1025	zapparams(&kop);	1021	zapparams(&kop);


diff --git a/src/lib/libssl/src/crypto/x509v3/v3_alt.c b/src/lib/libssl/src/crypto/x509v3/v3_alt.c index bb2f5bc54e..ac3139d1e6 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_alt.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_alt.c
@@ -147,9 +147,9 @@ STACK_OF(CONF_VALUE) i2v_GENERAL_NAME(X509V3_EXT_METHOD method,
147	BIO_snprintf(htmp, sizeof htmp,	147	BIO_snprintf(htmp, sizeof htmp,
148	"%X", p[0] << 8 \| p[1]);	148	"%X", p[0] << 8 \| p[1]);
149	p += 2;	149	p += 2;
150	strcat(oline, htmp);	150	strlcat(oline, htmp, sizeof oline);
151	if (i != 7)	151	if (i != 7)
152	strcat(oline, ":");	152	strlcat(oline, ":", sizeof oline);
153	}	153	}
154	}	154	}
155	else	155	else