CVS commit: src/crypto/external/bsd/openssl/dist

2024-06-11 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Tue Jun 11 14:47:52 UTC 2024

Modified Files:
src/crypto/external/bsd/openssl/dist: Configure e_os.h
src/crypto/external/bsd/openssl/dist/apps: ocsp.c req.c s_server.c
speed.c
src/crypto/external/bsd/openssl/dist/apps/lib: opt.c
src/crypto/external/bsd/openssl/dist/crypto/bio: bio_lib.c
src/crypto/external/bsd/openssl/dist/crypto/bn: bn_exp.c bn_lib.c
bn_nist.c bn_rand.c
src/crypto/external/bsd/openssl/dist/crypto/err: openssl.ec
src/crypto/external/bsd/openssl/dist/crypto/evp: e_aes.c
src/crypto/external/bsd/openssl/dist/crypto/rsa: rsa_lib.c
src/crypto/external/bsd/openssl/dist/include/internal: refcount.h
src/crypto/external/bsd/openssl/dist/include/openssl: bio.h.in
src/crypto/external/bsd/openssl/dist/ssl: d1_lib.c s3_enc.c s3_lib.c
ssl_ciph.c ssl_err.c ssl_lib.c ssl_sess.c t1_enc.c t1_lib.c
src/crypto/external/bsd/openssl/dist/test: bntest.c dsatest.c
ecdsatest.c evp_extra_test.c evp_test.c
Removed Files:
src/crypto/external/bsd/openssl/dist: FAQ.md

Log Message:
Merge conflicts between 3.0.12 and 3.0.14


To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssl/dist/Configure
cvs rdiff -u -r1.1.1.1 -r0 src/crypto/external/bsd/openssl/dist/FAQ.md
cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssl/dist/e_os.h
cvs rdiff -u -r1.24 -r1.25 src/crypto/external/bsd/openssl/dist/apps/ocsp.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssl/dist/apps/req.c
cvs rdiff -u -r1.29 -r1.30 \
src/crypto/external/bsd/openssl/dist/apps/s_server.c
cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssl/dist/apps/speed.c
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/apps/lib/opt.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/bio/bio_lib.c
cvs rdiff -u -r1.22 -r1.23 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_exp.c
cvs rdiff -u -r1.17 -r1.18 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_lib.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_nist.c
cvs rdiff -u -r1.6 -r1.7 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_rand.c
cvs rdiff -u -r1.7 -r1.8 \
src/crypto/external/bsd/openssl/dist/crypto/err/openssl.ec
cvs rdiff -u -r1.26 -r1.27 \
src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_lib.c
cvs rdiff -u -r1.7 -r1.8 \
src/crypto/external/bsd/openssl/dist/include/internal/refcount.h
cvs rdiff -u -r1.2 -r1.3 \
src/crypto/external/bsd/openssl/dist/include/openssl/bio.h.in
cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssl/dist/ssl/d1_lib.c \
src/crypto/external/bsd/openssl/dist/ssl/ssl_sess.c
cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c
cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c
cvs rdiff -u -r1.24 -r1.25 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c \
src/crypto/external/bsd/openssl/dist/ssl/ssl_lib.c
cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssl/dist/ssl/ssl_err.c
cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c
cvs rdiff -u -r1.38 -r1.39 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssl/dist/test/bntest.c \
src/crypto/external/bsd/openssl/dist/test/evp_test.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssl/dist/test/dsatest.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/test/ecdsatest.c
cvs rdiff -u -r1.14 -r1.15 \
src/crypto/external/bsd/openssl/dist/test/evp_extra_test.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/Configure
diff -u src/crypto/external/bsd/openssl/dist/Configure:1.34 src/crypto/external/bsd/openssl/dist/Configure:1.35
--- src/crypto/external/bsd/openssl/dist/Configure:1.34	Wed Oct 25 13:17:49 2023
+++ src/crypto/external/bsd/openssl/dist/Configure	Tue Jun 11 10:47:51 2024
@@ -1,6 +1,6 @@
 #! /usr/bin/env perl
 # -*- mode: perl; -*-
-# Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -405,6 +405,7 @@ my @disablables = (
 "asan",
 "asm",
 "async",
+"atexit",
 "autoalginit",
 "autoerrinit",
 "autoload-config",
@@ -933,8 +934,6 @@ while (@argvcopy)
 if (/^--prefix=(.*)$/)
 {
 $config{prefix}=$1;
-die "Directory

CVS commit: src/crypto/external/bsd/openssl/dist

2024-06-11 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Tue Jun 11 14:47:52 UTC 2024

Modified Files:
src/crypto/external/bsd/openssl/dist: Configure e_os.h
src/crypto/external/bsd/openssl/dist/apps: ocsp.c req.c s_server.c
speed.c
src/crypto/external/bsd/openssl/dist/apps/lib: opt.c
src/crypto/external/bsd/openssl/dist/crypto/bio: bio_lib.c
src/crypto/external/bsd/openssl/dist/crypto/bn: bn_exp.c bn_lib.c
bn_nist.c bn_rand.c
src/crypto/external/bsd/openssl/dist/crypto/err: openssl.ec
src/crypto/external/bsd/openssl/dist/crypto/evp: e_aes.c
src/crypto/external/bsd/openssl/dist/crypto/rsa: rsa_lib.c
src/crypto/external/bsd/openssl/dist/include/internal: refcount.h
src/crypto/external/bsd/openssl/dist/include/openssl: bio.h.in
src/crypto/external/bsd/openssl/dist/ssl: d1_lib.c s3_enc.c s3_lib.c
ssl_ciph.c ssl_err.c ssl_lib.c ssl_sess.c t1_enc.c t1_lib.c
src/crypto/external/bsd/openssl/dist/test: bntest.c dsatest.c
ecdsatest.c evp_extra_test.c evp_test.c
Removed Files:
src/crypto/external/bsd/openssl/dist: FAQ.md

Log Message:
Merge conflicts between 3.0.12 and 3.0.14


To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssl/dist/Configure
cvs rdiff -u -r1.1.1.1 -r0 src/crypto/external/bsd/openssl/dist/FAQ.md
cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssl/dist/e_os.h
cvs rdiff -u -r1.24 -r1.25 src/crypto/external/bsd/openssl/dist/apps/ocsp.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssl/dist/apps/req.c
cvs rdiff -u -r1.29 -r1.30 \
src/crypto/external/bsd/openssl/dist/apps/s_server.c
cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssl/dist/apps/speed.c
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/apps/lib/opt.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/bio/bio_lib.c
cvs rdiff -u -r1.22 -r1.23 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_exp.c
cvs rdiff -u -r1.17 -r1.18 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_lib.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_nist.c
cvs rdiff -u -r1.6 -r1.7 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_rand.c
cvs rdiff -u -r1.7 -r1.8 \
src/crypto/external/bsd/openssl/dist/crypto/err/openssl.ec
cvs rdiff -u -r1.26 -r1.27 \
src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_lib.c
cvs rdiff -u -r1.7 -r1.8 \
src/crypto/external/bsd/openssl/dist/include/internal/refcount.h
cvs rdiff -u -r1.2 -r1.3 \
src/crypto/external/bsd/openssl/dist/include/openssl/bio.h.in
cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssl/dist/ssl/d1_lib.c \
src/crypto/external/bsd/openssl/dist/ssl/ssl_sess.c
cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c
cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c
cvs rdiff -u -r1.24 -r1.25 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c \
src/crypto/external/bsd/openssl/dist/ssl/ssl_lib.c
cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssl/dist/ssl/ssl_err.c
cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c
cvs rdiff -u -r1.38 -r1.39 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssl/dist/test/bntest.c \
src/crypto/external/bsd/openssl/dist/test/evp_test.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssl/dist/test/dsatest.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/test/ecdsatest.c
cvs rdiff -u -r1.14 -r1.15 \
src/crypto/external/bsd/openssl/dist/test/evp_extra_test.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist/crypto

2023-09-02 Thread matthew green 
Module Name:src
Committed By:   mrg
Date:   Sat Sep  2 20:07:32 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto: sparccpuid.S

Log Message:
fix SPARC v8/v9 detection code.

this code uses a trick where the encoding on both v8 and v9 are
the same, and are not illegal instructions, but that the v9 one
has a detectable difference than v8.

the idea is that we perform a "subcc" (set condition codes) which
sets "%ccr" on v9, which is an unimplemented "%asr2" on v8, then
we read %ccr (v9) or %asr2 (v8), which will always be 0x99 on v9,
and .. is non-trapping but impleentation defined on v8.

for many implementations this returns the value of the %y reg.

as nothing actually sets %y in this path, it remains the value it
was most recently set to by something (anything), and if it just
happens to be 0x99 then the v9 paths will be taken on v8.

fix this by clearing the %y register before the potential read.

fixes PR port-sparc/57594.  tested on ss20 and in qemu.  this
version of the patch has been submitted upstream.

XXX: pullup-10, pullup-9, pullup-8.


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 \
src/crypto/external/bsd/openssl/dist/crypto/sparccpuid.S

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/crypto/sparccpuid.S
diff -u src/crypto/external/bsd/openssl/dist/crypto/sparccpuid.S:1.10 src/crypto/external/bsd/openssl/dist/crypto/sparccpuid.S:1.11
--- src/crypto/external/bsd/openssl/dist/crypto/sparccpuid.S:1.10	Sun May  7 18:40:16 2023
+++ src/crypto/external/bsd/openssl/dist/crypto/sparccpuid.S	Sat Sep  2 20:07:32 2023
@@ -47,10 +47,14 @@ OPENSSL_wipe_cpu:
 	subcc	%g0,1,%o0
 	! Following is V9 "rd %ccr,%o0" instruction. However! V8
 	! specification says that it ("rd %asr2,%o0" in V8 terms) does
-	! not cause illegal_instruction trap. It therefore can be used
-	! to determine if the CPU the code is executing on is V8- or
-	! V9-compliant, as V9 returns a distinct value of 0x99,
-	! "negative" and "borrow" bits set in both %icc and %xcc.
+	! not cause illegal_instruction trap, however it may read from
+	! the %y register. It therefore can be used to determine if the
+	! CPU the code is executing on is V8- or V9-compliant, as V9
+	! returns a distinct value of 0x99, "negative" and "borrow"
+	! bits set in both %icc and %xcc. The %y register needs to be
+	! set away from 0x99 to avoid false-positives matches.
+	! 
+	wr	0, %y
 	.word	0x91408000	!rd	%ccr,%o0
 	cmp	%o0,0x99
 	bne	.v8
@@ -178,6 +182,7 @@ walk_reg_wins:
 OPENSSL_atomic_add:
 #ifndef ABI64
 	subcc	%g0,1,%o2
+	wr	0, %y
 	.word	0x95408000	!rd	%ccr,%o2, see comment above
 	cmp	%o2,0x99
 	be	.v9
@@ -226,7 +231,8 @@ OPENSSL_atomic_add:
 .align	32
 _sparcv9_rdtick:
 	subcc	%g0,1,%o0
-	.word	0x91408000	!rd	%ccr,%o0
+	wr	0, %y
+	.word	0x91408000	!rd	%ccr,%o0, see comment above
 	cmp	%o0,0x99
 	bne	.notick
 	xor	%o0,%o0,%o0
@@ -388,7 +394,8 @@ OPENSSL_cleanse:
 #ifndef ABI64
 	subcc	%g0,1,%g1
 	! see above for explanation
-	.word	0x83408000	!rd	%ccr,%g1
+	wr	0, %y
+	.word	0x83408000	!rd	%ccr,%g1, see comment above
 	cmp	%g1,0x99
 	bne	.v8lot
 	nop

CVS commit: src/crypto/external/bsd/openssl/dist/crypto

2023-09-02 Thread matthew green 
Module Name:src
Committed By:   mrg
Date:   Sat Sep  2 20:07:32 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto: sparccpuid.S

Log Message:
fix SPARC v8/v9 detection code.

this code uses a trick where the encoding on both v8 and v9 are
the same, and are not illegal instructions, but that the v9 one
has a detectable difference than v8.

the idea is that we perform a "subcc" (set condition codes) which
sets "%ccr" on v9, which is an unimplemented "%asr2" on v8, then
we read %ccr (v9) or %asr2 (v8), which will always be 0x99 on v9,
and .. is non-trapping but impleentation defined on v8.

for many implementations this returns the value of the %y reg.

as nothing actually sets %y in this path, it remains the value it
was most recently set to by something (anything), and if it just
happens to be 0x99 then the v9 paths will be taken on v8.

fix this by clearing the %y register before the potential read.

fixes PR port-sparc/57594.  tested on ss20 and in qemu.  this
version of the patch has been submitted upstream.

XXX: pullup-10, pullup-9, pullup-8.


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 \
src/crypto/external/bsd/openssl/dist/crypto/sparccpuid.S

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist

2023-05-31 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Wed May 31 19:30:30 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist: Configure
src/crypto/external/bsd/openssl/dist/apps: cmp.c openssl.cnf s_server.c
src/crypto/external/bsd/openssl/dist/apps/lib: apps.c
src/crypto/external/bsd/openssl/dist/crypto/asn1: asn_pack.c
src/crypto/external/bsd/openssl/dist/crypto/bio: bio_lib.c
src/crypto/external/bsd/openssl/dist/crypto/bn: bn_lib.c bn_nist.c
src/crypto/external/bsd/openssl/dist/crypto/conf: conf_def.c
src/crypto/external/bsd/openssl/dist/crypto/engine: eng_lib.c
src/crypto/external/bsd/openssl/dist/crypto/ui: ui_lib.c
src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c
src/crypto/external/bsd/openssl/dist/engines: e_padlock.c
src/crypto/external/bsd/openssl/dist/include/internal: refcount.h
src/crypto/external/bsd/openssl/dist/ssl: ssl_sess.c t1_lib.c
src/crypto/external/bsd/openssl/dist/test: destest.c dsatest.c
ecdsatest.c evp_extra_test.c
src/crypto/external/bsd/openssl/dist/test/testutil: provider.c
Removed Files:
src/crypto/external/bsd/openssl/dist/crypto/bn: rsa_sup_mul.c

Log Message:
merge conflicts between 3.0.8 and 3.0.9


To generate a diff of this commit:
cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssl/dist/Configure
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/apps/cmp.c
cvs rdiff -u -r1.10 -r1.11 \
src/crypto/external/bsd/openssl/dist/apps/openssl.cnf
cvs rdiff -u -r1.27 -r1.28 \
src/crypto/external/bsd/openssl/dist/apps/s_server.c
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssl/dist/apps/lib/apps.c
cvs rdiff -u -r1.4 -r1.5 \
src/crypto/external/bsd/openssl/dist/crypto/asn1/asn_pack.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/bio/bio_lib.c
cvs rdiff -u -r1.16 -r1.17 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_lib.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_nist.c
cvs rdiff -u -r1.1.1.2 -r0 \
src/crypto/external/bsd/openssl/dist/crypto/bn/rsa_sup_mul.c
cvs rdiff -u -r1.14 -r1.15 \
src/crypto/external/bsd/openssl/dist/crypto/conf/conf_def.c
cvs rdiff -u -r1.10 -r1.11 \
src/crypto/external/bsd/openssl/dist/crypto/engine/eng_lib.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/ui/ui_lib.c
cvs rdiff -u -r1.27 -r1.28 \
src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/engines/e_padlock.c
cvs rdiff -u -r1.6 -r1.7 \
src/crypto/external/bsd/openssl/dist/include/internal/refcount.h
cvs rdiff -u -r1.11 -r1.12 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_sess.c
cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssl/dist/test/destest.c
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssl/dist/test/dsatest.c
cvs rdiff -u -r1.7 -r1.8 \
src/crypto/external/bsd/openssl/dist/test/ecdsatest.c
cvs rdiff -u -r1.12 -r1.13 \
src/crypto/external/bsd/openssl/dist/test/evp_extra_test.c
cvs rdiff -u -r1.2 -r1.3 \
src/crypto/external/bsd/openssl/dist/test/testutil/provider.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/Configure
diff -u src/crypto/external/bsd/openssl/dist/Configure:1.32 src/crypto/external/bsd/openssl/dist/Configure:1.33
--- src/crypto/external/bsd/openssl/dist/Configure:1.32	Sun May  7 14:40:15 2023
+++ src/crypto/external/bsd/openssl/dist/Configure	Wed May 31 15:30:28 2023
@@ -1423,7 +1423,7 @@ if ($target =~ /^mingw/ && `$config{CC} 
 }
 
 if ($target =~ /linux.*-mips/ && !$disabled{asm}
-&& !grep { $_ !~ /-m(ips|arch=)/ } (@{$config{CFLAGS}})) {
+&& !grep { $_ =~ /-m(ips|arch=)/ } (@{$config{CFLAGS}})) {
 # minimally required architecture flags for assembly modules
 my $value;
 $value = '-mips2' if ($target =~ /mips32/);

Index: src/crypto/external/bsd/openssl/dist/apps/cmp.c
diff -u src/crypto/external/bsd/openssl/dist/apps/cmp.c:1.2 src/crypto/external/bsd/openssl/dist/apps/cmp.c:1.3
--- src/crypto/external/bsd/openssl/dist/apps/cmp.c:1.2	Sun May  7 14:40:15 2023
+++ src/crypto/external/bsd/openssl/dist/apps/cmp.c	Wed May 31 15:30:28 2023
@@ -1,5 +1,5 @@
 /*
- * Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright Nokia 2007-2019
  * Copyright Siemens AG 2015-2019
  *
@@ -158,6 +158,7 @@ static char *opt_reqin = NULL;
 static int opt_reqin_new_tid = 0;
 static char *opt_reqout = NULL;
 static char *opt_rspin = NULL;
+static int rspin_in_use = 0;
 static char *opt_rspout = NULL;
 static int

CVS commit: src/crypto/external/bsd/openssl/dist

2023-05-31 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Wed May 31 19:30:30 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist: Configure
src/crypto/external/bsd/openssl/dist/apps: cmp.c openssl.cnf s_server.c
src/crypto/external/bsd/openssl/dist/apps/lib: apps.c
src/crypto/external/bsd/openssl/dist/crypto/asn1: asn_pack.c
src/crypto/external/bsd/openssl/dist/crypto/bio: bio_lib.c
src/crypto/external/bsd/openssl/dist/crypto/bn: bn_lib.c bn_nist.c
src/crypto/external/bsd/openssl/dist/crypto/conf: conf_def.c
src/crypto/external/bsd/openssl/dist/crypto/engine: eng_lib.c
src/crypto/external/bsd/openssl/dist/crypto/ui: ui_lib.c
src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c
src/crypto/external/bsd/openssl/dist/engines: e_padlock.c
src/crypto/external/bsd/openssl/dist/include/internal: refcount.h
src/crypto/external/bsd/openssl/dist/ssl: ssl_sess.c t1_lib.c
src/crypto/external/bsd/openssl/dist/test: destest.c dsatest.c
ecdsatest.c evp_extra_test.c
src/crypto/external/bsd/openssl/dist/test/testutil: provider.c
Removed Files:
src/crypto/external/bsd/openssl/dist/crypto/bn: rsa_sup_mul.c

Log Message:
merge conflicts between 3.0.8 and 3.0.9


To generate a diff of this commit:
cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssl/dist/Configure
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/apps/cmp.c
cvs rdiff -u -r1.10 -r1.11 \
src/crypto/external/bsd/openssl/dist/apps/openssl.cnf
cvs rdiff -u -r1.27 -r1.28 \
src/crypto/external/bsd/openssl/dist/apps/s_server.c
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssl/dist/apps/lib/apps.c
cvs rdiff -u -r1.4 -r1.5 \
src/crypto/external/bsd/openssl/dist/crypto/asn1/asn_pack.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/bio/bio_lib.c
cvs rdiff -u -r1.16 -r1.17 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_lib.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_nist.c
cvs rdiff -u -r1.1.1.2 -r0 \
src/crypto/external/bsd/openssl/dist/crypto/bn/rsa_sup_mul.c
cvs rdiff -u -r1.14 -r1.15 \
src/crypto/external/bsd/openssl/dist/crypto/conf/conf_def.c
cvs rdiff -u -r1.10 -r1.11 \
src/crypto/external/bsd/openssl/dist/crypto/engine/eng_lib.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/ui/ui_lib.c
cvs rdiff -u -r1.27 -r1.28 \
src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/engines/e_padlock.c
cvs rdiff -u -r1.6 -r1.7 \
src/crypto/external/bsd/openssl/dist/include/internal/refcount.h
cvs rdiff -u -r1.11 -r1.12 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_sess.c
cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssl/dist/test/destest.c
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssl/dist/test/dsatest.c
cvs rdiff -u -r1.7 -r1.8 \
src/crypto/external/bsd/openssl/dist/test/ecdsatest.c
cvs rdiff -u -r1.12 -r1.13 \
src/crypto/external/bsd/openssl/dist/test/evp_extra_test.c
cvs rdiff -u -r1.2 -r1.3 \
src/crypto/external/bsd/openssl/dist/test/testutil/provider.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist/apps

2023-05-25 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Thu May 25 17:20:15 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/apps/include: apps.h
src/crypto/external/bsd/openssl/dist/apps/lib: apps.c

Log Message:
add a little const to help clang


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/crypto/external/bsd/openssl/dist/apps/include/apps.h
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/apps/lib/apps.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist/apps

2023-05-25 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Thu May 25 17:20:15 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/apps/include: apps.h
src/crypto/external/bsd/openssl/dist/apps/lib: apps.c

Log Message:
add a little const to help clang


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/crypto/external/bsd/openssl/dist/apps/include/apps.h
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/apps/lib/apps.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/apps/include/apps.h
diff -u src/crypto/external/bsd/openssl/dist/apps/include/apps.h:1.1.1.1 src/crypto/external/bsd/openssl/dist/apps/include/apps.h:1.2
--- src/crypto/external/bsd/openssl/dist/apps/include/apps.h:1.1.1.1	Sun May  7 14:29:13 2023
+++ src/crypto/external/bsd/openssl/dist/apps/include/apps.h	Thu May 25 13:20:14 2023
@@ -218,7 +218,7 @@ typedef struct ca_db_st {
 # endif
 } CA_DB;
 
-void app_bail_out(char *fmt, ...);
+void app_bail_out(const char *fmt, ...);
 void *app_malloc(size_t sz, const char *what);
 
 /* load_serial, save_serial, and rotate_serial are also used for CRL numbers */

Index: src/crypto/external/bsd/openssl/dist/apps/lib/apps.c
diff -u src/crypto/external/bsd/openssl/dist/apps/lib/apps.c:1.2 src/crypto/external/bsd/openssl/dist/apps/lib/apps.c:1.3
--- src/crypto/external/bsd/openssl/dist/apps/lib/apps.c:1.2	Sun May  7 14:40:15 2023
+++ src/crypto/external/bsd/openssl/dist/apps/lib/apps.c	Thu May 25 13:20:14 2023
@@ -614,7 +614,7 @@ EVP_PKEY *load_keyparams(const char *uri
 return load_keyparams_suppress(uri, format, maybe_stdin, keytype, desc, 0);
 }
 
-void app_bail_out(char *fmt, ...)
+void app_bail_out(const char *fmt, ...)
 {
 va_list args;

CVS commit: src/crypto/external/bsd/openssl/dist

2023-05-07 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Sun May  7 18:40:31 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist: Configure e_os.h
src/crypto/external/bsd/openssl/dist/apps: ca.c cmp.c ocsp.c openssl.c
openssl.cnf req.c s_client.c s_server.c s_time.c speed.c
src/crypto/external/bsd/openssl/dist/apps/lib: apps.c opt.c
src/crypto/external/bsd/openssl/dist/crypto: LPdir_vms.c LPdir_win.c
arm_arch.h armcap.c cryptlib.c cversion.c ex_data.c mem.c mem_clr.c
ppccap.c ppccpuid.pl sparccpuid.S threads_pthread.c uid.c
x86_64cpuid.pl
src/crypto/external/bsd/openssl/dist/crypto/aes/asm:
aesni-sha1-x86_64.pl aesni-x86_64.pl
src/crypto/external/bsd/openssl/dist/crypto/asn1: a_d2i_fp.c a_strex.c
a_type.c asn_mime.c asn_pack.c tasn_dec.c tasn_enc.c
src/crypto/external/bsd/openssl/dist/crypto/bio: bio_lib.c bss_file.c
bss_log.c
src/crypto/external/bsd/openssl/dist/crypto/bn: bn_exp.c bn_lib.c
bn_mont.c bn_nist.c bn_print.c bn_rand.c
src/crypto/external/bsd/openssl/dist/crypto/bn/asm: mips.pl
x86_64-gcc.c x86_64-gf2m.pl
src/crypto/external/bsd/openssl/dist/crypto/buffer: buffer.c
src/crypto/external/bsd/openssl/dist/crypto/cms: cms_pwri.c
src/crypto/external/bsd/openssl/dist/crypto/comp: c_zlib.c
src/crypto/external/bsd/openssl/dist/crypto/conf: conf_def.c
src/crypto/external/bsd/openssl/dist/crypto/des: rand_key.c
src/crypto/external/bsd/openssl/dist/crypto/dh: dh_lib.c
src/crypto/external/bsd/openssl/dist/crypto/dsa: dsa_ameth.c dsa_lib.c
src/crypto/external/bsd/openssl/dist/crypto/dso: dso_dlfcn.c
src/crypto/external/bsd/openssl/dist/crypto/ec: ec2_smpl.c ec_ameth.c
ec_asn1.c ec_key.c ec_lib.c ecp_mont.c ecp_nist.c ecp_smpl.c
src/crypto/external/bsd/openssl/dist/crypto/engine: eng_all.c eng_lib.c
src/crypto/external/bsd/openssl/dist/crypto/err: openssl.ec
src/crypto/external/bsd/openssl/dist/crypto/evp: e_aes.c evp_enc.c
src/crypto/external/bsd/openssl/dist/crypto/hmac: hmac.c
src/crypto/external/bsd/openssl/dist/crypto/idea: i_cbc.c i_cfb64.c
i_ecb.c i_ofb64.c i_skey.c
src/crypto/external/bsd/openssl/dist/crypto/lhash: lhash.c
src/crypto/external/bsd/openssl/dist/crypto/md4: md4_dgst.c
src/crypto/external/bsd/openssl/dist/crypto/md5: md5_dgst.c
src/crypto/external/bsd/openssl/dist/crypto/md5/asm: md5-x86_64.pl
src/crypto/external/bsd/openssl/dist/crypto/modes: gcm128.c
src/crypto/external/bsd/openssl/dist/crypto/objects: o_names.c
src/crypto/external/bsd/openssl/dist/crypto/ocsp: ocsp_vfy.c
src/crypto/external/bsd/openssl/dist/crypto/perlasm: x86gas.pl
src/crypto/external/bsd/openssl/dist/crypto/pkcs12: p12_decr.c
src/crypto/external/bsd/openssl/dist/crypto/pkcs7: pk7_doit.c pk7_lib.c
src/crypto/external/bsd/openssl/dist/crypto/rand: rand_egd.c randfile.c
src/crypto/external/bsd/openssl/dist/crypto/rc2: rc2_cbc.c rc2_ecb.c
rc2_local.h rc2cfb64.c rc2ofb64.c
src/crypto/external/bsd/openssl/dist/crypto/rc4/asm: rc4-x86_64.pl
src/crypto/external/bsd/openssl/dist/crypto/rc5: rc5_ecb.c rc5_enc.c
rc5cfb64.c rc5ofb64.c
src/crypto/external/bsd/openssl/dist/crypto/ripemd: rmd_dgst.c
src/crypto/external/bsd/openssl/dist/crypto/rsa: rsa_err.c rsa_gen.c
rsa_lib.c rsa_oaep.c rsa_pk1.c rsa_sign.c
src/crypto/external/bsd/openssl/dist/crypto/sha: keccak1600.c sha256.c
src/crypto/external/bsd/openssl/dist/crypto/sha/asm:
keccak1600-ppc64.pl keccak1600p8-ppc.pl sha1-x86_64.pl
src/crypto/external/bsd/openssl/dist/crypto/stack: stack.c
src/crypto/external/bsd/openssl/dist/crypto/ui: ui_lib.c ui_openssl.c
src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c
src/crypto/external/bsd/openssl/dist/engines: e_padlock.c
src/crypto/external/bsd/openssl/dist/include/internal: refcount.h
tsan_assist.h
src/crypto/external/bsd/openssl/dist/include/openssl: bio.h.in bn.h
idea.h rc2.h sha.h
src/crypto/external/bsd/openssl/dist/ssl: d1_lib.c d1_srtp.c s3_cbc.c
s3_enc.c s3_lib.c ssl_ciph.c ssl_err.c ssl_lib.c ssl_sess.c
t1_enc.c t1_lib.c tls_srp.c
src/crypto/external/bsd/openssl/dist/test: bftest.c bntest.c casttest.c
constant_time_test.c destest.c dhtest.c dsatest.c ecdsatest.c
ectest.c enginetest.c evp_extra_test.c evp_test.c exptest.c
hmactest.c ideatest.c mdc2test.c rc2test.c rc4test.c rc5test.c
rsa_test.c srptest.c threadstest.c
src/crypto/external/bsd/openssl/dist/test/testutil: basic_output.c
driver.c fake_random.c format_output.c

CVS commit: src/crypto/external/bsd/openssl/dist

2023-05-07 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Sun May  7 18:40:31 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist: Configure e_os.h
src/crypto/external/bsd/openssl/dist/apps: ca.c cmp.c ocsp.c openssl.c
openssl.cnf req.c s_client.c s_server.c s_time.c speed.c
src/crypto/external/bsd/openssl/dist/apps/lib: apps.c opt.c
src/crypto/external/bsd/openssl/dist/crypto: LPdir_vms.c LPdir_win.c
arm_arch.h armcap.c cryptlib.c cversion.c ex_data.c mem.c mem_clr.c
ppccap.c ppccpuid.pl sparccpuid.S threads_pthread.c uid.c
x86_64cpuid.pl
src/crypto/external/bsd/openssl/dist/crypto/aes/asm:
aesni-sha1-x86_64.pl aesni-x86_64.pl
src/crypto/external/bsd/openssl/dist/crypto/asn1: a_d2i_fp.c a_strex.c
a_type.c asn_mime.c asn_pack.c tasn_dec.c tasn_enc.c
src/crypto/external/bsd/openssl/dist/crypto/bio: bio_lib.c bss_file.c
bss_log.c
src/crypto/external/bsd/openssl/dist/crypto/bn: bn_exp.c bn_lib.c
bn_mont.c bn_nist.c bn_print.c bn_rand.c
src/crypto/external/bsd/openssl/dist/crypto/bn/asm: mips.pl
x86_64-gcc.c x86_64-gf2m.pl
src/crypto/external/bsd/openssl/dist/crypto/buffer: buffer.c
src/crypto/external/bsd/openssl/dist/crypto/cms: cms_pwri.c
src/crypto/external/bsd/openssl/dist/crypto/comp: c_zlib.c
src/crypto/external/bsd/openssl/dist/crypto/conf: conf_def.c
src/crypto/external/bsd/openssl/dist/crypto/des: rand_key.c
src/crypto/external/bsd/openssl/dist/crypto/dh: dh_lib.c
src/crypto/external/bsd/openssl/dist/crypto/dsa: dsa_ameth.c dsa_lib.c
src/crypto/external/bsd/openssl/dist/crypto/dso: dso_dlfcn.c
src/crypto/external/bsd/openssl/dist/crypto/ec: ec2_smpl.c ec_ameth.c
ec_asn1.c ec_key.c ec_lib.c ecp_mont.c ecp_nist.c ecp_smpl.c
src/crypto/external/bsd/openssl/dist/crypto/engine: eng_all.c eng_lib.c
src/crypto/external/bsd/openssl/dist/crypto/err: openssl.ec
src/crypto/external/bsd/openssl/dist/crypto/evp: e_aes.c evp_enc.c
src/crypto/external/bsd/openssl/dist/crypto/hmac: hmac.c
src/crypto/external/bsd/openssl/dist/crypto/idea: i_cbc.c i_cfb64.c
i_ecb.c i_ofb64.c i_skey.c
src/crypto/external/bsd/openssl/dist/crypto/lhash: lhash.c
src/crypto/external/bsd/openssl/dist/crypto/md4: md4_dgst.c
src/crypto/external/bsd/openssl/dist/crypto/md5: md5_dgst.c
src/crypto/external/bsd/openssl/dist/crypto/md5/asm: md5-x86_64.pl
src/crypto/external/bsd/openssl/dist/crypto/modes: gcm128.c
src/crypto/external/bsd/openssl/dist/crypto/objects: o_names.c
src/crypto/external/bsd/openssl/dist/crypto/ocsp: ocsp_vfy.c
src/crypto/external/bsd/openssl/dist/crypto/perlasm: x86gas.pl
src/crypto/external/bsd/openssl/dist/crypto/pkcs12: p12_decr.c
src/crypto/external/bsd/openssl/dist/crypto/pkcs7: pk7_doit.c pk7_lib.c
src/crypto/external/bsd/openssl/dist/crypto/rand: rand_egd.c randfile.c
src/crypto/external/bsd/openssl/dist/crypto/rc2: rc2_cbc.c rc2_ecb.c
rc2_local.h rc2cfb64.c rc2ofb64.c
src/crypto/external/bsd/openssl/dist/crypto/rc4/asm: rc4-x86_64.pl
src/crypto/external/bsd/openssl/dist/crypto/rc5: rc5_ecb.c rc5_enc.c
rc5cfb64.c rc5ofb64.c
src/crypto/external/bsd/openssl/dist/crypto/ripemd: rmd_dgst.c
src/crypto/external/bsd/openssl/dist/crypto/rsa: rsa_err.c rsa_gen.c
rsa_lib.c rsa_oaep.c rsa_pk1.c rsa_sign.c
src/crypto/external/bsd/openssl/dist/crypto/sha: keccak1600.c sha256.c
src/crypto/external/bsd/openssl/dist/crypto/sha/asm:
keccak1600-ppc64.pl keccak1600p8-ppc.pl sha1-x86_64.pl
src/crypto/external/bsd/openssl/dist/crypto/stack: stack.c
src/crypto/external/bsd/openssl/dist/crypto/ui: ui_lib.c ui_openssl.c
src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c
src/crypto/external/bsd/openssl/dist/engines: e_padlock.c
src/crypto/external/bsd/openssl/dist/include/internal: refcount.h
tsan_assist.h
src/crypto/external/bsd/openssl/dist/include/openssl: bio.h.in bn.h
idea.h rc2.h sha.h
src/crypto/external/bsd/openssl/dist/ssl: d1_lib.c d1_srtp.c s3_cbc.c
s3_enc.c s3_lib.c ssl_ciph.c ssl_err.c ssl_lib.c ssl_sess.c
t1_enc.c t1_lib.c tls_srp.c
src/crypto/external/bsd/openssl/dist/test: bftest.c bntest.c casttest.c
constant_time_test.c destest.c dhtest.c dsatest.c ecdsatest.c
ectest.c enginetest.c evp_extra_test.c evp_test.c exptest.c
hmactest.c ideatest.c mdc2test.c rc2test.c rc4test.c rc5test.c
rsa_test.c srptest.c threadstest.c
src/crypto/external/bsd/openssl/dist/test/testutil: basic_output.c
driver.c fake_random.c format_output.c

CVS commit: src/crypto/external/bsd/openssl/dist/crypto/rand

2023-03-31 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Fri Mar 31 06:05:51 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto/rand: rand_unix.c

Log Message:
openssl: Omit local comment.

May be helpful explanation but it didn't make its way upstream,
whereas the file has moved and had other upstream changes, so let's
make the next merge less painful.

No functional change intended.


To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 \
src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c
diff -u src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c:1.18 src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c:1.19
--- src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c:1.18	Fri Jan  7 15:50:11 2022
+++ src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c	Fri Mar 31 06:05:51 2023
@@ -270,7 +270,6 @@ static ssize_t sysctl_random(char *buf, 
 mib[1] = KERN_ARND;
 
 do {
-/* On NetBSD, KERN_ARND fails if more than 256 bytes are requested */
 len = buflen > 256 ? 256 : buflen;
 if (sysctl(mib, 2, buf, , NULL, 0) == -1)
 return done > 0 ? done : -1;

CVS commit: src/crypto/external/bsd/openssl/dist/crypto/rand

2023-03-31 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Fri Mar 31 06:05:51 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto/rand: rand_unix.c

Log Message:
openssl: Omit local comment.

May be helpful explanation but it didn't make its way upstream,
whereas the file has moved and had other upstream changes, so let's
make the next merge less painful.

No functional change intended.


To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 \
src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist/crypto/bn/asm

2023-03-29 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Wed Mar 29 13:07:46 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto/bn/asm: x86_64-gcc.c

Log Message:
openssl: Remove local micro-optimization on AMD (but not Intel).

Upstream OpenSSL changed

loop 1b

to

dec %rcx
jnz 1b

which has mostly the same semantics, in this change:

https://github.com/openssl/openssl/pull/4743

For some reason, in one of the OpenSSL updates, we ended up with a
local change to revert this.

The Intel and AMD optimization guides are silent on the LOOP
instruction, but Agner Fog's tables shows that while LOOP is one
cycle shorter than DEC;JNZ on AMD Zen microarchitectures, it is a
good half dozen cycles longer than DEC;JNZ on recent Intel
microarchitectures.

The history of the OpenSSL change suggests it was intended, and I
can't find any indication other than `merge conflicts' that we
intended to keep the LOOP version.  So let's reduce the local diff by
nixing it.


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 \
src/crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-gcc.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist/crypto/bn/asm

2023-03-29 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Wed Mar 29 13:07:46 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto/bn/asm: x86_64-gcc.c

Log Message:
openssl: Remove local micro-optimization on AMD (but not Intel).

Upstream OpenSSL changed

loop 1b

to

dec %rcx
jnz 1b

which has mostly the same semantics, in this change:

https://github.com/openssl/openssl/pull/4743

For some reason, in one of the OpenSSL updates, we ended up with a
local change to revert this.

The Intel and AMD optimization guides are silent on the LOOP
instruction, but Agner Fog's tables shows that while LOOP is one
cycle shorter than DEC;JNZ on AMD Zen microarchitectures, it is a
good half dozen cycles longer than DEC;JNZ on recent Intel
microarchitectures.

The history of the OpenSSL change suggests it was intended, and I
can't find any indication other than `merge conflicts' that we
intended to keep the LOOP version.  So let's reduce the local diff by
nixing it.


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 \
src/crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-gcc.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-gcc.c
diff -u src/crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-gcc.c:1.11 src/crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-gcc.c:1.12
--- src/crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-gcc.c:1.11	Sun Mar 22 00:53:03 2020
+++ src/crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-gcc.c	Wed Mar 29 13:07:46 2023
@@ -219,9 +219,10 @@ BN_ULONG bn_add_words(BN_ULONG *rp, cons
   "   adcq(%5,%2,8),%0\n"
   "   movq%0,(%3,%2,8)\n"
   "   lea 1(%2),%2\n"
-  "   loop1b  \n"
-  "   sbbq%0,%0   \n":"=" (ret), "+c"(n),
-  "+r"(i)
+  "   dec %1  \n"
+  "   jnz 1b  \n"
+  "   sbbq%0,%0   \n"
+  :"=" (ret), "+c"(n), "+r"(i)
   :"r"(rp), "r"(ap), "r"(bp)
   :"cc", "memory");
 
@@ -245,9 +246,10 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, cons
   "   sbbq(%5,%2,8),%0\n"
   "   movq%0,(%3,%2,8)\n"
   "   lea 1(%2),%2\n"
-  "   loop1b  \n"
-  "   sbbq%0,%0   \n":"=" (ret), "+c"(n),
-  "+r"(i)
+  "   dec %1  \n"
+  "   jnz 1b  \n"
+  "   sbbq%0,%0   \n"
+  :"=" (ret), "+c"(n), "+r"(i)
   :"r"(rp), "r"(ap), "r"(bp)
   :"cc", "memory");

CVS commit: src/crypto/external/bsd/openssl/dist/crypto/bio

2023-03-29 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Wed Mar 29 10:25:11 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto/bio: bss_log.c

Log Message:
openssl: Omit needless sprintf->snprintf under OPENSSL_SYS_WIN32.

Much as I'm happy to eliminate sprintf, there's very little value to
maintaining a local change under an #ifdef that will never, ever be
taken on NetBSD.

Verified libcrypto.so does not sprout any references to sprintf as a
result.


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 \
src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist/crypto/bio

2023-03-29 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Wed Mar 29 10:25:11 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto/bio: bss_log.c

Log Message:
openssl: Omit needless sprintf->snprintf under OPENSSL_SYS_WIN32.

Much as I'm happy to eliminate sprintf, there's very little value to
maintaining a local change under an #ifdef that will never, ever be
taken on NetBSD.

Verified libcrypto.so does not sprout any references to sprintf as a
result.


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 \
src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c
diff -u src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c:1.12 src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c:1.13
--- src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c:1.12	Sun Mar 22 20:07:05 2020
+++ src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c	Wed Mar 29 10:25:11 2023
@@ -280,7 +280,7 @@ static void xsyslog(BIO *bp, int priorit
 break;
 }
 
-snprintf(pidbuf, sizeof(pidbuf), "[%u] ", GetCurrentProcessId());
+sprintf(pidbuf, "[%u] ", GetCurrentProcessId());
 lpszStrings[0] = pidbuf;
 lpszStrings[1] = string;

CVS commit: src/crypto/external/bsd/openssl/dist/crypto

2023-03-29 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Wed Mar 29 10:21:27 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto: threads_pthread.c

Log Message:
openssl: Omit needless #ifdef notyet around __atomic_is_lock_free.

At the time this was done, our gcc version did not have it, but now
it does, so let's reduce the local diff.


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 \
src/crypto/external/bsd/openssl/dist/crypto/threads_pthread.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/crypto/threads_pthread.c
diff -u src/crypto/external/bsd/openssl/dist/crypto/threads_pthread.c:1.4 src/crypto/external/bsd/openssl/dist/crypto/threads_pthread.c:1.5
--- src/crypto/external/bsd/openssl/dist/crypto/threads_pthread.c:1.4	Thu Jan 23 02:54:53 2020
+++ src/crypto/external/bsd/openssl/dist/crypto/threads_pthread.c	Wed Mar 29 10:21:27 2023
@@ -162,15 +162,12 @@ int CRYPTO_THREAD_compare_id(CRYPTO_THRE
 
 int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock)
 {
-#ifdef notyet
-// We don't provide yet __atomic_is_lock_free
 # if defined(__GNUC__) && defined(__ATOMIC_ACQ_REL)
 if (__atomic_is_lock_free(sizeof(*val), val)) {
 *ret = __atomic_add_fetch(val, amount, __ATOMIC_ACQ_REL);
 return 1;
 }
 # endif
-#endif
 if (!CRYPTO_THREAD_write_lock(lock))
 return 0;

CVS commit: src/crypto/external/bsd/openssl/dist/crypto

2023-03-29 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Wed Mar 29 10:21:27 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto: threads_pthread.c

Log Message:
openssl: Omit needless #ifdef notyet around __atomic_is_lock_free.

At the time this was done, our gcc version did not have it, but now
it does, so let's reduce the local diff.


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 \
src/crypto/external/bsd/openssl/dist/crypto/threads_pthread.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist/crypto

2023-03-29 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Wed Mar 29 10:19:39 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto: mem_clr.c

Log Message:
openssl: Omit needless #include  in mem_clr.c.

This was needed back when the file was patched locally to cast a
pointer to intptr_t rather than to int, but that code is now gone and
the include is no longer necessary.  So let's reduce the local diff
by omitting this unnecessary change.


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 \
src/crypto/external/bsd/openssl/dist/crypto/mem_clr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/crypto/mem_clr.c
diff -u src/crypto/external/bsd/openssl/dist/crypto/mem_clr.c:1.7 src/crypto/external/bsd/openssl/dist/crypto/mem_clr.c:1.8
--- src/crypto/external/bsd/openssl/dist/crypto/mem_clr.c:1.7	Thu Feb  8 21:51:24 2018
+++ src/crypto/external/bsd/openssl/dist/crypto/mem_clr.c	Wed Mar 29 10:19:39 2023
@@ -9,7 +9,6 @@
 
 #include 
 #include 
-#include 
 
 /*
  * Pointer to memset is volatile so that compiler must de-reference

CVS commit: src/crypto/external/bsd/openssl/dist/crypto

2023-03-29 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Wed Mar 29 10:19:39 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto: mem_clr.c

Log Message:
openssl: Omit needless #include  in mem_clr.c.

This was needed back when the file was patched locally to cast a
pointer to intptr_t rather than to int, but that code is now gone and
the include is no longer necessary.  So let's reduce the local diff
by omitting this unnecessary change.


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 \
src/crypto/external/bsd/openssl/dist/crypto/mem_clr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist/apps

2023-03-29 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Wed Mar 29 10:18:50 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/apps: s_client.c s_server.c

Log Message:
openssl: Revert local patch around fileno(stdin/stdout).

According to the commit history, this was introduced when gcc4.5
complained about using the return value of fileno without checking it
against -1.  gcc 10.4 no longer appears to object, so let's just nix
the local patch.


To generate a diff of this commit:
cvs rdiff -u -r1.25 -r1.26 \
src/crypto/external/bsd/openssl/dist/apps/s_client.c \
src/crypto/external/bsd/openssl/dist/apps/s_server.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/apps/s_client.c
diff -u src/crypto/external/bsd/openssl/dist/apps/s_client.c:1.25 src/crypto/external/bsd/openssl/dist/apps/s_client.c:1.26
--- src/crypto/external/bsd/openssl/dist/apps/s_client.c:1.25	Tue Mar 15 20:51:12 2022
+++ src/crypto/external/bsd/openssl/dist/apps/s_client.c	Wed Mar 29 10:18:50 2023
@@ -2770,16 +2770,6 @@ int s_client_main(int argc, char **argv)
 for (;;) {
 FD_ZERO();
 FD_ZERO();
-int fdin = fileno_stdin();
-if (fdin < 0) {
-BIO_printf(bio_err,"bad fileno for stdin\n");
-goto shut;
-}
-int fdout = fileno_stdout();
-if (fdout < 0) {
-BIO_printf(bio_err,"bad fileno for stdout\n");
-goto shut;
-}
 
 if (SSL_is_dtls(con) && DTLSv1_get_timeout(con, ))
 timeoutp = 
@@ -2834,10 +2824,10 @@ int s_client_main(int argc, char **argv)
  * set the flag so we exit.
  */
 if (read_tty && !at_eof)
-openssl_fdset(fdin, );
+openssl_fdset(fileno_stdin(), );
 #if !defined(OPENSSL_SYS_VMS)
 if (write_tty)
-openssl_fdset(fdout, );
+openssl_fdset(fileno_stdout(), );
 #endif
 }
 if (read_ssl)
@@ -2965,7 +2955,7 @@ int s_client_main(int argc, char **argv)
 /* Assume Windows/DOS/BeOS can always write */
 else if (!ssl_pending && write_tty)
 #else
-else if (!ssl_pending && FD_ISSET(fdout, ))
+else if (!ssl_pending && FD_ISSET(fileno_stdout(), ))
 #endif
 {
 #ifdef CHARSET_EBCDIC
@@ -3052,7 +3042,7 @@ int s_client_main(int argc, char **argv)
 #if defined(OPENSSL_SYS_MSDOS)
 else if (has_stdin_waiting())
 #else
-else if (FD_ISSET(fdin, ))
+else if (FD_ISSET(fileno_stdin(), ))
 #endif
 {
 if (crlf) {
Index: src/crypto/external/bsd/openssl/dist/apps/s_server.c
diff -u src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.25 src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.26
--- src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.25	Tue Feb  7 22:25:29 2023
+++ src/crypto/external/bsd/openssl/dist/apps/s_server.c	Wed Mar 29 10:18:50 2023
@@ -2265,7 +2265,7 @@ static int sv_body(int s, int stype, int
 char *buf = NULL;
 fd_set readfds;
 int ret = 1, width;
-int k, i, fdin;
+int k, i;
 unsigned long l;
 SSL *con = NULL;
 BIO *sbio;
@@ -2449,14 +2449,9 @@ static int sv_body(int s, int stype, int
|| (async && SSL_waiting_for_async(con));
 
 if (!read_from_sslcon) {
-fdin = fileno_stdin();
-if (fdin < 0) {
-BIO_printf(bio_err,"Bad fileno for stdin\n");
-goto err;
-}
 FD_ZERO();
 #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS)
-openssl_fdset(fdin, );
+openssl_fdset(fileno_stdin(), );
 #endif
 openssl_fdset(s, );
 /*
@@ -2493,7 +2488,7 @@ static int sv_body(int s, int stype, int
 
 if (i <= 0)
 continue;
-if (FD_ISSET(fdin, ))
+if (FD_ISSET(fileno_stdin(), ))
 read_from_terminal = 1;
 #endif
 if (FD_ISSET(s, ))

CVS commit: src/crypto/external/bsd/openssl/dist/apps

2023-03-29 Thread Taylor R Campbell 
Module Name:src
Committed By:   riastradh
Date:   Wed Mar 29 10:18:50 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist/apps: s_client.c s_server.c

Log Message:
openssl: Revert local patch around fileno(stdin/stdout).

According to the commit history, this was introduced when gcc4.5
complained about using the return value of fileno without checking it
against -1.  gcc 10.4 no longer appears to object, so let's just nix
the local patch.


To generate a diff of this commit:
cvs rdiff -u -r1.25 -r1.26 \
src/crypto/external/bsd/openssl/dist/apps/s_client.c \
src/crypto/external/bsd/openssl/dist/apps/s_server.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist

2023-02-07 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Tue Feb  7 22:25:31 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist: CHANGES Configure NEWS README
src/crypto/external/bsd/openssl/dist/apps: ca.c ocsp.c s_server.c
src/crypto/external/bsd/openssl/dist/crypto/asn1: asn_mime.c
src/crypto/external/bsd/openssl/dist/crypto/bn: bn_exp.c bn_mont.c
bn_nist.c
src/crypto/external/bsd/openssl/dist/crypto/ec: ec_asn1.c ec_key.c
src/crypto/external/bsd/openssl/dist/crypto/evp: evp_enc.c
src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c
src/crypto/external/bsd/openssl/dist/crypto/x509v3: v3_addr.c
src/crypto/external/bsd/openssl/dist/ssl: s3_enc.c s3_lib.c ssl_ciph.c
ssl_lib.c t1_enc.c t1_lib.c
src/crypto/external/bsd/openssl/dist/test: exptest.c
src/crypto/external/bsd/openssl/dist/test/testutil: driver.c
Removed Files:
src/crypto/external/bsd/openssl/dist/test/ssl-tests: 16-certstatus.conf

Log Message:
merge changes between openssl 1.1.1n and 1.1.1t


To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssl/dist/CHANGES \
src/crypto/external/bsd/openssl/dist/NEWS \
src/crypto/external/bsd/openssl/dist/README
cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssl/dist/Configure
cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssl/dist/apps/ca.c
cvs rdiff -u -r1.22 -r1.23 src/crypto/external/bsd/openssl/dist/apps/ocsp.c
cvs rdiff -u -r1.24 -r1.25 \
src/crypto/external/bsd/openssl/dist/apps/s_server.c
cvs rdiff -u -r1.12 -r1.13 \
src/crypto/external/bsd/openssl/dist/crypto/asn1/asn_mime.c
cvs rdiff -u -r1.20 -r1.21 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_exp.c
cvs rdiff -u -r1.12 -r1.13 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_mont.c
cvs rdiff -u -r1.6 -r1.7 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_nist.c
cvs rdiff -u -r1.12 -r1.13 \
src/crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c
cvs rdiff -u -r1.6 -r1.7 \
src/crypto/external/bsd/openssl/dist/crypto/ec/ec_key.c
cvs rdiff -u -r1.14 -r1.15 \
src/crypto/external/bsd/openssl/dist/crypto/evp/evp_enc.c
cvs rdiff -u -r1.25 -r1.26 \
src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/x509v3/v3_addr.c
cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c
cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c
cvs rdiff -u -r1.22 -r1.23 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c
cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssl/dist/ssl/ssl_lib.c \
src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c
cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssl/dist/test/exptest.c
cvs rdiff -u -r1.1.1.1 -r0 \
src/crypto/external/bsd/openssl/dist/test/ssl-tests/16-certstatus.conf
cvs rdiff -u -r1.3 -r1.4 \
src/crypto/external/bsd/openssl/dist/test/testutil/driver.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/CHANGES
diff -u src/crypto/external/bsd/openssl/dist/CHANGES:1.29 src/crypto/external/bsd/openssl/dist/CHANGES:1.30
--- src/crypto/external/bsd/openssl/dist/CHANGES:1.29	Tue Mar 15 16:51:12 2022
+++ src/crypto/external/bsd/openssl/dist/CHANGES	Tue Feb  7 17:25:29 2023
@@ -7,6 +7,178 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1s and 1.1.1t [7 Feb 2023]
+
+  *) Fixed X.400 address type confusion in X.509 GeneralName.
+
+ There is a type confusion vulnerability relating to X.400 address processing
+ inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
+ but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
+ vulnerability may allow an attacker who can provide a certificate chain and
+ CRL (neither of which need have a valid signature) to pass arbitrary
+ pointers to a memcmp call, creating a possible read primitive, subject to
+ some constraints. Refer to the advisory for more information. Thanks to
+ David Benjamin for discovering this issue. (CVE-2023-0286)
+
+ This issue has been fixed by changing the public header file definition of
+ GENERAL_NAME so that x400Address reflects the implementation. It was not
+ possible for any existing application to successfully use the existing
+ definition; however, if any application references the x400Address field
+ (e.g. in dead code), note that the type of this field has changed. There is
+ no ABI change.
+ [Hugo Landau]
+
+  *) Fixed Use-after-free following BIO_new_NDEF.
+
+ The public API function BIO_new_NDEF is a

CVS commit: src/crypto/external/bsd/openssl/dist

2023-02-07 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Tue Feb  7 22:25:31 UTC 2023

Modified Files:
src/crypto/external/bsd/openssl/dist: CHANGES Configure NEWS README
src/crypto/external/bsd/openssl/dist/apps: ca.c ocsp.c s_server.c
src/crypto/external/bsd/openssl/dist/crypto/asn1: asn_mime.c
src/crypto/external/bsd/openssl/dist/crypto/bn: bn_exp.c bn_mont.c
bn_nist.c
src/crypto/external/bsd/openssl/dist/crypto/ec: ec_asn1.c ec_key.c
src/crypto/external/bsd/openssl/dist/crypto/evp: evp_enc.c
src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c
src/crypto/external/bsd/openssl/dist/crypto/x509v3: v3_addr.c
src/crypto/external/bsd/openssl/dist/ssl: s3_enc.c s3_lib.c ssl_ciph.c
ssl_lib.c t1_enc.c t1_lib.c
src/crypto/external/bsd/openssl/dist/test: exptest.c
src/crypto/external/bsd/openssl/dist/test/testutil: driver.c
Removed Files:
src/crypto/external/bsd/openssl/dist/test/ssl-tests: 16-certstatus.conf

Log Message:
merge changes between openssl 1.1.1n and 1.1.1t


To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssl/dist/CHANGES \
src/crypto/external/bsd/openssl/dist/NEWS \
src/crypto/external/bsd/openssl/dist/README
cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssl/dist/Configure
cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssl/dist/apps/ca.c
cvs rdiff -u -r1.22 -r1.23 src/crypto/external/bsd/openssl/dist/apps/ocsp.c
cvs rdiff -u -r1.24 -r1.25 \
src/crypto/external/bsd/openssl/dist/apps/s_server.c
cvs rdiff -u -r1.12 -r1.13 \
src/crypto/external/bsd/openssl/dist/crypto/asn1/asn_mime.c
cvs rdiff -u -r1.20 -r1.21 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_exp.c
cvs rdiff -u -r1.12 -r1.13 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_mont.c
cvs rdiff -u -r1.6 -r1.7 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_nist.c
cvs rdiff -u -r1.12 -r1.13 \
src/crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c
cvs rdiff -u -r1.6 -r1.7 \
src/crypto/external/bsd/openssl/dist/crypto/ec/ec_key.c
cvs rdiff -u -r1.14 -r1.15 \
src/crypto/external/bsd/openssl/dist/crypto/evp/evp_enc.c
cvs rdiff -u -r1.25 -r1.26 \
src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/x509v3/v3_addr.c
cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c
cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c
cvs rdiff -u -r1.22 -r1.23 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c
cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssl/dist/ssl/ssl_lib.c \
src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c
cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssl/dist/test/exptest.c
cvs rdiff -u -r1.1.1.1 -r0 \
src/crypto/external/bsd/openssl/dist/test/ssl-tests/16-certstatus.conf
cvs rdiff -u -r1.3 -r1.4 \
src/crypto/external/bsd/openssl/dist/test/testutil/driver.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist/ssl

2022-10-27 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Thu Oct 27 16:20:23 UTC 2022

Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: ssl_ciph.c

Log Message:
merge upstream commit 9b3219ba544db82cdad3058b9872058739559944:

If rule_str ended in a "-", "l" was incremented one byte past the
end of the buffer.  This resulted in an out-of-bounds read when "l"
is dereferenced at the end of the loop.  It is safest to just return
early in this case since the condition occurs inside a nested loop.


To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist/ssl

2022-10-27 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Thu Oct 27 16:20:23 UTC 2022

Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: ssl_ciph.c

Log Message:
merge upstream commit 9b3219ba544db82cdad3058b9872058739559944:

If rule_str ended in a "-", "l" was incremented one byte past the
end of the buffer.  This resulted in an out-of-bounds read when "l"
is dereferenced at the end of the loop.  It is safest to just return
early in this case since the condition occurs inside a nested loop.


To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c:1.21 src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c:1.22
--- src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c:1.21	Fri Jan  7 10:50:11 2022
+++ src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c	Thu Oct 27 12:20:23 2022
@@ -1026,9 +1026,7 @@ static int ssl_cipher_process_rulestr(co
  * alphanumeric, so we call this an error.
  */
 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, SSL_R_INVALID_COMMAND);
-retval = found = 0;
-l++;
-break;
+		return 0;
 }
 
 if (rule == CIPHER_SPECIAL) {

CVS commit: src/crypto/external/bsd/openssl/dist/apps

2022-10-19 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Wed Oct 19 14:23:00 UTC 2022

Modified Files:
src/crypto/external/bsd/openssl/dist/apps: openssl.cnf

Log Message:
PR/57065: sergio lenzi: remove the default_md override, since 1.1 it is sha256


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/apps/openssl.cnf

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/apps/openssl.cnf
diff -u src/crypto/external/bsd/openssl/dist/apps/openssl.cnf:1.8 src/crypto/external/bsd/openssl/dist/apps/openssl.cnf:1.9
--- src/crypto/external/bsd/openssl/dist/apps/openssl.cnf:1.8	Tue Mar 12 12:58:12 2019
+++ src/crypto/external/bsd/openssl/dist/apps/openssl.cnf	Wed Oct 19 10:23:00 2022
@@ -107,7 +107,6 @@ emailAddress		= optional
 [ req ]
 default_bits		= 2048
 default_keyfile 	= privkey.pem
-default_md		= sha2
 distinguished_name	= req_distinguished_name
 attributes		= req_attributes
 x509_extensions	= v3_ca	# The extensions to add to the self signed cert

CVS commit: src/crypto/external/bsd/openssl/dist/apps

2022-10-19 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Wed Oct 19 14:23:00 UTC 2022

Modified Files:
src/crypto/external/bsd/openssl/dist/apps: openssl.cnf

Log Message:
PR/57065: sergio lenzi: remove the default_md override, since 1.1 it is sha256


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/apps/openssl.cnf

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist

2022-03-15 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Tue Mar 15 20:51:13 UTC 2022

Modified Files:
src/crypto/external/bsd/openssl/dist: CHANGES Configure NEWS README
src/crypto/external/bsd/openssl/dist/apps: openssl.c s_client.c
src/crypto/external/bsd/openssl/dist/crypto/bn: bn_print.c
src/crypto/external/bsd/openssl/dist/crypto/engine: eng_all.c
src/crypto/external/bsd/openssl/dist/crypto/lhash: lhash.c
src/crypto/external/bsd/openssl/dist/crypto/ui: ui_openssl.c
src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c
src/crypto/external/bsd/openssl/dist/ssl: s3_lib.c
src/crypto/external/bsd/openssl/dist/test: bntest.c evp_extra_test.c
src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data:
evpkdf.txt

Log Message:
merge OpenSSL-1.1.1m and OpenSSL-1.1.1n


To generate a diff of this commit:
cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssl/dist/CHANGES \
src/crypto/external/bsd/openssl/dist/NEWS \
src/crypto/external/bsd/openssl/dist/README
cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssl/dist/Configure
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssl/dist/apps/openssl.c
cvs rdiff -u -r1.24 -r1.25 \
src/crypto/external/bsd/openssl/dist/apps/s_client.c
cvs rdiff -u -r1.3 -r1.4 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c
cvs rdiff -u -r1.13 -r1.14 \
src/crypto/external/bsd/openssl/dist/crypto/engine/eng_all.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/lhash/lhash.c
cvs rdiff -u -r1.17 -r1.18 \
src/crypto/external/bsd/openssl/dist/crypto/ui/ui_openssl.c
cvs rdiff -u -r1.24 -r1.25 \
src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c
cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c
cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssl/dist/test/bntest.c
cvs rdiff -u -r1.10 -r1.11 \
src/crypto/external/bsd/openssl/dist/test/evp_extra_test.c
cvs rdiff -u -r1.2 -r1.3 \

src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpkdf.txt

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/CHANGES
diff -u src/crypto/external/bsd/openssl/dist/CHANGES:1.28 src/crypto/external/bsd/openssl/dist/CHANGES:1.29
--- src/crypto/external/bsd/openssl/dist/CHANGES:1.28	Fri Jan  7 10:50:10 2022
+++ src/crypto/external/bsd/openssl/dist/CHANGES	Tue Mar 15 16:51:12 2022
@@ -7,6 +7,43 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1m and 1.1.1n [15 Mar 2022]
+
+  *) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
+ for non-prime moduli.
+
+ Internally this function is used when parsing certificates that contain
+ elliptic curve public keys in compressed form or explicit elliptic curve
+ parameters with a base point encoded in compressed form.
+
+ It is possible to trigger the infinite loop by crafting a certificate that
+ has invalid explicit curve parameters.
+
+ Since certificate parsing happens prior to verification of the certificate
+ signature, any process that parses an externally supplied certificate may
+ thus be subject to a denial of service attack. The infinite loop can also
+ be reached when parsing crafted private keys as they can contain explicit
+ elliptic curve parameters.
+
+ Thus vulnerable situations include:
+
+  - TLS clients consuming server certificates
+  - TLS servers consuming client certificates
+  - Hosting providers taking certificates or private keys from customers
+  - Certificate authorities parsing certification requests from subscribers
+  - Anything else which parses ASN.1 elliptic curve parameters
+
+ Also any other applications that use the BN_mod_sqrt() where the attacker
+ can control the parameter values are vulnerable to this DoS issue.
+ (CVE-2022-0778)
+ [Tomáš Mráz]
+
+  *) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489)
+ to the list of ciphersuites providing Perfect Forward Secrecy as
+ required by SECLEVEL >= 3.
+
+ [Dmitry Belyavskiy, Nicola Tuveri]
+
  Changes between 1.1.1l and 1.1.1m [14 Dec 2021]
 
   *) Avoid loading of a dynamic engine twice.
Index: src/crypto/external/bsd/openssl/dist/NEWS
diff -u src/crypto/external/bsd/openssl/dist/NEWS:1.28 src/crypto/external/bsd/openssl/dist/NEWS:1.29
--- src/crypto/external/bsd/openssl/dist/NEWS:1.28	Fri Jan  7 10:50:10 2022
+++ src/crypto/external/bsd/openssl/dist/NEWS	Tue Mar 15 16:51:12 2022
@@ -5,6 +5,11 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1m and OpenSSL 1.1.1n [15 Mar 2022]
+
+  o

CVS commit: src/crypto/external/bsd/openssl/dist

2022-03-15 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Tue Mar 15 20:51:13 UTC 2022

Modified Files:
src/crypto/external/bsd/openssl/dist: CHANGES Configure NEWS README
src/crypto/external/bsd/openssl/dist/apps: openssl.c s_client.c
src/crypto/external/bsd/openssl/dist/crypto/bn: bn_print.c
src/crypto/external/bsd/openssl/dist/crypto/engine: eng_all.c
src/crypto/external/bsd/openssl/dist/crypto/lhash: lhash.c
src/crypto/external/bsd/openssl/dist/crypto/ui: ui_openssl.c
src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c
src/crypto/external/bsd/openssl/dist/ssl: s3_lib.c
src/crypto/external/bsd/openssl/dist/test: bntest.c evp_extra_test.c
src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data:
evpkdf.txt

Log Message:
merge OpenSSL-1.1.1m and OpenSSL-1.1.1n


To generate a diff of this commit:
cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssl/dist/CHANGES \
src/crypto/external/bsd/openssl/dist/NEWS \
src/crypto/external/bsd/openssl/dist/README
cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssl/dist/Configure
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssl/dist/apps/openssl.c
cvs rdiff -u -r1.24 -r1.25 \
src/crypto/external/bsd/openssl/dist/apps/s_client.c
cvs rdiff -u -r1.3 -r1.4 \
src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c
cvs rdiff -u -r1.13 -r1.14 \
src/crypto/external/bsd/openssl/dist/crypto/engine/eng_all.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/lhash/lhash.c
cvs rdiff -u -r1.17 -r1.18 \
src/crypto/external/bsd/openssl/dist/crypto/ui/ui_openssl.c
cvs rdiff -u -r1.24 -r1.25 \
src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c
cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c
cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssl/dist/test/bntest.c
cvs rdiff -u -r1.10 -r1.11 \
src/crypto/external/bsd/openssl/dist/test/evp_extra_test.c
cvs rdiff -u -r1.2 -r1.3 \

src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpkdf.txt

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data

2022-01-18 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Tue Jan 18 20:43:37 UTC 2022

Modified Files:
src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data:
evpkdf.txt

Log Message:
skip out of memory test; on small machines we run out of swap


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2 -r1.2 \

src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpkdf.txt

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpkdf.txt
diff -u src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpkdf.txt:1.1.1.2 src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpkdf.txt:1.2
--- src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpkdf.txt:1.1.1.2	Fri Jan  7 10:46:27 2022
+++ src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpkdf.txt	Tue Jan 18 15:43:37 2022
@@ -295,11 +295,12 @@ Ctrl.p = p:1
 Output = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
 
 # Out of memory
-KDF = scrypt
-Ctrl.pass = pass:pleaseletmein
-Ctrl.salt = salt:SodiumChloride
-Ctrl.N = N:1048576
-Ctrl.r = r:8
-Ctrl.p = p:1
-Result = KDF_MISMATCH
+# XXX: skip for now; on small machines we run out of swap
+#KDF = scrypt
+#Ctrl.pass = pass:pleaseletmein
+#Ctrl.salt = salt:SodiumChloride
+#Ctrl.N = N:1048576
+#Ctrl.r = r:8
+#Ctrl.p = p:1
+#Result = KDF_MISMATCH

CVS commit: src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data

2022-01-18 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Tue Jan 18 20:43:37 UTC 2022

Modified Files:
src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data:
evpkdf.txt

Log Message:
skip out of memory test; on small machines we run out of swap


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2 -r1.2 \

src/crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpkdf.txt

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssl/dist

2022-01-07 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Fri Jan  7 15:50:11 UTC 2022

Modified Files:
src/crypto/external/bsd/openssl/dist: CHANGES Configure NEWS README
src/crypto/external/bsd/openssl/dist/apps: s_client.c s_server.c
speed.c
src/crypto/external/bsd/openssl/dist/crypto: armcap.c ppccap.c uid.c
src/crypto/external/bsd/openssl/dist/crypto/asn1: a_strex.c
src/crypto/external/bsd/openssl/dist/crypto/bn/asm: mips.pl
src/crypto/external/bsd/openssl/dist/crypto/ec: ec_asn1.c
src/crypto/external/bsd/openssl/dist/crypto/engine: eng_lib.c
src/crypto/external/bsd/openssl/dist/crypto/evp: e_aes.c evp_enc.c
src/crypto/external/bsd/openssl/dist/crypto/objects: o_names.c
src/crypto/external/bsd/openssl/dist/crypto/rand: rand_unix.c
src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c
src/crypto/external/bsd/openssl/dist/ssl: d1_lib.c s3_cbc.c ssl_ciph.c
ssl_err.c ssl_lib.c t1_lib.c
src/crypto/external/bsd/openssl/dist/test: bntest.c ectest.c
evp_extra_test.c evp_test.c rsa_test.c
src/crypto/external/bsd/openssl/dist/test/testutil: format_output.c
tests.c

Log Message:
merge conflicts between openssl-1-1-1k and openssl-1-1-1m


To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssl/dist/CHANGES \
src/crypto/external/bsd/openssl/dist/NEWS \
src/crypto/external/bsd/openssl/dist/README
cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssl/dist/Configure
cvs rdiff -u -r1.23 -r1.24 \
src/crypto/external/bsd/openssl/dist/apps/s_client.c \
src/crypto/external/bsd/openssl/dist/apps/s_server.c
cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssl/dist/apps/speed.c
cvs rdiff -u -r1.13 -r1.14 \
src/crypto/external/bsd/openssl/dist/crypto/armcap.c
cvs rdiff -u -r1.19 -r1.20 \
src/crypto/external/bsd/openssl/dist/crypto/ppccap.c
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssl/dist/crypto/uid.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/asn1/a_strex.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl
cvs rdiff -u -r1.11 -r1.12 \
src/crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/engine/eng_lib.c
cvs rdiff -u -r1.24 -r1.25 \
src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c
cvs rdiff -u -r1.13 -r1.14 \
src/crypto/external/bsd/openssl/dist/crypto/evp/evp_enc.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/objects/o_names.c
cvs rdiff -u -r1.17 -r1.18 \
src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c
cvs rdiff -u -r1.23 -r1.24 \
src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c
cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssl/dist/ssl/d1_lib.c
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssl/dist/ssl/s3_cbc.c
cvs rdiff -u -r1.20 -r1.21 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c \
src/crypto/external/bsd/openssl/dist/ssl/ssl_lib.c
cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssl/dist/ssl/ssl_err.c
cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssl/dist/test/bntest.c \
src/crypto/external/bsd/openssl/dist/test/ectest.c \
src/crypto/external/bsd/openssl/dist/test/evp_test.c \
src/crypto/external/bsd/openssl/dist/test/rsa_test.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/test/evp_extra_test.c
cvs rdiff -u -r1.5 -r1.6 \
src/crypto/external/bsd/openssl/dist/test/testutil/format_output.c \
src/crypto/external/bsd/openssl/dist/test/testutil/tests.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/CHANGES
diff -u src/crypto/external/bsd/openssl/dist/CHANGES:1.27 src/crypto/external/bsd/openssl/dist/CHANGES:1.28
--- src/crypto/external/bsd/openssl/dist/CHANGES:1.27	Thu Mar 25 14:51:18 2021
+++ src/crypto/external/bsd/openssl/dist/CHANGES	Fri Jan  7 10:50:10 2022
@@ -7,6 +7,91 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1l and 1.1.1m [14 Dec 2021]
+
+  *) Avoid loading of a dynamic engine twice.
+
+ [Bernd Edlinger]
+
+  *) Fixed building on Debian with kfreebsd kernels
+
+ [Mattias Ellert]
+
+  *) Prioritise DANE TLSA issuer certs over peer certs
+
+ [Viktor Dukhovni]
+
+  *) Fixed random API for MacOS prior to 10.12
+
+ These MacOS versions don't support the CommonCrypto APIs
+
+ [Lenny Primak]
+
+ Changes between 1.1.1k and 1.1.1l [24 Aug 2021]
+
+  *) Fixed an SM2 Decryption Buffer Overflow.
+
+ In order to decrypt SM2 encrypted data an application is

CVS commit: src/crypto/external/bsd/openssl/dist

2022-01-07 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Fri Jan  7 15:50:11 UTC 2022

Modified Files:
src/crypto/external/bsd/openssl/dist: CHANGES Configure NEWS README
src/crypto/external/bsd/openssl/dist/apps: s_client.c s_server.c
speed.c
src/crypto/external/bsd/openssl/dist/crypto: armcap.c ppccap.c uid.c
src/crypto/external/bsd/openssl/dist/crypto/asn1: a_strex.c
src/crypto/external/bsd/openssl/dist/crypto/bn/asm: mips.pl
src/crypto/external/bsd/openssl/dist/crypto/ec: ec_asn1.c
src/crypto/external/bsd/openssl/dist/crypto/engine: eng_lib.c
src/crypto/external/bsd/openssl/dist/crypto/evp: e_aes.c evp_enc.c
src/crypto/external/bsd/openssl/dist/crypto/objects: o_names.c
src/crypto/external/bsd/openssl/dist/crypto/rand: rand_unix.c
src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c
src/crypto/external/bsd/openssl/dist/ssl: d1_lib.c s3_cbc.c ssl_ciph.c
ssl_err.c ssl_lib.c t1_lib.c
src/crypto/external/bsd/openssl/dist/test: bntest.c ectest.c
evp_extra_test.c evp_test.c rsa_test.c
src/crypto/external/bsd/openssl/dist/test/testutil: format_output.c
tests.c

Log Message:
merge conflicts between openssl-1-1-1k and openssl-1-1-1m


To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssl/dist/CHANGES \
src/crypto/external/bsd/openssl/dist/NEWS \
src/crypto/external/bsd/openssl/dist/README
cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssl/dist/Configure
cvs rdiff -u -r1.23 -r1.24 \
src/crypto/external/bsd/openssl/dist/apps/s_client.c \
src/crypto/external/bsd/openssl/dist/apps/s_server.c
cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssl/dist/apps/speed.c
cvs rdiff -u -r1.13 -r1.14 \
src/crypto/external/bsd/openssl/dist/crypto/armcap.c
cvs rdiff -u -r1.19 -r1.20 \
src/crypto/external/bsd/openssl/dist/crypto/ppccap.c
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssl/dist/crypto/uid.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/asn1/a_strex.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl
cvs rdiff -u -r1.11 -r1.12 \
src/crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/openssl/dist/crypto/engine/eng_lib.c
cvs rdiff -u -r1.24 -r1.25 \
src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c
cvs rdiff -u -r1.13 -r1.14 \
src/crypto/external/bsd/openssl/dist/crypto/evp/evp_enc.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/crypto/objects/o_names.c
cvs rdiff -u -r1.17 -r1.18 \
src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c
cvs rdiff -u -r1.23 -r1.24 \
src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c
cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssl/dist/ssl/d1_lib.c
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssl/dist/ssl/s3_cbc.c
cvs rdiff -u -r1.20 -r1.21 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c \
src/crypto/external/bsd/openssl/dist/ssl/ssl_lib.c
cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssl/dist/ssl/ssl_err.c
cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssl/dist/test/bntest.c \
src/crypto/external/bsd/openssl/dist/test/ectest.c \
src/crypto/external/bsd/openssl/dist/test/evp_test.c \
src/crypto/external/bsd/openssl/dist/test/rsa_test.c
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/openssl/dist/test/evp_extra_test.c
cvs rdiff -u -r1.5 -r1.6 \
src/crypto/external/bsd/openssl/dist/test/testutil/format_output.c \
src/crypto/external/bsd/openssl/dist/test/testutil/tests.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Re: CVS commit: src/crypto/external/bsd/openssl/dist

2018-03-08 Thread Christos Zoulas 
In article ,
Christos Zoulas  wrote:
>In article <20180308215340.ga22...@britannica.bec.de>,
>Joerg Sonnenberger   wrote:
>>On Wed, Mar 07, 2018 at 11:06:57AM -0500, Christos Zoulas wrote:
>>> Module Name:src
>>> Committed By:   christos
>>> Date:   Wed Mar  7 16:06:57 UTC 2018
>>> 
>>> Modified Files:
>>> src/crypto/external/bsd/openssl/dist: e_os.h
>>> 
>>> Log Message:
>>> HACK around aarch64 having "long long" "__int64_t"
>>
>>Please, just check __STDC_VERSION__ and use the real one for C99 and
>>later. No need for any such hacks.
>
>Will fix! Just trying to get everything to compile first.

Can't do it without making a lot of diffs. There is no C99 with the size
and without the format specifier:

e.g.

#define PRId64  "ld"/* int64_t  */

Where OpenSSL wants:

#define BIO_PRI64   "l"

christos

Re: CVS commit: src/crypto/external/bsd/openssl/dist

2018-03-08 Thread Joerg Sonnenberger 
On Wed, Mar 07, 2018 at 11:06:57AM -0500, Christos Zoulas wrote:
> Module Name:  src
> Committed By: christos
> Date: Wed Mar  7 16:06:57 UTC 2018
> 
> Modified Files:
>   src/crypto/external/bsd/openssl/dist: e_os.h
> 
> Log Message:
> HACK around aarch64 having "long long" "__int64_t"

Please, just check __STDC_VERSION__ and use the real one for C99 and
later. No need for any such hacks.

Joerg

Re: CVS commit: src/crypto/external/bsd/openssl/dist/crypto

2015-03-11 Thread Christos Zoulas 
In article 20150311082859.gj8...@mail.duskware.de,
Martin Husemann  mar...@duskware.de wrote:
On Tue, Mar 10, 2015 at 01:42:05PM +, Christos Zoulas wrote:
 Why not import 1.0.2? We'll need it anyway...

Well, the change is simple and completely independend from the rest
of the library, and it is good to have the newer asm code in shape - 
so there will be no problem (and no overlooked newer asm sources) when
we update.

makes sense.


The time of the openssl update (and pullup to -7) should be discussed
without hurry. And the change at hand already took several days to
much.

Ok, can you bring it up in tech-userlevel so we can start discussing it?
I was planning to import it next week.

christos

Re: CVS commit: src/crypto/external/bsd/openssl/dist/crypto

2015-03-11 Thread Martin Husemann 
On Tue, Mar 10, 2015 at 01:42:05PM +, Christos Zoulas wrote:
 Why not import 1.0.2? We'll need it anyway...

Well, the change is simple and completely independend from the rest
of the library, and it is good to have the newer asm code in shape - 
so there will be no problem (and no overlooked newer asm sources) when
we update.

The time of the openssl update (and pullup to -7) should be discussed
without hurry. And the change at hand already took several days to
much.

Martin

Re: CVS commit: src/crypto/external/bsd/openssl/dist/crypto

2015-03-10 Thread Christos Zoulas 
In article 20150310132808.a203...@cvs.netbsd.org,
Martin Husemann source-changes-d@NetBSD.org wrote:
Module Name:   src
Committed By:  martin
Date:  Tue Mar 10 13:28:08 UTC 2015

Modified Files:
   src/crypto/external/bsd/openssl/dist/crypto: arm_arch.h armcap.c

Log Message:
Update arm runtime detection from version 1.0.2, so we can use the newer
asm support code.

Why not import 1.0.2? We'll need it anyway...

christos

re: CVS commit: src/crypto/external/bsd/openssl/dist/crypto/evp

2013-02-18 Thread matthew green 

 Module Name:  src
 Committed By: riastradh
 Date: Mon Feb 18 21:20:50 UTC 2013
 
 Modified Files:
   src/crypto/external/bsd/openssl/dist/crypto/evp: e_aes.c
 
 Log Message:
 Touch e_aes.c to force a rebuild with new compiler flags for AES-NI.

i would rather do this by making the include file a dependancy
for the .c files.  so if it changes, everything is rebuilt.


.mrg.

CVS commit: src/crypto/external/bsd/openssl/dist/crypto/evp

2010-03-01 Thread Joerg Sonnenberger 
Module Name:src
Committed By:   joerg
Date:   Mon Mar  1 21:47:43 UTC 2010

Modified Files:
src/crypto/external/bsd/openssl/dist/crypto/evp: m_sha1.c

Log Message:
Ensure that SHA384 always calls the SHA384 functions.
Should fix PR 42881.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 \
src/crypto/external/bsd/openssl/dist/crypto/evp/m_sha1.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/crypto/evp/m_sha1.c
diff -u src/crypto/external/bsd/openssl/dist/crypto/evp/m_sha1.c:1.2 src/crypto/external/bsd/openssl/dist/crypto/evp/m_sha1.c:1.3
--- src/crypto/external/bsd/openssl/dist/crypto/evp/m_sha1.c:1.2	Sun Jul 19 23:30:39 2009
+++ src/crypto/external/bsd/openssl/dist/crypto/evp/m_sha1.c	Mon Mar  1 21:47:43 2010
@@ -158,8 +158,12 @@
 static int init512(EVP_MD_CTX *ctx)
 	{ return SHA512_Init(ctx-md_data); }
 /* See comment in SHA224/256 section */
+static int update384(EVP_MD_CTX *ctx,const void *data,size_t count)
+	{ return SHA384_Update(ctx-md_data,data,count); }
 static int update512(EVP_MD_CTX *ctx,const void *data,size_t count)
 	{ return SHA512_Update(ctx-md_data,data,count); }
+static int final384(EVP_MD_CTX *ctx,unsigned char *md)
+	{ return SHA384_Final(md,ctx-md_data); }
 static int final512(EVP_MD_CTX *ctx,unsigned char *md)
 	{ return SHA512_Final(md,ctx-md_data); }
 
@@ -170,8 +174,8 @@
 	SHA384_DIGEST_LENGTH,
 	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
 	init384,
-	update512,
-	final512,
+	update384,
+	final384,
 	NULL,
 	NULL,
 	EVP_PKEY_RSA_method,