aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.gitignore4
-rw-r--r--CMakeLists.txt35
-rw-r--r--ChangeLog71
-rw-r--r--apps/openssl/apps_win.c14
-rw-r--r--configure.ac6
-rw-r--r--crypto/CMakeLists.txt29
-rw-r--r--crypto/Makefile.am10
-rw-r--r--crypto/Makefile.am.elf-arm30
-rw-r--r--crypto/compat/crypto_lock_win.c53
-rw-r--r--include/compat/unistd.h1
-rw-r--r--man/links120
-rw-r--r--patches/aeadtest.c.patch10
-rw-r--r--patches/bio.h.patch18
-rw-r--r--patches/http.c.patch12
-rw-r--r--patches/netcat.c.patch72
-rw-r--r--patches/ocsp_test.c.patch8
-rw-r--r--patches/tls_internal.h.patch12
-rw-r--r--patches/tlsexttest.c.patch18
-rw-r--r--ssl/CMakeLists.txt11
-rw-r--r--ssl/Makefile.am14
-rwxr-xr-xtap-driver.sh8
-rw-r--r--tests/CMakeLists.txt16
-rw-r--r--tests/Makefile.am15
-rw-r--r--tls/CMakeLists.txt3
-rwxr-xr-xupdate.sh24
25 files changed, 358 insertions, 256 deletions
diff --git a/.gitignore b/.gitignore
index fb3efdf..cfa91cb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -56,10 +56,12 @@ tests/arc4random_fork*
56tests/asn1evp* 56tests/asn1evp*
57tests/asn1time* 57tests/asn1time*
58tests/bnaddsub* 58tests/bnaddsub*
59tests/bn_rand_interval*
59tests/cipher* 60tests/cipher*
60tests/explicit_bzero* 61tests/explicit_bzero*
61tests/freenull* 62tests/freenull*
62tests/gost2814789t* 63tests/gost2814789t*
64tests/key_schedule*
63tests/mont* 65tests/mont*
64tests/rfc5280time* 66tests/rfc5280time*
65tests/ssl_versions* 67tests/ssl_versions*
@@ -74,6 +76,7 @@ tests/*.pem
74tests/testssl 76tests/testssl
75tests/*.txt 77tests/*.txt
76tests/compat/*.c 78tests/compat/*.c
79tests/x509name*
77!tests/optionstest.c 80!tests/optionstest.c
78!tests/*.test 81!tests/*.test
79 82
@@ -126,6 +129,7 @@ include/openssl/*.h
126/apps/ocspcheck/*.c 129/apps/ocspcheck/*.c
127/apps/ocspcheck/ocspcheck* 130/apps/ocspcheck/ocspcheck*
128/apps/ocspcheck/compat/memmem.c 131/apps/ocspcheck/compat/memmem.c
132/apps/ocspcheck/compat/inet_ntop.c
129 133
130/apps/nc/*.h 134/apps/nc/*.h
131/apps/nc/*.c 135/apps/nc/*.c
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 549849f..a1ca98b 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -55,6 +55,7 @@ if(CMAKE_SYSTEM_NAME MATCHES "Linux")
55 add_definitions(-D_BSD_SOURCE) 55 add_definitions(-D_BSD_SOURCE)
56 add_definitions(-D_POSIX_SOURCE) 56 add_definitions(-D_POSIX_SOURCE)
57 add_definitions(-D_GNU_SOURCE) 57 add_definitions(-D_GNU_SOURCE)
58 set(PLATFORM_LIBS ${PLATFORM_LIBS} pthread)
58endif() 59endif()
59 60
60if(CMAKE_SYSTEM_NAME MATCHES "MINGW") 61if(CMAKE_SYSTEM_NAME MATCHES "MINGW")
@@ -65,22 +66,26 @@ if(WIN32)
65 set(BUILD_NC false) 66 set(BUILD_NC false)
66endif() 67endif()
67 68
69set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O2 -Wall -g")
70
68if(CMAKE_SYSTEM_NAME MATCHES "HP-UX") 71if(CMAKE_SYSTEM_NAME MATCHES "HP-UX")
69 if(CMAKE_C_COMPILER MATCHES "gcc") 72 if(CMAKE_C_COMPILER MATCHES "gcc")
70 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -std=gnu99 -fno-strict-aliasing") 73 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu99 -fno-strict-aliasing")
71 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -mlp64") 74 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -mlp64")
72 else() 75 else()
73 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -g -O2 +DD64 +Otype_safety=off") 76 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} +DD64 +Otype_safety=off")
74 endif() 77 endif()
75 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT") 78 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT")
79 set(PLATFORM_LIBS ${PLATFORM_LIBS} pthread)
76endif() 80endif()
77 81
78if(CMAKE_SYSTEM_NAME MATCHES "SunOS") 82if(CMAKE_SYSTEM_NAME MATCHES "SunOS")
79 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -std=gnu99 -fno-strict-aliasing") 83 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu99 -fno-strict-aliasing")
80 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D__EXTENSIONS__") 84 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D__EXTENSIONS__")
81 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_XOPEN_SOURCE=600") 85 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_XOPEN_SOURCE=600")
82 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DBSD_COMP") 86 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DBSD_COMP")
83 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fpic") 87 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fpic")
88 set(PLATFORM_LIBS ${PLATFORM_LIBS} nsl socket)
84endif() 89endif()
85 90
86add_definitions(-DLIBRESSL_INTERNAL) 91add_definitions(-DLIBRESSL_INTERNAL)
@@ -101,6 +106,7 @@ if(WIN32)
101 add_definitions(-D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS) 106 add_definitions(-D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS)
102 add_definitions(-DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600) 107 add_definitions(-DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600)
103 add_definitions(-DCPPFLAGS -DOPENSSL_NO_SPEED -DNO_SYSLOG -DNO_CRYPT) 108 add_definitions(-DCPPFLAGS -DOPENSSL_NO_SPEED -DNO_SYSLOG -DNO_CRYPT)
109 set(PLATFORM_LIBS ${PLATFORM_LIBS} ws2_32)
104endif() 110endif()
105 111
106if(MSVC) 112if(MSVC)
@@ -254,6 +260,8 @@ if(ENABLE_ASM)
254 if("${CMAKE_C_COMPILER_ABI}" STREQUAL "ELF") 260 if("${CMAKE_C_COMPILER_ABI}" STREQUAL "ELF")
255 if("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "(x86_64|amd64)") 261 if("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "(x86_64|amd64)")
256 set(HOST_ASM_ELF_X86_64 true) 262 set(HOST_ASM_ELF_X86_64 true)
263 elseif("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "arm")
264 set(HOST_ASM_ELF_ARMV4 true)
257 elseif(CMAKE_SYSTEM_NAME STREQUAL "SunOS" AND "${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "i386") 265 elseif(CMAKE_SYSTEM_NAME STREQUAL "SunOS" AND "${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "i386")
258 set(HOST_ASM_ELF_X86_64 true) 266 set(HOST_ASM_ELF_X86_64 true)
259 endif() 267 endif()
@@ -262,27 +270,11 @@ if(ENABLE_ASM)
262 endif() 270 endif()
263endif() 271endif()
264 272
265set(OPENSSL_LIBS tls ssl crypto)
266
267# Add additional required libs
268if(WIN32)
269 set(OPENSSL_LIBS ${OPENSSL_LIBS} ws2_32)
270endif()
271if(CMAKE_SYSTEM_NAME MATCHES "Linux")
272 set(OPENSSL_LIBS ${OPENSSL_LIBS} pthread)
273endif()
274if(CMAKE_SYSTEM_NAME MATCHES "HP-UX")
275 set(OPENSSL_LIBS ${OPENSSL_LIBS} pthread)
276endif()
277if(CMAKE_SYSTEM_NAME MATCHES "SunOS")
278 set(OPENSSL_LIBS ${OPENSSL_LIBS} nsl socket)
279endif()
280
281if(CMAKE_SYSTEM_NAME MATCHES "Linux") 273if(CMAKE_SYSTEM_NAME MATCHES "Linux")
282 # Check if we need -lrt to get clock_gettime on Linux 274 # Check if we need -lrt to get clock_gettime on Linux
283 check_library_exists(rt clock_gettime "time.h" HAVE_CLOCK_GETTIME) 275 check_library_exists(rt clock_gettime "time.h" HAVE_CLOCK_GETTIME)
284 if (HAVE_CLOCK_GETTIME) 276 if (HAVE_CLOCK_GETTIME)
285 set(OPENSSL_LIBS ${OPENSSL_LIBS} rt) 277 set(PLATFORM_LIBS ${PLATFORM_LIBS} rt)
286 endif() 278 endif()
287else() 279else()
288 # Otherwise, simply check if it exists 280 # Otherwise, simply check if it exists
@@ -301,6 +293,8 @@ if(SIZEOF_TIME_T STREQUAL "4")
301endif() 293endif()
302add_definitions(-DSIZEOF_TIME_T=${SIZEOF_TIME_T}) 294add_definitions(-DSIZEOF_TIME_T=${SIZEOF_TIME_T})
303 295
296set(OPENSSL_LIBS tls ssl crypto ${PLATFORM_LIBS})
297
304add_subdirectory(crypto) 298add_subdirectory(crypto)
305add_subdirectory(ssl) 299add_subdirectory(ssl)
306if(LIBRESSL_APPS) 300if(LIBRESSL_APPS)
@@ -322,6 +316,7 @@ if(NOT MSVC)
322 set(exec_prefix \${prefix}) 316 set(exec_prefix \${prefix})
323 set(libdir \${exec_prefix}/${CMAKE_INSTALL_LIBDIR}) 317 set(libdir \${exec_prefix}/${CMAKE_INSTALL_LIBDIR})
324 set(includedir \${prefix}/include) 318 set(includedir \${prefix}/include)
319 string(REGEX REPLACE ";" " -l" PLATFORM_LDADD ";${PLATFORM_LIBS}")
325 file(STRINGS "VERSION" VERSION LIMIT_COUNT 1) 320 file(STRINGS "VERSION" VERSION LIMIT_COUNT 1)
326 file(GLOB OPENSSL_PKGCONFIGS "*.pc.in") 321 file(GLOB OPENSSL_PKGCONFIGS "*.pc.in")
327 foreach(file ${OPENSSL_PKGCONFIGS}) 322 foreach(file ${OPENSSL_PKGCONFIGS})
diff --git a/ChangeLog b/ChangeLog
index 8bf6854..b21ba99 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,75 @@ history is also available from Git.
28 28
29LibreSSL Portable Release Notes: 29LibreSSL Portable Release Notes:
30 30
312.8.2 - Stable release
32
33 * Added Wycheproof support for ECDH and ECDSA Web Crypto test vectors,
34 along with test harness fixes.
35
36 * Fixed memory leak in nc(1)
37
382.8.1 - Test and compatibility improvements
39
40 * Added Wycheproof support for ECDH, RSASSA-PSS, AES-GCM,
41 AES-CMAC, AES-CCM, AES-CBC-PKCS5, DSA, ChaCha20-Poly1305, ECDSA, and
42 X25519 test vectors. Applied appropriate fixes for errors uncovered
43 by tests.
44
45 * Simplified key exchange signature generation and verification.
46
47 * Fixed a one-byte buffer overrun in callers of EVP_read_pw_string
48
49 * Converted more code paths to use CBB/CBS. All handshake messages are
50 now created by CBB.
51
52 * Fixed various memory leaks found by Coverity.
53
54 * Simplified session ticket parsing and handling, inspired by
55 BoringSSL.
56
57 * Modified signature of CRYPTO_mem_leaks_* to return -1. This function
58 is a no-op in LibreSSL, so this function returns an error to not
59 indicate the (non-)existence of memory leaks.
60
61 * SSL_copy_session_id, PEM_Sign, EVP_EncodeUpdate, BIO_set_cipher,
62 X509_OBJECT_up_ref_count now return an int for error handling,
63 matching OpenSSL.
64
65 * Converted a number of #defines into proper functions, matching
66 OpenSSL's ABI.
67
68 * Added X509_get0_serialNumber from OpenSSL.
69
70 * Removed EVP_PKEY2PKCS8_broken and PKCS8_set_broken, while adding
71 PKCS8_pkey_add1_attr_by_NID and PKCS8_pkey_get0_attrs, matching
72 OpenSSL.
73
74 * Removed broken pkcs8 formats from openssl(1).
75
76 * Converted more functions in public API to use const arguments.
77
78 * Stopped handing AES-GCM in ssl_cipher_get_evp, since they use the
79 EVP_AEAD interface.
80
81 * Stopped using composite EVP_CIPHER AEADs.
82
83 * Added timing-safe compares for checking results of signature
84 verification. There are no known attacks, this is just inexpensive
85 prudence.
86
87 * Correctly clear the current cipher state, when changing cipher state.
88 This fixed an issue where renegotiation of cipher suites would fail
89 when switched from AEAD to non-AEAD or vice-versa.
90 Issue reported by Bernard Spil.
91
92 * Added more cipher tests to appstest.sh, including all TLSv1.2
93 ciphers.
94
95 * Added RSA_meth_get_finish() RSA_meth_set1_name() from OpenSSL.
96
97 * Added new EVP_CIPHER_CTX_(get|set)_iv() API that allows the IV to be
98 retrieved and set with appropriate validation.
99
312.8.0 - Bug fixes, security, and compatibility improvements 1002.8.0 - Bug fixes, security, and compatibility improvements
32 101
33 * Extensive documentation updates and additional API history. 102 * Extensive documentation updates and additional API history.
@@ -989,7 +1058,7 @@ LibreSSL Portable Release Notes:
989 1058
990 * Removed nonfunctional Netscape browser-hang workaround code. 1059 * Removed nonfunctional Netscape browser-hang workaround code.
991 1060
992 * Simplfied and refactored SSL/DTLS handshake code. 1061 * Simplified and refactored SSL/DTLS handshake code.
993 1062
994 * Added SHA256 Camellia cipher suites for TLS 1.2 from RFC 5932. 1063 * Added SHA256 Camellia cipher suites for TLS 1.2 from RFC 5932.
995 1064
diff --git a/apps/openssl/apps_win.c b/apps/openssl/apps_win.c
index 6d066c0..364c033 100644
--- a/apps/openssl/apps_win.c
+++ b/apps/openssl/apps_win.c
@@ -13,6 +13,20 @@
13#include "apps.h" 13#include "apps.h"
14 14
15double 15double
16app_timer_real(int get)
17{
18 static __int64 start;
19 __int64 now;
20
21 now = GetTickCount64();
22 if (get) {
23 return (now - start) / 1000.0;
24 }
25 start = now;
26 return 0.0;
27}
28
29double
16app_timer_user(int stop) 30app_timer_user(int stop)
17{ 31{
18 static unsigned __int64 tmstart; 32 static unsigned __int64 tmstart;
diff --git a/configure.ac b/configure.ac
index 16ed825..72a49b3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -80,12 +80,12 @@ CFLAGS="$old_cflags"
80 80
81AS_CASE([$host_cpu], 81AS_CASE([$host_cpu],
82 [*sparc*], [CPPFLAGS="$CPPFLAGS -D__STRICT_ALIGNMENT"], 82 [*sparc*], [CPPFLAGS="$CPPFLAGS -D__STRICT_ALIGNMENT"],
83 [*arm*], AS_IF([test "x$BSWAP4" = "xyes"],, 83 [*arm*], [host_cpu=arm],
84 CPPFLAGS="$CPPFLAGS -D__STRICT_ALIGNMENT"),
85 [*amd64*], [host_cpu=x86_64 HOSTARCH=intel], 84 [*amd64*], [host_cpu=x86_64 HOSTARCH=intel],
86 [i?86], [HOSTARCH=intel], 85 [i?86], [HOSTARCH=intel],
87 [x86_64], [HOSTARCH=intel] 86 [x86_64], [HOSTARCH=intel]
88) 87)
88AS_IF([test "x$BSWAP4" = "xyes" -a "$host_cpu" = "arm" ],,CPPFLAGS="$CPPFLAGS -D__STRICT_ALIGNMENT")
89AM_CONDITIONAL([HOST_CPU_IS_INTEL], [test "x$HOSTARCH" = "xintel"]) 89AM_CONDITIONAL([HOST_CPU_IS_INTEL], [test "x$HOSTARCH" = "xintel"])
90 90
91AC_MSG_CHECKING([if .gnu.warning accepts long strings]) 91AC_MSG_CHECKING([if .gnu.warning accepts long strings])
@@ -105,6 +105,8 @@ AC_ARG_ENABLE([asm],
105AM_CONDITIONAL([OPENSSL_NO_ASM], [test "x$enable_asm" = "xno"]) 105AM_CONDITIONAL([OPENSSL_NO_ASM], [test "x$enable_asm" = "xno"])
106 106
107# Conditionally enable assembly by default 107# Conditionally enable assembly by default
108AM_CONDITIONAL([HOST_ASM_ELF_ARM],
109 [test "x$HOST_ABI" = "xelf" -a "$host_cpu" = "arm" -a "x$enable_asm" != "xno"])
108AM_CONDITIONAL([HOST_ASM_ELF_X86_64], 110AM_CONDITIONAL([HOST_ASM_ELF_X86_64],
109 [test "x$HOST_ABI" = "xelf" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"]) 111 [test "x$HOST_ABI" = "xelf" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"])
110AM_CONDITIONAL([HOST_ASM_MACOSX_X86_64], 112AM_CONDITIONAL([HOST_ASM_MACOSX_X86_64],
diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
index c394360..e84a0f2 100644
--- a/crypto/CMakeLists.txt
+++ b/crypto/CMakeLists.txt
@@ -1,3 +1,28 @@
1if(HOST_ASM_ELF_ARMV4)
2 set(
3 ASM_ARMV4_ELF_SRC
4 aes/aes-elf-armv4.S
5 bn/gf2m-elf-armv4.S
6 bn/mont-elf-armv4.S
7 sha/sha1-elf-armv4.S
8 sha/sha512-elf-armv4.S
9 sha/sha256-elf-armv4.S
10 modes/ghash-elf-armv4.S
11 armv4cpuid.S
12 armcap.c
13 )
14 add_definitions(-DAES_ASM)
15 add_definitions(-DOPENSSL_BN_ASM_MONT)
16 add_definitions(-DOPENSSL_BN_ASM_GF2m)
17 add_definitions(-DGHASH_ASM)
18 add_definitions(-DSHA1_ASM)
19 add_definitions(-DSHA256_ASM)
20 add_definitions(-DSHA512_ASM)
21 add_definitions(-DOPENSSL_CPUID_OBJ)
22 set(CRYPTO_SRC ${CRYPTO_SRC} ${ASM_ARMV4_ELF_SRC})
23 set_property(SOURCE ${ASM_ARMV4_ELF_SRC} PROPERTY LANGUAGE C)
24endif()
25
1if(HOST_ASM_ELF_X86_64) 26if(HOST_ASM_ELF_X86_64)
2 set( 27 set(
3 ASM_X86_64_ELF_SRC 28 ASM_X86_64_ELF_SRC
@@ -120,7 +145,6 @@ set(
120 aes/aes_wrap.c 145 aes/aes_wrap.c
121 asn1/a_bitstr.c 146 asn1/a_bitstr.c
122 asn1/a_bool.c 147 asn1/a_bool.c
123 asn1/a_bytes.c
124 asn1/a_d2i_fp.c 148 asn1/a_d2i_fp.c
125 asn1/a_digest.c 149 asn1/a_digest.c
126 asn1/a_dup.c 150 asn1/a_dup.c
@@ -131,7 +155,6 @@ set(
131 asn1/a_object.c 155 asn1/a_object.c
132 asn1/a_octet.c 156 asn1/a_octet.c
133 asn1/a_print.c 157 asn1/a_print.c
134 asn1/a_set.c
135 asn1/a_sign.c 158 asn1/a_sign.c
136 asn1/a_strex.c 159 asn1/a_strex.c
137 asn1/a_strnid.c 160 asn1/a_strnid.c
@@ -816,8 +839,8 @@ target_include_directories(crypto
816 839
817if (BUILD_SHARED_LIBS) 840if (BUILD_SHARED_LIBS)
818 export_symbol(crypto ${CMAKE_CURRENT_BINARY_DIR}/crypto_p.sym) 841 export_symbol(crypto ${CMAKE_CURRENT_BINARY_DIR}/crypto_p.sym)
842 target_link_libraries(crypto ${PLATFORM_LIBS})
819 if (WIN32) 843 if (WIN32)
820 target_link_libraries(crypto Ws2_32.lib)
821 set(CRYPTO_POSTFIX -${CRYPTO_MAJOR_VERSION}) 844 set(CRYPTO_POSTFIX -${CRYPTO_MAJOR_VERSION})
822 endif() 845 endif()
823 set_target_properties(crypto PROPERTIES 846 set_target_properties(crypto PROPERTIES
diff --git a/crypto/Makefile.am b/crypto/Makefile.am
index 492a30e..e9f0f7a 100644
--- a/crypto/Makefile.am
+++ b/crypto/Makefile.am
@@ -192,9 +192,11 @@ include Makefile.am.arc4random
192libcrypto_la_SOURCES = 192libcrypto_la_SOURCES =
193EXTRA_libcrypto_la_SOURCES = 193EXTRA_libcrypto_la_SOURCES =
194 194
195include Makefile.am.elf-arm
195include Makefile.am.elf-x86_64 196include Makefile.am.elf-x86_64
196include Makefile.am.macosx-x86_64 197include Makefile.am.macosx-x86_64
197 198
199if !HOST_ASM_ELF_ARM
198if !HOST_ASM_ELF_X86_64 200if !HOST_ASM_ELF_X86_64
199if !HOST_ASM_MACOSX_X86_64 201if !HOST_ASM_MACOSX_X86_64
200libcrypto_la_SOURCES += aes/aes_cbc.c 202libcrypto_la_SOURCES += aes/aes_cbc.c
@@ -206,10 +208,16 @@ libcrypto_la_SOURCES += rc4/rc4_skey.c
206libcrypto_la_SOURCES += whrlpool/wp_block.c 208libcrypto_la_SOURCES += whrlpool/wp_block.c
207endif 209endif
208endif 210endif
211endif
209 212
210libcrypto_la_SOURCES += cpt_err.c 213libcrypto_la_SOURCES += cpt_err.c
211libcrypto_la_SOURCES += cryptlib.c 214libcrypto_la_SOURCES += cryptlib.c
212libcrypto_la_SOURCES += crypto_init.c 215libcrypto_la_SOURCES += crypto_init.c
216if !HOST_WIN
217libcrypto_la_SOURCES += crypto_lock.c
218else
219libcrypto_la_SOURCES += crypto_lock_win.c
220endif
213libcrypto_la_SOURCES += cversion.c 221libcrypto_la_SOURCES += cversion.c
214libcrypto_la_SOURCES += ex_data.c 222libcrypto_la_SOURCES += ex_data.c
215libcrypto_la_SOURCES += malloc-wrapper.c 223libcrypto_la_SOURCES += malloc-wrapper.c
@@ -237,7 +245,6 @@ noinst_HEADERS += aes/aes_locl.h
237# asn1 245# asn1
238libcrypto_la_SOURCES += asn1/a_bitstr.c 246libcrypto_la_SOURCES += asn1/a_bitstr.c
239libcrypto_la_SOURCES += asn1/a_bool.c 247libcrypto_la_SOURCES += asn1/a_bool.c
240libcrypto_la_SOURCES += asn1/a_bytes.c
241libcrypto_la_SOURCES += asn1/a_d2i_fp.c 248libcrypto_la_SOURCES += asn1/a_d2i_fp.c
242libcrypto_la_SOURCES += asn1/a_digest.c 249libcrypto_la_SOURCES += asn1/a_digest.c
243libcrypto_la_SOURCES += asn1/a_dup.c 250libcrypto_la_SOURCES += asn1/a_dup.c
@@ -248,7 +255,6 @@ libcrypto_la_SOURCES += asn1/a_mbstr.c
248libcrypto_la_SOURCES += asn1/a_object.c 255libcrypto_la_SOURCES += asn1/a_object.c
249libcrypto_la_SOURCES += asn1/a_octet.c 256libcrypto_la_SOURCES += asn1/a_octet.c
250libcrypto_la_SOURCES += asn1/a_print.c 257libcrypto_la_SOURCES += asn1/a_print.c
251libcrypto_la_SOURCES += asn1/a_set.c
252libcrypto_la_SOURCES += asn1/a_sign.c 258libcrypto_la_SOURCES += asn1/a_sign.c
253libcrypto_la_SOURCES += asn1/a_strex.c 259libcrypto_la_SOURCES += asn1/a_strex.c
254libcrypto_la_SOURCES += asn1/a_strnid.c 260libcrypto_la_SOURCES += asn1/a_strnid.c
diff --git a/crypto/Makefile.am.elf-arm b/crypto/Makefile.am.elf-arm
new file mode 100644
index 0000000..a77c4d3
--- /dev/null
+++ b/crypto/Makefile.am.elf-arm
@@ -0,0 +1,30 @@
1ASM_ARM_ELF = aes/aes-elf-armv4.S
2ASM_ARM_ELF += bn/gf2m-elf-armv4.S
3ASM_ARM_ELF += bn/mont-elf-armv4.S
4ASM_ARM_ELF += sha/sha1-elf-armv4.S
5ASM_ARM_ELF += sha/sha512-elf-armv4.S
6ASM_ARM_ELF += sha/sha256-elf-armv4.S
7ASM_ARM_ELF += modes/ghash-elf-armv4.S
8ASM_ARM_ELF += armv4cpuid.S
9ASM_ARM_ELF += armcap.c
10
11ASM_ARM_ELF += aes/aes_cbc.c
12ASM_ARM_ELF += camellia/camellia.c
13ASM_ARM_ELF += camellia/cmll_cbc.c
14ASM_ARM_ELF += rc4/rc4_enc.c
15ASM_ARM_ELF += rc4/rc4_skey.c
16ASM_ARM_ELF += whrlpool/wp_block.c
17
18EXTRA_DIST += $(ASM_ARM_ELF)
19
20if HOST_ASM_ELF_ARM
21libcrypto_la_CPPFLAGS += -DAES_ASM
22libcrypto_la_CPPFLAGS += -DOPENSSL_BN_ASM_MONT
23libcrypto_la_CPPFLAGS += -DOPENSSL_BN_ASM_GF2m
24libcrypto_la_CPPFLAGS += -DGHASH_ASM
25libcrypto_la_CPPFLAGS += -DSHA1_ASM
26libcrypto_la_CPPFLAGS += -DSHA256_ASM
27libcrypto_la_CPPFLAGS += -DSHA512_ASM
28libcrypto_la_CPPFLAGS += -DOPENSSL_CPUID_OBJ
29libcrypto_la_SOURCES += $(ASM_ARM_ELF)
30endif
diff --git a/crypto/compat/crypto_lock_win.c b/crypto/compat/crypto_lock_win.c
new file mode 100644
index 0000000..47c3dcc
--- /dev/null
+++ b/crypto/compat/crypto_lock_win.c
@@ -0,0 +1,53 @@
1/* $OpenBSD: crypto_lock.c,v 1.1 2018/11/11 06:41:28 bcook Exp $ */
2/*
3 * Copyright (c) 2018 Brent Cook <bcook@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <windows.h>
19
20static HANDLE locks[CRYPTO_NUM_LOCKS];
21
22void
23crypto_init_locks(void)
24{
25 int i;
26
27 for (i = 0; i < CRYPTO_NUM_LOCKS; i++)
28 locks[i] = CreateMutex(NULL, FALSE, NULL);
29}
30
31void
32CRYPTO_lock(int mode, int type, const char *file, int line)
33{
34 if (type < 0 || type >= CRYPTO_NUM_LOCKS)
35 return;
36
37 if (mode & CRYPTO_LOCK)
38 WaitForSingleObject(locks[type], INFINITE);
39 else
40 ReleaseMutex(locks[type]);
41}
42
43int
44CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
45 int line)
46{
47 int ret = 0;
48 CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE, type, file, line);
49 ret = *pointer + amount;
50 *pointer = ret;
51 CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE, type, file, line);
52 return (ret);
53}
diff --git a/include/compat/unistd.h b/include/compat/unistd.h
index e70a390..f521b94 100644
--- a/include/compat/unistd.h
+++ b/include/compat/unistd.h
@@ -62,6 +62,7 @@ int getpagesize(void);
62#endif 62#endif
63 63
64#define pledge(request, paths) 0 64#define pledge(request, paths) 0
65#define unveil(path, permissions) 0
65 66
66#ifndef HAVE_PIPE2 67#ifndef HAVE_PIPE2
67int pipe2(int fildes[2], int flags); 68int pipe2(int fildes[2], int flags);
diff --git a/man/links b/man/links
index 6498fb7..7f60d0e 100644
--- a/man/links
+++ b/man/links
@@ -790,6 +790,7 @@ EVP_EncryptInit.3,EVP_CIPHER_CTX_ctrl.3
790EVP_EncryptInit.3,EVP_CIPHER_CTX_flags.3 790EVP_EncryptInit.3,EVP_CIPHER_CTX_flags.3
791EVP_EncryptInit.3,EVP_CIPHER_CTX_free.3 791EVP_EncryptInit.3,EVP_CIPHER_CTX_free.3
792EVP_EncryptInit.3,EVP_CIPHER_CTX_get_app_data.3 792EVP_EncryptInit.3,EVP_CIPHER_CTX_get_app_data.3
793EVP_EncryptInit.3,EVP_CIPHER_CTX_get_iv.3
793EVP_EncryptInit.3,EVP_CIPHER_CTX_init.3 794EVP_EncryptInit.3,EVP_CIPHER_CTX_init.3
794EVP_EncryptInit.3,EVP_CIPHER_CTX_iv_length.3 795EVP_EncryptInit.3,EVP_CIPHER_CTX_iv_length.3
795EVP_EncryptInit.3,EVP_CIPHER_CTX_key_length.3 796EVP_EncryptInit.3,EVP_CIPHER_CTX_key_length.3
@@ -799,6 +800,7 @@ EVP_EncryptInit.3,EVP_CIPHER_CTX_nid.3
799EVP_EncryptInit.3,EVP_CIPHER_CTX_rand_key.3 800EVP_EncryptInit.3,EVP_CIPHER_CTX_rand_key.3
800EVP_EncryptInit.3,EVP_CIPHER_CTX_reset.3 801EVP_EncryptInit.3,EVP_CIPHER_CTX_reset.3
801EVP_EncryptInit.3,EVP_CIPHER_CTX_set_app_data.3 802EVP_EncryptInit.3,EVP_CIPHER_CTX_set_app_data.3
803EVP_EncryptInit.3,EVP_CIPHER_CTX_set_iv.3
802EVP_EncryptInit.3,EVP_CIPHER_CTX_set_key_length.3 804EVP_EncryptInit.3,EVP_CIPHER_CTX_set_key_length.3
803EVP_EncryptInit.3,EVP_CIPHER_CTX_set_padding.3 805EVP_EncryptInit.3,EVP_CIPHER_CTX_set_padding.3
804EVP_EncryptInit.3,EVP_CIPHER_CTX_type.3 806EVP_EncryptInit.3,EVP_CIPHER_CTX_type.3
@@ -1290,6 +1292,8 @@ RSA_get_ex_new_index.3,RSA_get_ex_data.3
1290RSA_get_ex_new_index.3,RSA_set_ex_data.3 1292RSA_get_ex_new_index.3,RSA_set_ex_data.3
1291RSA_meth_new.3,RSA_meth_dup.3 1293RSA_meth_new.3,RSA_meth_dup.3
1292RSA_meth_new.3,RSA_meth_free.3 1294RSA_meth_new.3,RSA_meth_free.3
1295RSA_meth_new.3,RSA_meth_get_finish.3
1296RSA_meth_new.3,RSA_meth_set1_name.3
1293RSA_meth_new.3,RSA_meth_set_finish.3 1297RSA_meth_new.3,RSA_meth_set_finish.3
1294RSA_meth_new.3,RSA_meth_set_priv_dec.3 1298RSA_meth_new.3,RSA_meth_set_priv_dec.3
1295RSA_meth_new.3,RSA_meth_set_priv_enc.3 1299RSA_meth_new.3,RSA_meth_set_priv_enc.3
@@ -1982,6 +1986,8 @@ d2i_DSAPublicKey.3,d2i_DSA_PUBKEY_bio.3
1982d2i_DSAPublicKey.3,d2i_DSA_PUBKEY_fp.3 1986d2i_DSAPublicKey.3,d2i_DSA_PUBKEY_fp.3
1983d2i_DSAPublicKey.3,d2i_DSA_SIG.3 1987d2i_DSAPublicKey.3,d2i_DSA_SIG.3
1984d2i_DSAPublicKey.3,d2i_DSAparams.3 1988d2i_DSAPublicKey.3,d2i_DSAparams.3
1989d2i_DSAPublicKey.3,d2i_DSAparams_bio.3
1990d2i_DSAPublicKey.3,d2i_DSAparams_fp.3
1985d2i_DSAPublicKey.3,i2d_DSAPrivateKey.3 1991d2i_DSAPublicKey.3,i2d_DSAPrivateKey.3
1986d2i_DSAPublicKey.3,i2d_DSAPrivateKey_bio.3 1992d2i_DSAPublicKey.3,i2d_DSAPrivateKey_bio.3
1987d2i_DSAPublicKey.3,i2d_DSAPrivateKey_fp.3 1993d2i_DSAPublicKey.3,i2d_DSAPrivateKey_fp.3
@@ -1991,6 +1997,8 @@ d2i_DSAPublicKey.3,i2d_DSA_PUBKEY_bio.3
1991d2i_DSAPublicKey.3,i2d_DSA_PUBKEY_fp.3 1997d2i_DSAPublicKey.3,i2d_DSA_PUBKEY_fp.3
1992d2i_DSAPublicKey.3,i2d_DSA_SIG.3 1998d2i_DSAPublicKey.3,i2d_DSA_SIG.3
1993d2i_DSAPublicKey.3,i2d_DSAparams.3 1999d2i_DSAPublicKey.3,i2d_DSAparams.3
2000d2i_DSAPublicKey.3,i2d_DSAparams_bio.3
2001d2i_DSAPublicKey.3,i2d_DSAparams_fp.3
1994d2i_ECPKParameters.3,ECPKParameters_print.3 2002d2i_ECPKParameters.3,ECPKParameters_print.3
1995d2i_ECPKParameters.3,ECPKParameters_print_fp.3 2003d2i_ECPKParameters.3,ECPKParameters_print_fp.3
1996d2i_ECPKParameters.3,ECParameters_dup.3 2004d2i_ECPKParameters.3,ECParameters_dup.3
@@ -2220,118 +2228,6 @@ d2i_X509_SIG.3,i2d_PKCS8_fp.3
2220d2i_X509_SIG.3,i2d_X509_SIG.3 2228d2i_X509_SIG.3,i2d_X509_SIG.3
2221des_read_pw.3,EVP_read_pw_string.3 2229des_read_pw.3,EVP_read_pw_string.3
2222des_read_pw.3,des_read_pw_string.3 2230des_read_pw.3,des_read_pw_string.3
2223engine.3,ENGINE_add.3
2224engine.3,ENGINE_by_id.3
2225engine.3,ENGINE_cleanup.3
2226engine.3,ENGINE_cmd_is_executable.3
2227engine.3,ENGINE_ctrl.3
2228engine.3,ENGINE_ctrl_cmd.3
2229engine.3,ENGINE_ctrl_cmd_string.3
2230engine.3,ENGINE_finish.3
2231engine.3,ENGINE_free.3
2232engine.3,ENGINE_get_DH.3
2233engine.3,ENGINE_get_DSA.3
2234engine.3,ENGINE_get_ECDH.3
2235engine.3,ENGINE_get_ECDSA.3
2236engine.3,ENGINE_get_RAND.3
2237engine.3,ENGINE_get_RSA.3
2238engine.3,ENGINE_get_STORE.3
2239engine.3,ENGINE_get_cipher.3
2240engine.3,ENGINE_get_cipher_engine.3
2241engine.3,ENGINE_get_ciphers.3
2242engine.3,ENGINE_get_cmd_defns.3
2243engine.3,ENGINE_get_ctrl_function.3
2244engine.3,ENGINE_get_default_DH.3
2245engine.3,ENGINE_get_default_DSA.3
2246engine.3,ENGINE_get_default_ECDH.3
2247engine.3,ENGINE_get_default_ECDSA.3
2248engine.3,ENGINE_get_default_RAND.3
2249engine.3,ENGINE_get_default_RSA.3
2250engine.3,ENGINE_get_destroy_function.3
2251engine.3,ENGINE_get_digest.3
2252engine.3,ENGINE_get_digest_engine.3
2253engine.3,ENGINE_get_digests.3
2254engine.3,ENGINE_get_finish_function.3
2255engine.3,ENGINE_get_first.3
2256engine.3,ENGINE_get_flags.3
2257engine.3,ENGINE_get_id.3
2258engine.3,ENGINE_get_init_function.3
2259engine.3,ENGINE_get_last.3
2260engine.3,ENGINE_get_load_privkey_function.3
2261engine.3,ENGINE_get_load_pubkey_function.3
2262engine.3,ENGINE_get_name.3
2263engine.3,ENGINE_get_next.3
2264engine.3,ENGINE_get_prev.3
2265engine.3,ENGINE_get_table_flags.3
2266engine.3,ENGINE_init.3
2267engine.3,ENGINE_load_builtin_engines.3
2268engine.3,ENGINE_load_cryptodev.3
2269engine.3,ENGINE_load_dynamic.3
2270engine.3,ENGINE_load_openssl.3
2271engine.3,ENGINE_load_private_key.3
2272engine.3,ENGINE_load_public_key.3
2273engine.3,ENGINE_new.3
2274engine.3,ENGINE_register_DH.3
2275engine.3,ENGINE_register_DSA.3
2276engine.3,ENGINE_register_ECDH.3
2277engine.3,ENGINE_register_ECDSA.3
2278engine.3,ENGINE_register_RAND.3
2279engine.3,ENGINE_register_RSA.3
2280engine.3,ENGINE_register_STORE.3
2281engine.3,ENGINE_register_all_DH.3
2282engine.3,ENGINE_register_all_DSA.3
2283engine.3,ENGINE_register_all_ECDH.3
2284engine.3,ENGINE_register_all_ECDSA.3
2285engine.3,ENGINE_register_all_RAND.3
2286engine.3,ENGINE_register_all_RSA.3
2287engine.3,ENGINE_register_all_STORE.3
2288engine.3,ENGINE_register_all_ciphers.3
2289engine.3,ENGINE_register_all_complete.3
2290engine.3,ENGINE_register_all_digests.3
2291engine.3,ENGINE_register_ciphers.3
2292engine.3,ENGINE_register_complete.3
2293engine.3,ENGINE_register_digests.3
2294engine.3,ENGINE_remove.3
2295engine.3,ENGINE_set_DH.3
2296engine.3,ENGINE_set_DSA.3
2297engine.3,ENGINE_set_ECDH.3
2298engine.3,ENGINE_set_ECDSA.3
2299engine.3,ENGINE_set_RAND.3
2300engine.3,ENGINE_set_RSA.3
2301engine.3,ENGINE_set_STORE.3
2302engine.3,ENGINE_set_ciphers.3
2303engine.3,ENGINE_set_cmd_defns.3
2304engine.3,ENGINE_set_ctrl_function.3
2305engine.3,ENGINE_set_default.3
2306engine.3,ENGINE_set_default_DH.3
2307engine.3,ENGINE_set_default_DSA.3
2308engine.3,ENGINE_set_default_ECDH.3
2309engine.3,ENGINE_set_default_ECDSA.3
2310engine.3,ENGINE_set_default_RAND.3
2311engine.3,ENGINE_set_default_RSA.3
2312engine.3,ENGINE_set_default_ciphers.3
2313engine.3,ENGINE_set_default_digests.3
2314engine.3,ENGINE_set_default_string.3
2315engine.3,ENGINE_set_destroy_function.3
2316engine.3,ENGINE_set_digests.3
2317engine.3,ENGINE_set_finish_function.3
2318engine.3,ENGINE_set_flags.3
2319engine.3,ENGINE_set_id.3
2320engine.3,ENGINE_set_init_function.3
2321engine.3,ENGINE_set_load_privkey_function.3
2322engine.3,ENGINE_set_load_pubkey_function.3
2323engine.3,ENGINE_set_name.3
2324engine.3,ENGINE_set_table_flags.3
2325engine.3,ENGINE_unregister_DH.3
2326engine.3,ENGINE_unregister_DSA.3
2327engine.3,ENGINE_unregister_ECDH.3
2328engine.3,ENGINE_unregister_ECDSA.3
2329engine.3,ENGINE_unregister_RAND.3
2330engine.3,ENGINE_unregister_RSA.3
2331engine.3,ENGINE_unregister_STORE.3
2332engine.3,ENGINE_unregister_ciphers.3
2333engine.3,ENGINE_unregister_digests.3
2334engine.3,ENGINE_up_ref.3
2335get_rfc3526_prime_8192.3,BN_get_rfc2409_prime_1024.3 2231get_rfc3526_prime_8192.3,BN_get_rfc2409_prime_1024.3
2336get_rfc3526_prime_8192.3,BN_get_rfc2409_prime_768.3 2232get_rfc3526_prime_8192.3,BN_get_rfc2409_prime_768.3
2337get_rfc3526_prime_8192.3,BN_get_rfc3526_prime_1536.3 2233get_rfc3526_prime_8192.3,BN_get_rfc3526_prime_1536.3
diff --git a/patches/aeadtest.c.patch b/patches/aeadtest.c.patch
index ce62107..a7b3fca 100644
--- a/patches/aeadtest.c.patch
+++ b/patches/aeadtest.c.patch
@@ -1,9 +1,9 @@
1--- tests/aeadtest.c.orig 2016-10-18 17:03:33.845870889 +0900 1--- tests/aeadtest.c.orig 2018-07-24 21:59:17.000000000 -0500
2+++ tests/aeadtest.c 2016-10-18 17:11:19.880841283 +0900 2+++ tests/aeadtest.c 2018-11-07 18:44:43.000000000 -0600
3@@ -75,6 +75,12 @@ 3@@ -76,6 +76,12 @@
4 4
5 #define BUF_MAX 1024 5 #define BUF_MAX 1024
6 6
7+#ifdef _MSC_VER 7+#ifdef _MSC_VER
8+#ifdef IN 8+#ifdef IN
9+#undef IN 9+#undef IN
diff --git a/patches/bio.h.patch b/patches/bio.h.patch
index 7212b54..e726e20 100644
--- a/patches/bio.h.patch
+++ b/patches/bio.h.patch
@@ -1,12 +1,12 @@
1--- include/openssl/bio.h.orig Mon Oct 3 06:09:28 2016 1--- include/openssl/bio.h.orig 2018-07-24 21:59:17.000000000 -0500
2+++ include/openssl/bio.h Sun Nov 6 04:24:57 2016 2+++ include/openssl/bio.h 2018-11-07 18:44:43.000000000 -0600
3@@ -678,8 +678,24 @@ 3@@ -713,6 +713,22 @@
4 4
5 /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/ 5 /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/
6 6
7+#ifdef __MINGW_PRINTF_FORMAT 7+#ifdef __MINGW_PRINTF_FORMAT
8 int 8+int
9 BIO_printf(BIO *bio, const char *format, ...) 9+BIO_printf(BIO *bio, const char *format, ...)
10+ __attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 3), __nonnull__(2))); 10+ __attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 3), __nonnull__(2)));
11+int 11+int
12+BIO_vprintf(BIO *bio, const char *format, va_list args) 12+BIO_vprintf(BIO *bio, const char *format, va_list args)
@@ -20,12 +20,10 @@
20+ __attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 0), 20+ __attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 0),
21+ __nonnull__(3))); 21+ __nonnull__(3)));
22+#else 22+#else
23+int
24+BIO_printf(BIO *bio, const char *format, ...)
25 __attribute__((__format__(__printf__, 2, 3), __nonnull__(2)));
26 int 23 int
27 BIO_vprintf(BIO *bio, const char *format, va_list args) 24 BIO_printf(BIO *bio, const char *format, ...)
28@@ -692,6 +708,8 @@ 25 __attribute__((__format__(__printf__, 2, 3), __nonnull__(2)));
26@@ -727,6 +743,8 @@
29 BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) 27 BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
30 __attribute__((__deprecated__, __format__(__printf__, 3, 0), 28 __attribute__((__deprecated__, __format__(__printf__, 3, 0),
31 __nonnull__(3))); 29 __nonnull__(3)));
diff --git a/patches/http.c.patch b/patches/http.c.patch
deleted file mode 100644
index 0e620cf..0000000
--- a/patches/http.c.patch
+++ /dev/null
@@ -1,12 +0,0 @@
1--- apps/ocspcheck/http.c.orig Sun Jun 4 00:45:29 2017
2+++ apps/ocspcheck/http.c Sun Jun 4 00:45:57 2017
3@@ -35,7 +35,9 @@
4 #include "http.h"
5 #include <tls.h>
6
7+#ifndef DEFAULT_CA_FILE
8 #define DEFAULT_CA_FILE "/etc/ssl/cert.pem"
9+#endif
10
11 /*
12 * A buffer for transferring HTTP/S data.
diff --git a/patches/netcat.c.patch b/patches/netcat.c.patch
index 35f88db..07205ec 100644
--- a/patches/netcat.c.patch
+++ b/patches/netcat.c.patch
@@ -1,16 +1,6 @@
1--- apps/nc/netcat.c.orig Mon Jul 17 06:06:51 2017 1--- apps/nc/netcat.c.orig 2018-11-07 17:01:38.000000000 -0600
2+++ apps/nc/netcat.c Mon Jul 17 06:11:24 2017 2+++ apps/nc/netcat.c 2018-11-07 17:37:57.000000000 -0600
3@@ -66,7 +66,9 @@ 3@@ -92,9 +92,13 @@
4 #define POLL_NETIN 2
5 #define POLL_STDOUT 3
6 #define BUFSIZE 16384
7+#ifndef DEFAULT_CA_FILE
8 #define DEFAULT_CA_FILE "/etc/ssl/cert.pem"
9+#endif
10
11 #define TLS_ALL (1 << 1)
12 #define TLS_NOVERIFY (1 << 2)
13@@ -95,9 +97,13 @@
14 int Dflag; /* sodebug */ 4 int Dflag; /* sodebug */
15 int Iflag; /* TCP receive buffer size */ 5 int Iflag; /* TCP receive buffer size */
16 int Oflag; /* TCP send buffer size */ 6 int Oflag; /* TCP send buffer size */
@@ -21,10 +11,10 @@
21+#ifdef SO_RTABLE 11+#ifdef SO_RTABLE
22 int rtableid = -1; 12 int rtableid = -1;
23+#endif 13+#endif
24 14
25 int usetls; /* use TLS */ 15 int usetls; /* use TLS */
26 char *Cflag; /* Public cert file */ 16 char *Cflag; /* Public cert file */
27@@ -266,12 +272,14 @@ 17@@ -266,12 +270,14 @@
28 case 'u': 18 case 'u':
29 uflag = 1; 19 uflag = 1;
30 break; 20 break;
@@ -39,7 +29,7 @@
39 case 'v': 29 case 'v':
40 vflag = 1; 30 vflag = 1;
41 break; 31 break;
42@@ -318,9 +326,11 @@ 32@@ -318,9 +324,11 @@
43 case 'o': 33 case 'o':
44 oflag = optarg; 34 oflag = optarg;
45 break; 35 break;
@@ -51,19 +41,19 @@
51 case 'T': 41 case 'T':
52 errstr = NULL; 42 errstr = NULL;
53 errno = 0; 43 errno = 0;
54@@ -344,9 +354,11 @@ 44@@ -344,9 +352,11 @@
55 argc -= optind; 45 argc -= optind;
56 argv += optind; 46 argv += optind;
57 47
58+#ifdef SO_RTABLE 48+#ifdef SO_RTABLE
59 if (rtableid >= 0) 49 if (rtableid >= 0)
60 if (setrtable(rtableid) == -1) 50 if (setrtable(rtableid) == -1)
61 err(1, "setrtable"); 51 err(1, "setrtable");
62+#endif 52+#endif
63 53
64 if (family == AF_UNIX) { 54 /* Cruft to make sure options are clean, and used properly. */
65 if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1) 55 if (argv[0] && !argv[1] && family == AF_UNIX) {
66@@ -892,7 +904,10 @@ 56@@ -909,7 +919,10 @@
67 remote_connect(const char *host, const char *port, struct addrinfo hints) 57 remote_connect(const char *host, const char *port, struct addrinfo hints)
68 { 58 {
69 struct addrinfo *res, *res0; 59 struct addrinfo *res, *res0;
@@ -72,13 +62,13 @@
72+#ifdef SO_BINDANY 62+#ifdef SO_BINDANY
73+ int on = 1; 63+ int on = 1;
74+#endif 64+#endif
75 65
76 if ((error = getaddrinfo(host, port, &hints, &res0))) 66 if ((error = getaddrinfo(host, port, &hints, &res0)))
77 errx(1, "getaddrinfo for host \"%s\" port %s: %s", host, 67 errx(1, "getaddrinfo for host \"%s\" port %s: %s", host,
78@@ -907,8 +922,10 @@ 68@@ -924,8 +937,10 @@
79 if (sflag || pflag) { 69 if (sflag || pflag) {
80 struct addrinfo ahints, *ares; 70 struct addrinfo ahints, *ares;
81 71
82+#ifdef SO_BINDANY 72+#ifdef SO_BINDANY
83 /* try SO_BINDANY, but don't insist */ 73 /* try SO_BINDANY, but don't insist */
84 setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on)); 74 setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on));
@@ -86,8 +76,8 @@
86 memset(&ahints, 0, sizeof(struct addrinfo)); 76 memset(&ahints, 0, sizeof(struct addrinfo));
87 ahints.ai_family = res->ai_family; 77 ahints.ai_family = res->ai_family;
88 ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM; 78 ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
89@@ -979,7 +996,10 @@ 79@@ -996,7 +1011,10 @@
90 local_listen(char *host, char *port, struct addrinfo hints) 80 local_listen(const char *host, const char *port, struct addrinfo hints)
91 { 81 {
92 struct addrinfo *res, *res0; 82 struct addrinfo *res, *res0;
93- int s = -1, ret, x = 1, save_errno; 83- int s = -1, ret, x = 1, save_errno;
@@ -96,24 +86,24 @@
96+ int ret, x = 1; 86+ int ret, x = 1;
97+#endif 87+#endif
98 int error; 88 int error;
99 89
100 /* Allow nodename to be null. */ 90 /* Allow nodename to be null. */
101@@ -1000,9 +1020,11 @@ 91@@ -1017,9 +1035,11 @@
102 res->ai_protocol)) < 0) 92 res->ai_protocol)) < 0)
103 continue; 93 continue;
104 94
105+#ifdef SO_REUSEPORT 95+#ifdef SO_REUSEPORT
106 ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x)); 96 ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
107 if (ret == -1) 97 if (ret == -1)
108 err(1, NULL); 98 err(1, NULL);
109+#endif 99+#endif
110 100
111 set_common_sockopts(s, res->ai_family); 101 set_common_sockopts(s, res->ai_family);
112 102
113@@ -1458,11 +1480,13 @@ 103@@ -1475,11 +1495,13 @@
114 { 104 {
115 int x = 1; 105 int x = 1;
116 106
117+#ifdef TCP_MD5SIG 107+#ifdef TCP_MD5SIG
118 if (Sflag) { 108 if (Sflag) {
119 if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG, 109 if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
@@ -124,10 +114,10 @@
124 if (Dflag) { 114 if (Dflag) {
125 if (setsockopt(s, SOL_SOCKET, SO_DEBUG, 115 if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
126 &x, sizeof(x)) == -1) 116 &x, sizeof(x)) == -1)
127@@ -1473,9 +1497,16 @@ 117@@ -1490,9 +1512,16 @@
128 IP_TOS, &Tflag, sizeof(Tflag)) == -1) 118 IP_TOS, &Tflag, sizeof(Tflag)) == -1)
129 err(1, "set IP ToS"); 119 err(1, "set IP ToS");
130 120
131+#ifdef IPV6_TCLASS 121+#ifdef IPV6_TCLASS
132 else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, 122 else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
133 IPV6_TCLASS, &Tflag, sizeof(Tflag)) == -1) 123 IPV6_TCLASS, &Tflag, sizeof(Tflag)) == -1)
@@ -141,16 +131,16 @@
141 } 131 }
142 if (Iflag) { 132 if (Iflag) {
143 if (setsockopt(s, SOL_SOCKET, SO_RCVBUF, 133 if (setsockopt(s, SOL_SOCKET, SO_RCVBUF,
144@@ -1499,13 +1530,17 @@ 134@@ -1516,13 +1545,17 @@
145 } 135 }
146 136
147 if (minttl != -1) { 137 if (minttl != -1) {
148+#ifdef IP_MINTTL 138+#ifdef IP_MINTTL
149 if (af == AF_INET && setsockopt(s, IPPROTO_IP, 139 if (af == AF_INET && setsockopt(s, IPPROTO_IP,
150 IP_MINTTL, &minttl, sizeof(minttl))) 140 IP_MINTTL, &minttl, sizeof(minttl)))
151 err(1, "set IP min TTL"); 141 err(1, "set IP min TTL");
152+#endif 142+#endif
153 143
154- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, 144- else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
155+#ifdef IPV6_MINHOPCOUNT 145+#ifdef IPV6_MINHOPCOUNT
156+ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6, 146+ if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
@@ -159,8 +149,8 @@
159+#endif 149+#endif
160 } 150 }
161 } 151 }
162 152
163@@ -1714,14 +1749,22 @@ 153@@ -1748,14 +1781,22 @@
164 \t-P proxyuser\tUsername for proxy authentication\n\ 154 \t-P proxyuser\tUsername for proxy authentication\n\
165 \t-p port\t Specify local port for remote connects\n\ 155 \t-p port\t Specify local port for remote connects\n\
166 \t-R CAfile CA bundle\n\ 156 \t-R CAfile CA bundle\n\
diff --git a/patches/ocsp_test.c.patch b/patches/ocsp_test.c.patch
index aa427db..39f1326 100644
--- a/patches/ocsp_test.c.patch
+++ b/patches/ocsp_test.c.patch
@@ -1,9 +1,9 @@
1--- tests/ocsp_test.c.orig 2016-10-18 18:12:39.854607509 +0900 1--- tests/ocsp_test.c.orig 2018-07-24 21:59:17.000000000 -0500
2+++ tests/ocsp_test.c 2016-10-18 18:14:29.261600559 +0900 2+++ tests/ocsp_test.c 2018-11-07 18:44:43.000000000 -0600
3@@ -16,6 +16,11 @@ 3@@ -35,6 +35,11 @@
4 hints.ai_family = AF_INET; 4 hints.ai_family = AF_INET;
5 hints.ai_socktype = SOCK_STREAM; 5 hints.ai_socktype = SOCK_STREAM;
6 6
7+#ifdef _MSC_VER 7+#ifdef _MSC_VER
8+ if (BIO_sock_init() != 1) 8+ if (BIO_sock_init() != 1)
9+ exit(-1); 9+ exit(-1);
diff --git a/patches/tls_internal.h.patch b/patches/tls_internal.h.patch
deleted file mode 100644
index e82bf96..0000000
--- a/patches/tls_internal.h.patch
+++ /dev/null
@@ -1,12 +0,0 @@
1--- tls/tls_internal.h.orig Sun Jul 9 06:16:17 2017
2+++ tls/tls_internal.h Mon Jul 17 06:10:01 2017
3@@ -26,7 +26,9 @@
4
5 __BEGIN_HIDDEN_DECLS
6
7+#ifndef _PATH_SSL_CA_FILE
8 #define _PATH_SSL_CA_FILE "/etc/ssl/cert.pem"
9+#endif
10
11 #define TLS_CIPHERS_DEFAULT "TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE"
12 #define TLS_CIPHERS_COMPAT "HIGH:!aNULL"
diff --git a/patches/tlsexttest.c.patch b/patches/tlsexttest.c.patch
index 981fc95..cdec053 100644
--- a/patches/tlsexttest.c.patch
+++ b/patches/tlsexttest.c.patch
@@ -1,6 +1,6 @@
1--- tests/tlsexttest.c.orig 2017-12-30 20:03:09.279079726 +0900 1--- tests/tlsexttest.c.orig Wed Nov 7 20:01:26 2018
2+++ tests/tlsexttest.c 2017-12-30 20:07:21.849939140 +0900 2+++ tests/tlsexttest.c Wed Nov 7 20:01:35 2018
3@@ -1676,7 +1676,9 @@ static unsigned char tlsext_sni_clienthe 3@@ -1676,7 +1676,9 @@
4 }; 4 };
5 5
6 static unsigned char tlsext_sni_serverhello[] = { 6 static unsigned char tlsext_sni_serverhello[] = {
@@ -10,7 +10,7 @@
10 10
11 static int 11 static int
12 test_tlsext_sni_clienthello(void) 12 test_tlsext_sni_clienthello(void)
13@@ -1839,9 +1841,9 @@ test_tlsext_sni_serverhello(void) 13@@ -1839,9 +1841,9 @@
14 if (!CBB_finish(&cbb, &data, &dlen)) 14 if (!CBB_finish(&cbb, &data, &dlen))
15 errx(1, "failed to finish CBB"); 15 errx(1, "failed to finish CBB");
16 16
@@ -22,7 +22,7 @@
22 goto err; 22 goto err;
23 } 23 }
24 24
25@@ -1850,14 +1852,14 @@ test_tlsext_sni_serverhello(void) 25@@ -1850,14 +1852,14 @@
26 fprintf(stderr, "received:\n"); 26 fprintf(stderr, "received:\n");
27 hexdump(data, dlen); 27 hexdump(data, dlen);
28 fprintf(stderr, "test data:\n"); 28 fprintf(stderr, "test data:\n");
@@ -39,7 +39,7 @@
39 if (!tlsext_sni_serverhello_parse(ssl, &cbs, &alert)) { 39 if (!tlsext_sni_serverhello_parse(ssl, &cbs, &alert)) {
40 FAIL("failed to parse serverhello SNI\n"); 40 FAIL("failed to parse serverhello SNI\n");
41 goto err; 41 goto err;
42@@ -2741,7 +2743,10 @@ unsigned char tlsext_clienthello_default 42@@ -2741,7 +2743,10 @@
43 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, 0x02, 0x03, 43 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, 0x02, 0x03,
44 }; 44 };
45 45
@@ -51,7 +51,7 @@
51 51
52 static int 52 static int
53 test_tlsext_clienthello_build(void) 53 test_tlsext_clienthello_build(void)
54@@ -2806,18 +2811,18 @@ test_tlsext_clienthello_build(void) 54@@ -2806,18 +2811,18 @@
55 if (!CBB_finish(&cbb, &data, &dlen)) 55 if (!CBB_finish(&cbb, &data, &dlen))
56 errx(1, "failed to finish CBB"); 56 errx(1, "failed to finish CBB");
57 57
@@ -74,7 +74,7 @@
74 goto err; 74 goto err;
75 } 75 }
76 76
77@@ -2832,7 +2837,10 @@ test_tlsext_clienthello_build(void) 77@@ -2832,7 +2837,10 @@
78 return (failure); 78 return (failure);
79 } 79 }
80 80
@@ -86,7 +86,7 @@
86 86
87 unsigned char tlsext_serverhello_enabled[] = { 87 unsigned char tlsext_serverhello_enabled[] = {
88 0x00, 0x13, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 88 0x00, 0x13, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00,
89@@ -2872,18 +2880,18 @@ test_tlsext_serverhello_build(void) 89@@ -2872,18 +2880,18 @@
90 if (!CBB_finish(&cbb, &data, &dlen)) 90 if (!CBB_finish(&cbb, &data, &dlen))
91 errx(1, "failed to finish CBB"); 91 errx(1, "failed to finish CBB");
92 92
diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt
index 1a559e6..911d6bc 100644
--- a/ssl/CMakeLists.txt
+++ b/ssl/CMakeLists.txt
@@ -8,7 +8,6 @@ set(
8 d1_clnt.c 8 d1_clnt.c
9 d1_enc.c 9 d1_enc.c
10 d1_lib.c 10 d1_lib.c
11 d1_meth.c
12 d1_pkt.c 11 d1_pkt.c
13 d1_srtp.c 12 d1_srtp.c
14 d1_srvr.c 13 d1_srvr.c
@@ -24,21 +23,22 @@ set(
24 ssl_err.c 23 ssl_err.c
25 ssl_init.c 24 ssl_init.c
26 ssl_lib.c 25 ssl_lib.c
26 ssl_methods.c
27 ssl_packet.c 27 ssl_packet.c
28 ssl_pkt.c 28 ssl_pkt.c
29 ssl_rsa.c 29 ssl_rsa.c
30 ssl_sess.c 30 ssl_sess.c
31 ssl_sigalgs.c
31 ssl_srvr.c 32 ssl_srvr.c
32 ssl_stat.c 33 ssl_stat.c
33 ssl_tlsext.c 34 ssl_tlsext.c
34 ssl_txt.c 35 ssl_txt.c
35 ssl_versions.c 36 ssl_versions.c
36 t1_clnt.c
37 t1_enc.c 37 t1_enc.c
38 t1_hash.c 38 t1_hash.c
39 t1_lib.c 39 t1_lib.c
40 t1_meth.c 40 tls13_handshake.c
41 t1_srvr.c 41 tls13_key_schedule.c
42) 42)
43 43
44add_library(ssl ${SSL_SRC}) 44add_library(ssl ${SSL_SRC})
@@ -51,9 +51,8 @@ target_include_directories(ssl
51 51
52if (BUILD_SHARED_LIBS) 52if (BUILD_SHARED_LIBS)
53 export_symbol(ssl ${CMAKE_CURRENT_SOURCE_DIR}/ssl.sym) 53 export_symbol(ssl ${CMAKE_CURRENT_SOURCE_DIR}/ssl.sym)
54 target_link_libraries(ssl crypto) 54 target_link_libraries(ssl crypto ${PLATFORM_LIBS})
55 if (WIN32) 55 if (WIN32)
56 target_link_libraries(ssl Ws2_32.lib)
57 set(SSL_POSTFIX -${SSL_MAJOR_VERSION}) 56 set(SSL_POSTFIX -${SSL_MAJOR_VERSION})
58 endif() 57 endif()
59 set_target_properties(ssl PROPERTIES 58 set_target_properties(ssl PROPERTIES
diff --git a/ssl/Makefile.am b/ssl/Makefile.am
index 189876e..4cc1d1d 100644
--- a/ssl/Makefile.am
+++ b/ssl/Makefile.am
@@ -17,7 +17,6 @@ libssl_la_SOURCES += d1_both.c
17libssl_la_SOURCES += d1_clnt.c 17libssl_la_SOURCES += d1_clnt.c
18libssl_la_SOURCES += d1_enc.c 18libssl_la_SOURCES += d1_enc.c
19libssl_la_SOURCES += d1_lib.c 19libssl_la_SOURCES += d1_lib.c
20libssl_la_SOURCES += d1_meth.c
21libssl_la_SOURCES += d1_pkt.c 20libssl_la_SOURCES += d1_pkt.c
22libssl_la_SOURCES += d1_srtp.c 21libssl_la_SOURCES += d1_srtp.c
23libssl_la_SOURCES += d1_srvr.c 22libssl_la_SOURCES += d1_srvr.c
@@ -33,23 +32,26 @@ libssl_la_SOURCES += ssl_clnt.c
33libssl_la_SOURCES += ssl_err.c 32libssl_la_SOURCES += ssl_err.c
34libssl_la_SOURCES += ssl_init.c 33libssl_la_SOURCES += ssl_init.c
35libssl_la_SOURCES += ssl_lib.c 34libssl_la_SOURCES += ssl_lib.c
35libssl_la_SOURCES += ssl_methods.c
36libssl_la_SOURCES += ssl_packet.c 36libssl_la_SOURCES += ssl_packet.c
37libssl_la_SOURCES += ssl_pkt.c 37libssl_la_SOURCES += ssl_pkt.c
38libssl_la_SOURCES += ssl_rsa.c 38libssl_la_SOURCES += ssl_rsa.c
39libssl_la_SOURCES += ssl_sess.c 39libssl_la_SOURCES += ssl_sess.c
40libssl_la_SOURCES += ssl_sigalgs.c
40libssl_la_SOURCES += ssl_srvr.c 41libssl_la_SOURCES += ssl_srvr.c
41libssl_la_SOURCES += ssl_stat.c 42libssl_la_SOURCES += ssl_stat.c
42libssl_la_SOURCES += ssl_tlsext.c 43libssl_la_SOURCES += ssl_tlsext.c
43libssl_la_SOURCES += ssl_txt.c 44libssl_la_SOURCES += ssl_txt.c
44libssl_la_SOURCES += ssl_versions.c 45libssl_la_SOURCES += ssl_versions.c
45libssl_la_SOURCES += t1_clnt.c
46libssl_la_SOURCES += t1_enc.c 46libssl_la_SOURCES += t1_enc.c
47libssl_la_SOURCES += t1_hash.c 47libssl_la_SOURCES += t1_hash.c
48libssl_la_SOURCES += t1_lib.c 48libssl_la_SOURCES += t1_lib.c
49libssl_la_SOURCES += t1_meth.c 49libssl_la_SOURCES += tls13_handshake.c
50libssl_la_SOURCES += t1_srvr.c 50libssl_la_SOURCES += tls13_key_schedule.c
51 51
52noinst_HEADERS = srtp.h 52noinst_HEADERS = bytestring.h
53noinst_HEADERS += srtp.h
53noinst_HEADERS += ssl_locl.h 54noinst_HEADERS += ssl_locl.h
55noinst_HEADERS += ssl_sigalgs.h
54noinst_HEADERS += ssl_tlsext.h 56noinst_HEADERS += ssl_tlsext.h
55noinst_HEADERS += bytestring.h 57noinst_HEADERS += tls13_internal.h
diff --git a/tap-driver.sh b/tap-driver.sh
index 82efa96..2516e9c 100755
--- a/tap-driver.sh
+++ b/tap-driver.sh
@@ -1,5 +1,5 @@
1#! /bin/sh 1#! /bin/sh
2# Copyright (C) 2011-2017 Free Software Foundation, Inc. 2# Copyright (C) 2011-2018 Free Software Foundation, Inc.
3# 3#
4# This program is free software; you can redistribute it and/or modify 4# This program is free software; you can redistribute it and/or modify
5# it under the terms of the GNU General Public License as published by 5# it under the terms of the GNU General Public License as published by
@@ -12,7 +12,7 @@
12# GNU General Public License for more details. 12# GNU General Public License for more details.
13# 13#
14# You should have received a copy of the GNU General Public License 14# You should have received a copy of the GNU General Public License
15# along with this program. If not, see <http://www.gnu.org/licenses/>. 15# along with this program. If not, see <https://www.gnu.org/licenses/>.
16 16
17# As a special exception to the GNU General Public License, if you 17# As a special exception to the GNU General Public License, if you
18# distribute this file as part of a program that contains a 18# distribute this file as part of a program that contains a
@@ -132,7 +132,7 @@ fi
132 # last `echo $?' statement), and would thus die reporting an internal 132 # last `echo $?' statement), and would thus die reporting an internal
133 # error. 133 # error.
134 # For more information, see the Autoconf manual and the threads: 134 # For more information, see the Autoconf manual and the threads:
135 # <http://lists.gnu.org/archive/html/bug-autoconf/2011-09/msg00004.html> 135 # <https://lists.gnu.org/archive/html/bug-autoconf/2011-09/msg00004.html>
136 # <http://mail.opensolaris.org/pipermail/ksh93-integration-discuss/2009-February/004121.html> 136 # <http://mail.opensolaris.org/pipermail/ksh93-integration-discuss/2009-February/004121.html>
137 trap : 1 3 2 13 15 137 trap : 1 3 2 13 15
138 if test $merge -gt 0; then 138 if test $merge -gt 0; then
@@ -643,7 +643,7 @@ test $? -eq 0 || fatal "I/O or internal error"
643# Local Variables: 643# Local Variables:
644# mode: shell-script 644# mode: shell-script
645# sh-indentation: 2 645# sh-indentation: 2
646# eval: (add-hook 'write-file-hooks 'time-stamp) 646# eval: (add-hook 'before-save-hook 'time-stamp)
647# time-stamp-start: "scriptversion=" 647# time-stamp-start: "scriptversion="
648# time-stamp-format: "%:y-%02m-%02d.%02H" 648# time-stamp-format: "%:y-%02m-%02d.%02H"
649# time-stamp-time-zone: "UTC0" 649# time-stamp-time-zone: "UTC0"
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index c0dc2ae..2a9389d 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -69,6 +69,13 @@ add_executable(bnaddsub bnaddsub.c)
69target_link_libraries(bnaddsub ${OPENSSL_LIBS}) 69target_link_libraries(bnaddsub ${OPENSSL_LIBS})
70add_test(bnaddsub bnaddsub) 70add_test(bnaddsub bnaddsub)
71 71
72# bn_rand_interval
73if(NOT BUILD_SHARED_LIBS)
74 add_executable(bn_rand_interval bn_rand_interval.c)
75 target_link_libraries(bn_rand_interval ${OPENSSL_LIBS})
76 add_test(bn_rand_interval bn_rand_interval)
77endif()
78
72# bntest 79# bntest
73if(NOT BUILD_SHARED_LIBS) 80if(NOT BUILD_SHARED_LIBS)
74 add_executable(bntest bntest.c) 81 add_executable(bntest bntest.c)
@@ -220,6 +227,10 @@ add_test(igetest igetest)
220 227
221# keypairtest 228# keypairtest
222if(NOT BUILD_SHARED_LIBS) 229if(NOT BUILD_SHARED_LIBS)
230 add_executable(key_schedule key_schedule.c)
231 target_link_libraries(key_schedule ${OPENSSL_LIBS})
232 add_test(key_schedule key_schedule)
233
223 add_executable(keypairtest keypairtest.c) 234 add_executable(keypairtest keypairtest.c)
224 target_link_libraries(keypairtest ${OPENSSL_LIBS}) 235 target_link_libraries(keypairtest ${OPENSSL_LIBS})
225 add_test(keypairtest keypairtest 236 add_test(keypairtest keypairtest
@@ -467,6 +478,11 @@ add_executable(x25519test x25519test.c)
467target_link_libraries(x25519test ${OPENSSL_LIBS}) 478target_link_libraries(x25519test ${OPENSSL_LIBS})
468add_test(x25519test x25519test) 479add_test(x25519test x25519test)
469 480
481# x509name
482add_executable(x509name x509name.c)
483target_link_libraries(x509name ${OPENSSL_LIBS})
484add_test(x509name x509name)
485
470if(BUILD_SHARED_LIBS) 486if(BUILD_SHARED_LIBS)
471 add_custom_command(TARGET x25519test POST_BUILD 487 add_custom_command(TARGET x25519test POST_BUILD
472 COMMAND "${CMAKE_COMMAND}" -E copy 488 COMMAND "${CMAKE_COMMAND}" -E copy
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 49d1110..256eb44 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -82,6 +82,11 @@ TESTS += bnaddsub
82check_PROGRAMS += bnaddsub 82check_PROGRAMS += bnaddsub
83bnaddsub_SOURCES = bnaddsub.c 83bnaddsub_SOURCES = bnaddsub.c
84 84
85# bn_rand_interval
86TESTS += bn_rand_interval
87check_PROGRAMS += bn_rand_interval
88bn_rand_interval_SOURCES = bn_rand_interval.c
89
85# bntest 90# bntest
86TESTS += bntest 91TESTS += bntest
87bntest_CPPFLAGS = $(AM_CPPFLAGS) -ULIBRESSL_INTERNAL 92bntest_CPPFLAGS = $(AM_CPPFLAGS) -ULIBRESSL_INTERNAL
@@ -231,6 +236,11 @@ check_PROGRAMS += keypairtest
231keypairtest_SOURCES = keypairtest.c 236keypairtest_SOURCES = keypairtest.c
232EXTRA_DIST += keypairtest.sh 237EXTRA_DIST += keypairtest.sh
233 238
239# key_schedule
240TESTS += key_schedule
241check_PROGRAMS += key_schedule
242key_schedule_SOURCES = key_schedule.c
243
234# md4test 244# md4test
235TESTS += md4test 245TESTS += md4test
236check_PROGRAMS += md4test 246check_PROGRAMS += md4test
@@ -420,3 +430,8 @@ verifytest_SOURCES = verifytest.c
420TESTS += x25519test 430TESTS += x25519test
421check_PROGRAMS += x25519test 431check_PROGRAMS += x25519test
422x25519test_SOURCES = x25519test.c 432x25519test_SOURCES = x25519test.c
433
434# x509name
435TESTS += x509name
436check_PROGRAMS += x509name
437x509name_SOURCES = x509name.c
diff --git a/tls/CMakeLists.txt b/tls/CMakeLists.txt
index 3d6dea4..337e89b 100644
--- a/tls/CMakeLists.txt
+++ b/tls/CMakeLists.txt
@@ -40,9 +40,8 @@ target_include_directories(tls
40 40
41if (BUILD_SHARED_LIBS) 41if (BUILD_SHARED_LIBS)
42 export_symbol(tls ${CMAKE_CURRENT_SOURCE_DIR}/tls.sym) 42 export_symbol(tls ${CMAKE_CURRENT_SOURCE_DIR}/tls.sym)
43 target_link_libraries(tls ssl crypto) 43 target_link_libraries(tls ssl crypto ${PLATFORM_LIBS})
44 if (WIN32) 44 if (WIN32)
45 target_link_libraries(tls Ws2_32.lib)
46 set(TLS_POSTFIX -${TLS_MAJOR_VERSION}) 45 set(TLS_POSTFIX -${TLS_MAJOR_VERSION})
47 endif() 46 endif()
48 set_target_properties(tls PROPERTIES 47 set_target_properties(tls PROPERTIES
diff --git a/update.sh b/update.sh
index 2cfbb33..3315311 100755
--- a/update.sh
+++ b/update.sh
@@ -32,17 +32,17 @@ bin_src=$OPENBSD_SRC/usr.bin
32sbin_src=$OPENBSD_SRC/usr.sbin 32sbin_src=$OPENBSD_SRC/usr.sbin
33 33
34# load library versions 34# load library versions
35. $libcrypto_src/shlib_version 35. "$libcrypto_src/shlib_version"
36libcrypto_version=$major:$minor:0 36libcrypto_version=$major:$minor:0
37echo "libcrypto version $libcrypto_version" 37echo "libcrypto version $libcrypto_version"
38echo $libcrypto_version > crypto/VERSION 38echo $libcrypto_version > crypto/VERSION
39 39
40. $libssl_src/shlib_version 40. "$libssl_src/shlib_version"
41libssl_version=$major:$minor:0 41libssl_version=$major:$minor:0
42echo "libssl version $libssl_version" 42echo "libssl version $libssl_version"
43echo $libssl_version > ssl/VERSION 43echo $libssl_version > ssl/VERSION
44 44
45. $libtls_src/shlib_version 45. "$libtls_src/shlib_version"
46libtls_version=$major:$minor:0 46libtls_version=$major:$minor:0
47echo "libtls version $libtls_version" 47echo "libtls version $libtls_version"
48echo $libtls_version > tls/VERSION 48echo $libtls_version > tls/VERSION
@@ -126,7 +126,7 @@ copy_hdrs $libcrypto_src "stack/stack.h lhash/lhash.h stack/safestack.h
126 objects/objects.h asn1/asn1.h bn/bn.h ec/ec.h ecdsa/ecdsa.h 126 objects/objects.h asn1/asn1.h bn/bn.h ec/ec.h ecdsa/ecdsa.h
127 ecdh/ecdh.h rsa/rsa.h sha/sha.h x509/x509_vfy.h pkcs7/pkcs7.h pem/pem.h 127 ecdh/ecdh.h rsa/rsa.h sha/sha.h x509/x509_vfy.h pkcs7/pkcs7.h pem/pem.h
128 pem/pem2.h hkdf/hkdf.h hmac/hmac.h rand/rand.h md5/md5.h 128 pem/pem2.h hkdf/hkdf.h hmac/hmac.h rand/rand.h md5/md5.h
129 asn1/asn1_mac.h x509v3/x509v3.h conf/conf.h ocsp/ocsp.h 129 x509v3/x509v3.h conf/conf.h ocsp/ocsp.h
130 aes/aes.h modes/modes.h asn1/asn1t.h dso/dso.h bf/blowfish.h 130 aes/aes.h modes/modes.h asn1/asn1t.h dso/dso.h bf/blowfish.h
131 bio/bio.h cast/cast.h cmac/cmac.h conf/conf_api.h des/des.h dh/dh.h 131 bio/bio.h cast/cast.h cmac/cmac.h conf/conf_api.h des/des.h dh/dh.h
132 dsa/dsa.h engine/engine.h ui/ui.h pkcs12/pkcs12.h ts/ts.h 132 dsa/dsa.h engine/engine.h ui/ui.h pkcs12/pkcs12.h ts/ts.h
@@ -154,6 +154,7 @@ for i in `awk '/SOURCES|HEADERS/ { print $3 }' crypto/Makefile.am` ; do
154 fi 154 fi
155done 155done
156$CP crypto/compat/b_win.c crypto/bio 156$CP crypto/compat/b_win.c crypto/bio
157$CP crypto/compat/crypto_lock_win.c crypto
157$CP crypto/compat/ui_openssl_win.c crypto/ui 158$CP crypto/compat/ui_openssl_win.c crypto/ui
158# add the libcrypto symbol export list 159# add the libcrypto symbol export list
159$GREP -v OPENSSL_ia32cap_P $libcrypto_src/Symbols.list | $GREP '^[A-Za-z0-9_]' > crypto/crypto.sym 160$GREP -v OPENSSL_ia32cap_P $libcrypto_src/Symbols.list | $GREP '^[A-Za-z0-9_]' > crypto/crypto.sym
@@ -178,8 +179,21 @@ gen_asm() {
178 EOF 179 EOF
179 $MV $3.tmp $3 180 $MV $3.tmp $3
180} 181}
182
183echo generating arm ASM source for elf
184gen_asm_stdout elf aes/asm/aes-armv4.pl crypto/aes/aes-elf-armv4.S
185gen_asm_stdout elf bn/asm/armv4-gf2m.pl crypto/bn/gf2m-elf-armv4.S
186gen_asm_stdout elf bn/asm/armv4-mont.pl crypto/bn/mont-elf-armv4.S
187gen_asm_stdout elf sha/asm/sha1-armv4-large.pl crypto/sha/sha1-elf-armv4.S
188gen_asm_stdout elf sha/asm/sha256-armv4.pl crypto/sha/sha256-elf-armv4.S
189gen_asm_stdout elf sha/asm/sha512-armv4.pl crypto/sha/sha512-elf-armv4.S
190gen_asm_stdout elf modes/asm/ghash-armv4.pl crypto/modes/ghash-elf-armv4.S
191$CP $libcrypto_src/armv4cpuid.S crypto
192$CP $libcrypto_src/armcap.c crypto
193$CP $libcrypto_src/arm_arch.h crypto
194
181for abi in elf macosx; do 195for abi in elf macosx; do
182 echo generating ASM source for $abi 196 echo generating x86_64 ASM source for $abi
183 gen_asm_stdout $abi aes/asm/aes-x86_64.pl crypto/aes/aes-$abi-x86_64.S 197 gen_asm_stdout $abi aes/asm/aes-x86_64.pl crypto/aes/aes-$abi-x86_64.S
184 gen_asm_stdout $abi aes/asm/vpaes-x86_64.pl crypto/aes/vpaes-$abi-x86_64.S 198 gen_asm_stdout $abi aes/asm/vpaes-x86_64.pl crypto/aes/vpaes-$abi-x86_64.S
185 gen_asm_stdout $abi aes/asm/bsaes-x86_64.pl crypto/aes/bsaes-$abi-x86_64.S 199 gen_asm_stdout $abi aes/asm/bsaes-x86_64.pl crypto/aes/bsaes-$abi-x86_64.S
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-17 10:32:26 +0000