CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto
Module Name:src Committed By: rillig Date: Sun Aug 15 13:32:44 UTC 2021 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto: bn.inc Log Message: libcrypto: suppress irrelevant lint warnings The conversion from 'unsigned long' to 'int' in line 805 is due to the laziness of declaring a carry flag as BN_ULONG, to save an extra line of declaration. The constants in conditional context come from the macro 'bn_cp_32'. The unconst cast is used for initializing local BIGNUM constants; the struct member is declared as non-const pointer. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssl/lib/libcrypto/bn.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/bn.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/bn.inc:1.5 src/crypto/external/bsd/openssl/lib/libcrypto/bn.inc:1.6 --- src/crypto/external/bsd/openssl/lib/libcrypto/bn.inc:1.5 Fri Feb 9 13:35:45 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/bn.inc Sun Aug 15 13:32:43 2021 @@ -1,4 +1,4 @@ -# $NetBSD: bn.inc,v 1.5 2018/02/09 13:35:45 christos Exp $ +# $NetBSD: bn.inc,v 1.6 2021/08/15 13:32:43 rillig Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -47,3 +47,7 @@ SRCS += ${BN_SRCS} .for cryptosrc in ${BN_SRCS} CPPFLAGS.${cryptosrc} = -I${OPENSSLSRC}/crypto/bn ${BNCPPFLAGS} .endfor + +LINTFLAGS.bn_nist.c+= -X 132 # conversion from 'unsigned long' to 'int' +LINTFLAGS.bn_nist.c+= -X 161 # constant in conditional context +LINTFLAGS.bn_nist.c+= -X 275 # cast discards 'const' from type 'pointer to const unsigned long'
CVS commit: src/crypto/external/bsd/openssl/lib/libdes
Module Name:src Committed By: rillig Date: Sun Aug 15 12:58:02 UTC 2021 Modified Files: src/crypto/external/bsd/openssl/lib/libdes: Makefile Log Message: libdes: suppress some selected lint warnings The type widths are handled carefully, so even if there is some conversion from 64-bit long to uint32_t, no value bits get lost. The fallthrough case statements are a variant of Duff's Device. The bitwise '>>' on signed value is actually on a value of type 'unsigned char', and since all platforms supported by lint have sizeof(int) == 4, the behavior is well defined. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssl/lib/libdes/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libdes/Makefile diff -u src/crypto/external/bsd/openssl/lib/libdes/Makefile:1.3 src/crypto/external/bsd/openssl/lib/libdes/Makefile:1.4 --- src/crypto/external/bsd/openssl/lib/libdes/Makefile:1.3 Thu Mar 15 18:40:16 2018 +++ src/crypto/external/bsd/openssl/lib/libdes/Makefile Sun Aug 15 12:58:01 2021 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.3 2018/03/15 18:40:16 christos Exp $ +# $NetBSD: Makefile,v 1.4 2021/08/15 12:58:01 rillig Exp $ .include @@ -16,6 +16,9 @@ SRCS+= ornd_keys.c CPPFLAGS+=-DOPENSSL_VERSION_PTEXT="\" based on OpenSSL 0.9.6j 10 Apr 2003\"" CPPFLAGS+=-DOPENSSL_cleanse=bzero -DOPENSSL_malloc=malloc +LINTFLAGS+= -X 117 # bitwise '>>' on signed value possibly nonportable +LINTFLAGS+= -X 132 # conversion from 'long' to 'unsigned int' +LINTFLAGS+= -X 220 # fallthrough on case statement INCS= des.h INCSDIR=/usr/include
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips
Module Name:src Committed By: christos Date: Tue Aug 10 10:43:42 UTC 2021 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips: bn.inc Log Message: PR/56318: Izumi Tsutsui: Don't include mips.S for 32 bit mips because it does not work for mips1 To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc:1.7 src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc:1.8 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc:1.7 Mon Apr 26 14:06:09 2021 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc Tue Aug 10 06:43:42 2021 @@ -1,6 +1,7 @@ .include "mips.inc" -.if ${MIPS_LE} +# Don't include mips.S for 32 bit mips because it does not work for mips1 +.if ${MIPS_LE} && ${MIPS_64} == "64" .PATH.S: ${.PARSEDIR} BN_SRCS = mips${MIPS_64}.S
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc
Module Name:src Committed By: christos Date: Tue Aug 10 10:38:42 UTC 2021 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc: bn.inc Log Message: PR/56318: Izumi Tsutsui: Limit bn-sparcv8.S to sparc64; breaks on sparcstation 2 (sun4c) To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc:1.2 src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc:1.3 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc:1.2 Sun Jun 21 18:16:08 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc Tue Aug 10 06:38:42 2021 @@ -1,5 +1,8 @@ .PATH.S: ${.PARSEDIR} +# Limit bn-sparcv8.S to sparc64; breaks on sparcstation 2 (sun4c) +.if ${MACHINE} == "sparc64" # XXX bn-sparcv8plus.S doesn't work well. why? BN_SRCS = bn-sparcv8.S AFLAGS.bn-sparcv8.S+= -Wa,-Av9 +.endif .include "../../bn.inc"
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: jhigh Date: Wed Jul 28 22:31:45 UTC 2021 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: packet-print.c packet-show.c Log Message: print Issuer Fingerprint subpacket 33 (rfc4880bis-08:5.2.3.28) rather than Unknown To generate a diff of this commit: cvs rdiff -u -r1.42 -r1.43 \ src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c cvs rdiff -u -r1.21 -r1.22 \ src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c:1.42 src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c:1.43 --- src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c:1.42 Wed Feb 22 06:29:40 2012 +++ src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c Wed Jul 28 22:31:45 2021 @@ -58,7 +58,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: packet-print.c,v 1.42 2012/02/22 06:29:40 agc Exp $"); +__RCSID("$NetBSD: packet-print.c,v 1.43 2021/07/28 22:31:45 jhigh Exp $"); #endif #include @@ -1090,6 +1090,14 @@ pgp_print_packet(pgp_printstate_t *print end_subpacket(>indent); break; + case PGP_PTAG_SS_ISSUER_FINGERPRINT: + start_subpacket(>indent, pkt->tag); + print_hexdump(print->indent, "Issuer Fingerprint", + content->ss_issuer_fingerprint.fingerprint, + content->ss_issuer_fingerprint.len); + end_subpacket(>indent); + break; + case PGP_PTAG_SS_PREFERRED_SKA: start_subpacket(>indent, pkt->tag); print_data(print->indent, "Preferred Symmetric Algorithms", Index: src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c:1.21 src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c:1.22 --- src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c:1.21 Sun Aug 14 11:19:51 2011 +++ src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c Wed Jul 28 22:31:45 2021 @@ -60,7 +60,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: packet-show.c,v 1.21 2011/08/14 11:19:51 christos Exp $"); +__RCSID("$NetBSD: packet-show.c,v 1.22 2021/07/28 22:31:45 jhigh Exp $"); #endif #include @@ -115,6 +115,7 @@ static pgp_map_t packet_tag_map[] = {PGP_PTAG_SS_PREFERRED_SKA, "SS: Preferred Secret Key Algorithm"}, {PGP_PTAG_SS_REVOCATION_KEY, "SS: Revocation Key"}, {PGP_PTAG_SS_ISSUER_KEY_ID, "SS: Issuer Key Id"}, + {PGP_PTAG_SS_ISSUER_FINGERPRINT, "SS: Issuer Fingerprint"}, {PGP_PTAG_SS_NOTATION_DATA, "SS: Notation Data"}, {PGP_PTAG_SS_PREFERRED_HASH, "SS: Preferred Hash Algorithm"}, {PGP_PTAG_SS_PREF_COMPRESS, "SS: Preferred Compression Algorithm"}, @@ -164,6 +165,7 @@ static pgp_map_t ss_type_map[] = {PGP_PTAG_SS_PREFERRED_SKA, "Preferred Symmetric Algorithms"}, {PGP_PTAG_SS_REVOCATION_KEY, "Revocation Key"}, {PGP_PTAG_SS_ISSUER_KEY_ID, "Issuer key ID"}, + {PGP_PTAG_SS_ISSUER_FINGERPRINT, "Issuer Fingerprint"}, {PGP_PTAG_SS_NOTATION_DATA, "Notation Data"}, {PGP_PTAG_SS_PREFERRED_HASH, "Preferred Hash Algorithms"}, {PGP_PTAG_SS_PREF_COMPRESS, "Preferred Compression Algorithms"},
CVS commit: src/crypto/external/bsd/heimdal/dist/lib/hx509
Module Name:src Committed By: christos Date: Sun Jun 20 12:01:07 UTC 2021 Modified Files: src/crypto/external/bsd/heimdal/dist/lib/hx509: sel-gram.y sel-lex.l sel.c sel.h Removed Files: src/crypto/external/bsd/heimdal/dist/lib/hx509: sel-gram.c sel-gram.h sel-lex.c Log Message: remove generated files, custom #define prefixes to hide lex/yacc symbols and yywrap. To generate a diff of this commit: cvs rdiff -u -r1.2 -r0 \ src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-gram.c \ src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-gram.h \ src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-lex.c cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-gram.y \ src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-lex.l cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.c cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-gram.y diff -u src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-gram.y:1.3 src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-gram.y:1.4 --- src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-gram.y:1.3 Sun Dec 15 17:50:50 2019 +++ src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-gram.y Sun Jun 20 08:01:07 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: sel-gram.y,v 1.3 2019/12/15 22:50:50 christos Exp $ */ +/* $NetBSD: sel-gram.y,v 1.4 2021/06/20 12:01:07 christos Exp $ */ /* * Copyright (c) 2017 Kungliga Tekniska Högskolan @@ -41,19 +41,6 @@ #include #include -#if !defined(yylex) -#define yylex _hx509_sel_yylex -#define yywrap _hx509_sel_yywrap -#endif -#if !defined(yyparse) -#define yyparse _hx509_sel_yyparse -#define yyerror _hx509_sel_yyerror -#define yylval _hx509_sel_yylval -#define yychar _hx509_sel_yychar -#define yydebug _hx509_sel_yydebug -#define yynerrs _hx509_sel_yynerrs -#endif - %} %union { Index: src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-lex.l diff -u src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-lex.l:1.3 src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-lex.l:1.4 --- src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-lex.l:1.3 Sun Dec 15 17:50:50 2019 +++ src/crypto/external/bsd/heimdal/dist/lib/hx509/sel-lex.l Sun Jun 20 08:01:07 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: sel-lex.l,v 1.3 2019/12/15 22:50:50 christos Exp $ */ +/* $NetBSD: sel-lex.l,v 1.4 2021/06/20 12:01:07 christos Exp $ */ %{ /* @@ -72,6 +72,8 @@ struct hx_expr_input _hx509_expr_input; #undef ECHO %} + +%option noyywrap %% TRUE { return kw_TRUE; } @@ -82,12 +84,12 @@ IN { return kw_IN; } TAILMATCH { return kw_TAILMATCH; } [A-Za-z][-A-Za-z0-9_]* { - yylval.string = strdup ((const char *)yytext); + _hx509_sel_yylval.string = strdup ((const char *)_hx509_sel_yytext); return IDENTIFIER; } -"\"" { yylval.string = handle_string(); return STRING; } +"\"" { _hx509_sel_yylval.string = handle_string(); return STRING; } \n { ++lineno; } -[,.!={}()%] { return *yytext; } +[,.!={}()%] { return *_hx509_sel_yytext; } [ \t] ; %% @@ -122,16 +124,6 @@ handle_string(void) return strdup(x); } -#if !defined(yywrap) -#define yywrap _hx509_sel_yywrap -#endif - -int -yywrap () -{ - return 1; -} - static int lex_input(char *buf, int max_size) { Index: src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.c diff -u src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.c:1.2 src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.c:1.3 --- src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.c:1.2 Sat Jan 28 16:31:48 2017 +++ src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.c Sun Jun 20 08:01:07 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: sel.c,v 1.2 2017/01/28 21:31:48 christos Exp $ */ +/* $NetBSD: sel.c,v 1.3 2021/06/20 12:01:07 christos Exp $ */ /* * Copyright (c) 2008 Kungliga Tekniska Högskolan @@ -219,7 +219,7 @@ _hx509_expr_parse(const char *buf) _hx509_expr_input.error = NULL; } -yyparse(); +_hx509_sel_yyparse(); return _hx509_expr_input.expr; } Index: src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.h diff -u src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.h:1.5 src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.h:1.6 --- src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.h:1.5 Sun Dec 15 17:50:50 2019 +++ src/crypto/external/bsd/heimdal/dist/lib/hx509/sel.h Sun Jun 20 08:01:07 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: sel.h,v 1.5 2019/12/15 22:50:50 christos Exp $ */ +/* $NetBSD: sel.h,v 1.6 2021/06/20 12:01:07 christos Exp $ */ /* * Copyright (c) 2008 Kungliga Tekniska Högskolan @@ -69,20 +69,6 @@ struct hx_expr_input { extern struct hx_expr_input _hx509_expr_input; -#if !defined(yylex) -#define yylex _hx509_sel_yylex -#define yywrap _hx509_sel_yywrap -#endif -#if !defined(yyparse)
CVS commit: src/crypto/external/bsd/heimdal/lib/libhx509
Module Name:src Committed By: christos Date: Sun Jun 20 10:38:54 UTC 2021 Modified Files: src/crypto/external/bsd/heimdal/lib/libhx509: Makefile Log Message: hide yyerrflag, yyval; centralize lex and yacc settings To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/heimdal/lib/libhx509/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/heimdal/lib/libhx509/Makefile diff -u src/crypto/external/bsd/heimdal/lib/libhx509/Makefile:1.6 src/crypto/external/bsd/heimdal/lib/libhx509/Makefile:1.7 --- src/crypto/external/bsd/heimdal/lib/libhx509/Makefile:1.6 Sat Feb 3 22:19:51 2018 +++ src/crypto/external/bsd/heimdal/lib/libhx509/Makefile Sun Jun 20 06:38:54 2021 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.6 2018/02/04 03:19:51 christos Exp $ +# $NetBSD: Makefile,v 1.7 2021/06/20 10:38:54 christos Exp $ NOLINT= # defined @@ -19,6 +19,8 @@ LIBDPLIBS+= asn1 ${HEIMBASE}/lib/libasn1 wind ${HEIMBASE}/lib/libwind YHEADER=1 +YPREFIX= _hx509_sel_yy +LPREFIX= _hx509_sel_yy INCSDIR= /usr/include/krb5 INCS+= hx509.h hx509-protos.h ${ASN1_INCS} ${COMPILE_ET_INCS} @@ -56,7 +58,6 @@ SRCS=\ softp11.c \ ${BUILT_SOURCES} -LPREFIX= _hx509_sel_yy CPPFLAGS+=\ -I${HEIMDIST}/lib/hx509/ref \
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips
Module Name:src Committed By: christos Date: Mon Apr 26 20:01:13 UTC 2021 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips: mips.inc Log Message: Handle the compat builds and both the n64 and non n64 variants To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.inc:1.1 src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.inc:1.2 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.inc:1.1 Mon Apr 26 14:06:09 2021 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.inc Mon Apr 26 16:01:13 2021 @@ -1,4 +1,4 @@ -# $NetBSD: mips.inc,v 1.1 2021/04/26 18:06:09 christos Exp $ +# $NetBSD: mips.inc,v 1.2 2021/04/26 20:01:13 christos Exp $ .ifndef MIPS_LE @@ -8,10 +8,11 @@ MIPS_LE=0 MIPS_LE=1 . endif -. if empty(MACHINE_ARCH:Mmips*64*) -MIPS_64= -. else +. if (!empty(MACHINE_ARCH:Mmipsn64*) && empty(COPTS:M-mabi=*32*)) || \ + (!empty(MACHINE_ARCH:Mmips64*) && !empty(COPTS:M-mabi=*64*)) MIPS_64=64 +. else +MIPS_64= . endif .endif
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips
Module Name:src Committed By: christos Date: Mon Apr 26 18:06:09 UTC 2021 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips: aes.inc bn.inc crypto.inc poly1305.inc sha.inc Added Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips: mips.inc Log Message: Centralize the logic for endian and 64 bit availability. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/aes.inc cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/sha.inc cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/crypto.inc cvs rdiff -u -r0 -r1.1 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.inc cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/poly1305.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/aes.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/aes.inc:1.5 src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/aes.inc:1.6 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/aes.inc:1.5 Fri Mar 9 16:49:55 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/aes.inc Mon Apr 26 14:06:09 2021 @@ -1,7 +1,8 @@ -.if empty(MACHINE_ARCH:M*eb) +.include "mips.inc" +.if ${MIPS_LE} .PATH.S: ${.PARSEDIR} -#AES_SRCS = aes-mips${"${COPTS:M*-mabi=64*}" == "":?:64}.S +#AES_SRCS = aes-mips${MIPS_64}.S #AESCPPFLAGS = -DAES_ASM .endif Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc:1.6 src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc:1.7 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc:1.6 Fri Mar 9 16:49:55 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/bn.inc Mon Apr 26 14:06:09 2021 @@ -1,7 +1,9 @@ -.if empty(MACHINE_ARCH:M*eb) +.include "mips.inc" + +.if ${MIPS_LE} .PATH.S: ${.PARSEDIR} -BN_SRCS = mips${"${COPTS:M*-mabi=64*}" == "":?:64}.S +BN_SRCS = mips${MIPS_64}.S .endif .include "../../bn.inc" Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/sha.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/sha.inc:1.6 src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/sha.inc:1.7 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/sha.inc:1.6 Fri Mar 9 16:49:55 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/sha.inc Mon Apr 26 14:06:09 2021 @@ -1,9 +1,12 @@ -.if empty(MACHINE_ARCH:M*eb) +.include "mips.inc" + +.if ${MIPS_LE} .PATH.S: ${.PARSEDIR} -SHA_SRCS += sha1-mips${"${COPTS:M*-mabi=64*}" == "":?:64}.S -SHA_SRCS += sha512-mips${"${COPTS:M*-mabi=64*}" == "":?:64}.S +SHA_SRCS += sha1-mips${MIPS_64}.S +SHA_SRCS += sha512-mips${MIPS_64}.S SHACPPFLAGS = -DSHA1_ASM .endif + .include "../../sha.inc" Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/crypto.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/crypto.inc:1.7 src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/crypto.inc:1.8 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/crypto.inc:1.7 Mon Sep 24 07:03:40 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/crypto.inc Mon Apr 26 14:06:09 2021 @@ -1,7 +1,9 @@ -.if empty(MACHINE_ARCH:M*eb) +.include "mips.inc" + +.if ${MIPS_LE} .PATH.S: ${.PARSEDIR} -CRYPTO_SRCS += mips-mont${"${COPTS:M*-mabi=64*}" == "":?:64}.S +CRYPTO_SRCS += mips-mont${MIPS_64}.S .endif .include "../../crypto.inc" Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/poly1305.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/poly1305.inc:1.4 src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/poly1305.inc:1.5 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/poly1305.inc:1.4 Fri Mar 9 16:49:55 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/poly1305.inc Mon Apr 26 14:06:09 2021 @@ -1,5 +1,6 @@ -.if empty(MACHINE_ARCH:M*eb) -.if !empty(MACHINE_ARCH:Mmips64*) +.include "mips.inc" + +.if ${MIPS_LE} && ${MIPS_64} == "64" .PATH.S: ${.PARSEDIR} @@ -7,6 +8,5 @@ POLY1305_SRCS = poly1305-mips64.S POLY1305_CPPFLAGS+=-DPOLY1305_ASM .endif -.endif .include "../../poly1305.inc" Added files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.inc diff -u /dev/null src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.inc:1.1 --- /dev/null Mon Apr 26 14:06:09 2021 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.inc Mon Apr 26 14:06:09 2021 @@ -0,0 +1,17 @@ +# $NetBSD: mips.inc,v 1.1 2021/04/26 18:06:09 christos Exp $ + +.ifndef MIPS_LE + +. if
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Mon Apr 19 14:40:16 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: addrmatch.c auth-krb5.c auth-options.c auth.c auth2-pubkey.c auth2.c chacha.h channels.c channels.h cipher.c clientloop.c dh.c dh.h hostfile.c kex.c kexgen.c log.c log.h misc.c misc.h monitor.c monitor_wrap.c monitor_wrap.h mux.c packet.c readconf.c scp.c servconf.c servconf.h serverloop.c session.c sftp-client.c sftp-client.h sftp-server.c sftp.c srclimit.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-sk-client.c ssh.c ssh_api.c ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5 sshkey-xmss.c sshkey-xmss.h sshkey.c umac.c utf8.h version.h xmalloc.h src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: shlib_version Log Message: Merge local changes between 8.5 and 8.6 To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/addrmatch.c cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/auth-krb5.c cvs rdiff -u -r1.25 -r1.26 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/auth.c \ src/crypto/external/bsd/openssh/dist/channels.c \ src/crypto/external/bsd/openssh/dist/kex.c \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/serverloop.c \ src/crypto/external/bsd/openssh/dist/ssh_config.5 \ src/crypto/external/bsd/openssh/dist/sshconnect.c cvs rdiff -u -r1.27 -r1.28 \ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/auth2.c \ src/crypto/external/bsd/openssh/dist/sftp-server.c \ src/crypto/external/bsd/openssh/dist/sshd.8 cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/chacha.h \ src/crypto/external/bsd/openssh/dist/srclimit.c cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/channels.h cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/cipher.c \ src/crypto/external/bsd/openssh/dist/dh.c \ src/crypto/external/bsd/openssh/dist/hostfile.c \ src/crypto/external/bsd/openssh/dist/umac.c cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/dist/clientloop.c \ src/crypto/external/bsd/openssh/dist/sftp.c \ src/crypto/external/bsd/openssh/dist/ssh-agent.c cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/dh.h \ src/crypto/external/bsd/openssh/dist/sftp-client.h \ src/crypto/external/bsd/openssh/dist/ssh_api.c cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/kexgen.c cvs rdiff -u -r1.22 -r1.23 src/crypto/external/bsd/openssh/dist/log.c cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/log.h cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/misc.h cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/monitor.c cvs rdiff -u -r1.21 -r1.22 \ src/crypto/external/bsd/openssh/dist/monitor_wrap.h cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/mux.c cvs rdiff -u -r1.43 -r1.44 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/readconf.c \ src/crypto/external/bsd/openssh/dist/session.c \ src/crypto/external/bsd/openssh/dist/sshd_config.5 cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/scp.c cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/servconf.c \ src/crypto/external/bsd/openssh/dist/ssh.c \ src/crypto/external/bsd/openssh/dist/version.h cvs rdiff -u -r1.24 -r1.25 src/crypto/external/bsd/openssh/dist/servconf.h \ src/crypto/external/bsd/openssh/dist/ssh-add.c cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/sftp-client.c cvs rdiff -u -r1.38 -r1.39 src/crypto/external/bsd/openssh/dist/ssh-keygen.c cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/ssh-sk-client.c \ src/crypto/external/bsd/openssh/dist/utf8.h cvs rdiff -u -r1.39 -r1.40 src/crypto/external/bsd/openssh/dist/sshconnect2.c cvs rdiff -u -r1.41 -r1.42 src/crypto/external/bsd/openssh/dist/sshd.c cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/sshkey-xmss.c cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/sshkey-xmss.h cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/xmalloc.h cvs rdiff -u -r1.9 -r1.10 \ src/crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 \ src/crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 \
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Mon Apr 19 14:07:36 UTC 2021 Modified Files: src/crypto/external/bsd/openssh: openssh2netbsd Log Message: Force user to specify source dir. Too dangerous to run in random places. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/openssh2netbsd Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/openssh2netbsd diff -u src/crypto/external/bsd/openssh/openssh2netbsd:1.3 src/crypto/external/bsd/openssh/openssh2netbsd:1.4 --- src/crypto/external/bsd/openssh/openssh2netbsd:1.3 Fri Dec 4 13:42:49 2020 +++ src/crypto/external/bsd/openssh/openssh2netbsd Mon Apr 19 10:07:36 2021 @@ -1,6 +1,6 @@ #! /bin/sh # -# $NetBSD: openssh2netbsd,v 1.3 2020/12/04 18:42:49 christos Exp $ +# $NetBSD: openssh2netbsd,v 1.4 2021/04/19 14:07:36 christos Exp $ # # Copyright (c) 2001 The NetBSD Foundation, Inc. # All rights reserved. @@ -28,6 +28,14 @@ # # openssh2netbsd: convert a openssh source tree into netbsd openssh tree +if [ -z "$1" ]; then + echo "Usage: $0 " 1>&2 + exit 1 +fi + +set -e +cd "$1" + ### Remove CVS find . -name CVS -print | xargs rm -r
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc
Module Name:src Committed By: martin Date: Sun Apr 11 16:21:05 UTC 2021 Added Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc: modes.inc Log Message: Restore r1.3 of modes.inc: we are using this directory for the -m32 compat builds on sparc64, where the sparcv9 instructions and the GHASH asm code are usefull. To generate a diff of this commit: cvs rdiff -u -r0 -r1.6 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/modes.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Added files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/modes.inc diff -u /dev/null src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/modes.inc:1.6 --- /dev/null Sun Apr 11 16:21:05 2021 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/modes.inc Sun Apr 11 16:21:04 2021 @@ -0,0 +1,7 @@ +.if ${MACHINE} == "sparc64" +.PATH.S: ${.PARSEDIR} +MODES_SRCS = ghash-sparcv9.S +MODESCPPFLAGS = -DGHASH_ASM +AFLAGS.ghash-sparcv9.S+= -Wa,-Av9 +.endif +.include "../../modes.inc"
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc
Module Name:src Committed By: martin Date: Thu Apr 8 15:06:50 UTC 2021 Removed Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc: modes.inc Log Message: Do not pretend we have GHASH asm code To generate a diff of this commit: cvs rdiff -u -r1.4 -r0 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/modes.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/modes
Module Name:src Committed By: christos Date: Thu Apr 8 12:31:49 UTC 2021 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/modes: gcm128.c Log Message: Disable again the assembly version of gcm_ghash_4bit for the 32 bit sparc since it uses ldx/stx. To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c diff -u src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c:1.11 src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c:1.12 --- src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c:1.11 Thu Mar 25 14:51:19 2021 +++ src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c Thu Apr 8 08:31:49 2021 @@ -689,13 +689,15 @@ void gcm_ghash_v8(u64 Xi[2], const u128 # endif # elif defined(__sparc__) || defined(__sparc) # include "sparc_arch.h" -# define GHASH_ASM_SPARC -# define GCM_FUNCREF_4BIT +# if defined(__arch64__) +# define GHASH_ASM_SPARC +# define GCM_FUNCREF_4BIT extern unsigned int OPENSSL_sparcv9cap_P[]; void gcm_init_vis3(u128 Htable[16], const u64 Xi[2]); void gcm_gmult_vis3(u64 Xi[2], const u128 Htable[16]); void gcm_ghash_vis3(u64 Xi[2], const u128 Htable[16], const u8 *inp, size_t len); +# endif /* __arch64__ */ # elif defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC)) # include "ppc_arch.h" # define GHASH_ASM_PPC
CVS commit: src/crypto/external/bsd/openssl/dist
Module Name:src Committed By: christos Date: Thu Mar 25 18:51:19 UTC 2021 Modified Files: src/crypto/external/bsd/openssl/dist: CHANGES NEWS README src/crypto/external/bsd/openssl/dist/apps: s_time.c src/crypto/external/bsd/openssl/dist/crypto/engine: eng_devcrypto.c src/crypto/external/bsd/openssl/dist/crypto/evp: evp_enc.c src/crypto/external/bsd/openssl/dist/crypto/modes: gcm128.c src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c src/crypto/external/bsd/openssl/dist/ssl: s3_lib.c ssl_lib.c src/crypto/external/bsd/openssl/dist/test: rsa_test.c Log Message: merge our changes between 1.1.1j and 1.1.1k To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssl/dist/CHANGES \ src/crypto/external/bsd/openssl/dist/NEWS \ src/crypto/external/bsd/openssl/dist/README cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssl/dist/apps/s_time.c cvs rdiff -u -r1.8 -r1.9 \ src/crypto/external/bsd/openssl/dist/crypto/engine/eng_devcrypto.c cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/openssl/dist/crypto/evp/evp_enc.c cvs rdiff -u -r1.10 -r1.11 \ src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c cvs rdiff -u -r1.22 -r1.23 \ src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssl/dist/ssl/ssl_lib.c cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssl/dist/test/rsa_test.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/CHANGES diff -u src/crypto/external/bsd/openssl/dist/CHANGES:1.26 src/crypto/external/bsd/openssl/dist/CHANGES:1.27 --- src/crypto/external/bsd/openssl/dist/CHANGES:1.26 Fri Feb 19 22:22:13 2021 +++ src/crypto/external/bsd/openssl/dist/CHANGES Thu Mar 25 14:51:18 2021 @@ -7,6 +7,50 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1j and 1.1.1k [25 Mar 2021] + + *) Fixed a problem with verifying a certificate chain when using the + X509_V_FLAG_X509_STRICT flag. This flag enables additional security checks + of the certificates present in a certificate chain. It is not set by + default. + + Starting from OpenSSL version 1.1.1h a check to disallow certificates in + the chain that have explicitly encoded elliptic curve parameters was added + as an additional strict check. + + An error in the implementation of this check meant that the result of a + previous check to confirm that certificates in the chain are valid CA + certificates was overwritten. This effectively bypasses the check + that non-CA certificates must not be able to issue other certificates. + + If a "purpose" has been configured then there is a subsequent opportunity + for checks that the certificate is a valid CA. All of the named "purpose" + values implemented in libcrypto perform this check. Therefore, where + a purpose is set the certificate chain will still be rejected even when the + strict flag has been used. A purpose is set by default in libssl client and + server certificate verification routines, but it can be overridden or + removed by an application. + + In order to be affected, an application must explicitly set the + X509_V_FLAG_X509_STRICT verification flag and either not set a purpose + for the certificate verification or, in the case of TLS client or server + applications, override the default purpose. + (CVE-2021-3450) + [Tomáš Mráz] + + *) Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously + crafted renegotiation ClientHello message from a client. If a TLSv1.2 + renegotiation ClientHello omits the signature_algorithms extension (where + it was present in the initial ClientHello), but includes a + signature_algorithms_cert extension then a NULL pointer dereference will + result, leading to a crash and a denial of service attack. + + A server is only vulnerable if it has TLSv1.2 and renegotiation enabled + (which is the default configuration). OpenSSL TLS clients are not impacted + by this issue. + (CVE-2021-3449) + [Peter Kästle and Samuel Sapalski] + Changes between 1.1.1i and 1.1.1j [16 Feb 2021] *) Fixed the X509_issuer_and_serial_hash() function. It attempts to Index: src/crypto/external/bsd/openssl/dist/NEWS diff -u src/crypto/external/bsd/openssl/dist/NEWS:1.26 src/crypto/external/bsd/openssl/dist/NEWS:1.27 --- src/crypto/external/bsd/openssl/dist/NEWS:1.26 Fri Feb 19 22:22:13 2021 +++ src/crypto/external/bsd/openssl/dist/NEWS Thu Mar 25 14:51:18 2021 @@ -5,6 +5,14 @@ This file gives a brief overview of the major changes between each OpenSSL release.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Mar 5 17:53:51 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: scp.c Log Message: remove __UNCONST, initialize To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/scp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/scp.c diff -u src/crypto/external/bsd/openssh/dist/scp.c:1.29 src/crypto/external/bsd/openssh/dist/scp.c:1.30 --- src/crypto/external/bsd/openssh/dist/scp.c:1.29 Fri Mar 5 12:47:16 2021 +++ src/crypto/external/bsd/openssh/dist/scp.c Fri Mar 5 12:53:51 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: scp.c,v 1.29 2021/03/05 17:47:16 christos Exp $ */ +/* $NetBSD: scp.c,v 1.30 2021/03/05 17:53:51 christos Exp $ */ /* $OpenBSD: scp.c,v 1.213 2020/10/18 11:32:01 djm Exp $ */ /* @@ -74,7 +74,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: scp.c,v 1.29 2021/03/05 17:47:16 christos Exp $"); +__RCSID("$NetBSD: scp.c,v 1.30 2021/03/05 17:53:51 christos Exp $"); #include /* roundup MAX */ #include @@ -877,7 +877,7 @@ brace_expand(const char *pattern, char * void toremote(int argc, char **argv) { - char *suser = NULL, *host = NULL, *src; + char *suser = NULL, *host = NULL, *src = NULL; char *bp, *tuser, *thost, *targ; int sport = -1, tport = -1; arglist alist; @@ -911,7 +911,7 @@ toremote(int argc, char **argv) for (i = 0; i < argc - 1; i++) { free(suser); free(host); - free(__UNCONST(src)); + free(src); r = parse_scp_uri(argv[i], , , , ); if (r == -1) { fmprintf(stderr, "%s: invalid uri\n", argv[i]); @@ -989,16 +989,16 @@ toremote(int argc, char **argv) out: free(tuser); free(thost); - free(__UNCONST(targ)); + free(targ); free(suser); free(host); - free(__UNCONST(src)); + free(src); } static void tolocal(int argc, char **argv) { - char *bp, *host = NULL, *suser = NULL, *src; + char *bp, *host = NULL, *suser = NULL, *src = NULL; arglist alist; int i, r, sport = -1; @@ -1008,7 +1008,7 @@ tolocal(int argc, char **argv) for (i = 0; i < argc - 1; i++) { free(suser); free(host); - free(__UNCONST(src)); + free(src); r = parse_scp_uri(argv[i], , , , ); if (r == -1) { fmprintf(stderr, "%s: invalid uri\n", argv[i]); @@ -1050,7 +1050,7 @@ tolocal(int argc, char **argv) } free(suser); free(host); - free(__UNCONST(src)); + free(src); } void
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Fri Mar 5 17:47:16 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/bin/sshd: Makefile src/crypto/external/bsd/openssh/dist: PROTOCOL PROTOCOL.agent addr.c addrmatch.c auth-krb5.c auth-options.c auth-passwd.c auth-rhosts.c auth.c auth.h auth2-chall.c auth2-gss.c auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c auth2-pubkey.c auth2.c authfd.c canohost.c channels.c cipher.c clientloop.c compat.c compat.h crypto_api.h dh.c digest-openssl.c digest.h dns.c fatal.c gss-genr.c hostfile.c hostfile.h kex.c kex.h kexdh.c kexgen.c kexgexc.c kexgexs.c krl.c log.c log.h match.c misc.c misc.h monitor.c monitor_fdpass.c monitor_wrap.c monitor_wrap.h msg.c mux.c myproposal.h namespace.h nchan.c packet.c readconf.c readconf.h readpass.c sandbox-pledge.c sandbox-rlimit.c scp.1 scp.c servconf.c servconf.h serverloop.c session.c sftp-client.c sftp-client.h sftp-common.c sftp-server.c sftp.1 sftp.c sk-usbhid.c srclimit.c ssh-add.c ssh-agent.c ssh-ed25519-sk.c ssh-ed25519.c ssh-gss.h ssh-keygen.1 ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c ssh-sk-client.c ssh-sk-helper.c ssh-sk.c ssh-xmss.c ssh.1 ssh.c ssh2.h ssh_api.c ssh_config.5 sshconnect.c sshconnect.h sshconnect2.c sshd.c sshd_config.5 sshkey-xmss.c sshkey-xmss.h sshkey.c sshkey.h sshlogin.c sshsig.c ttymodes.c version.h src/crypto/external/bsd/openssh/dist/moduli-gen: Makefile moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: Makefile shlib_version Removed Files: src/crypto/external/bsd/openssh/dist: kexsntrup4591761x25519.c sntrup4591761.c sntrup4591761.sh Log Message: merge local changes between openssh 8.4 and 8.5 To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 src/crypto/external/bsd/openssh/bin/sshd/Makefile cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/PROTOCOL \ src/crypto/external/bsd/openssh/dist/kexgexc.c \ src/crypto/external/bsd/openssh/dist/log.h \ src/crypto/external/bsd/openssh/dist/readpass.c \ src/crypto/external/bsd/openssh/dist/sshconnect.h cvs rdiff -u -r1.10 -r1.11 \ src/crypto/external/bsd/openssh/dist/PROTOCOL.agent \ src/crypto/external/bsd/openssh/dist/gss-genr.c \ src/crypto/external/bsd/openssh/dist/hostfile.h \ src/crypto/external/bsd/openssh/dist/msg.c cvs rdiff -u -r1.1.1.1 -r1.2 src/crypto/external/bsd/openssh/dist/addr.c \ src/crypto/external/bsd/openssh/dist/srclimit.c cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/addrmatch.c \ src/crypto/external/bsd/openssh/dist/auth2-passwd.c \ src/crypto/external/bsd/openssh/dist/canohost.c \ src/crypto/external/bsd/openssh/dist/compat.h \ src/crypto/external/bsd/openssh/dist/sshkey.h cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/auth-krb5.c \ src/crypto/external/bsd/openssh/dist/auth2-gss.c \ src/crypto/external/bsd/openssh/dist/match.c cvs rdiff -u -r1.24 -r1.25 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/auth-passwd.c \ src/crypto/external/bsd/openssh/dist/auth2-none.c \ src/crypto/external/bsd/openssh/dist/nchan.c \ src/crypto/external/bsd/openssh/dist/sftp-client.h \ src/crypto/external/bsd/openssh/dist/sftp-common.c \ src/crypto/external/bsd/openssh/dist/ssh_api.c \ src/crypto/external/bsd/openssh/dist/ttymodes.c cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/auth-rhosts.c \ src/crypto/external/bsd/openssh/dist/auth2-kbdint.c \ src/crypto/external/bsd/openssh/dist/ssh2.h \ src/crypto/external/bsd/openssh/dist/sshlogin.c cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/auth.c \ src/crypto/external/bsd/openssh/dist/channels.c \ src/crypto/external/bsd/openssh/dist/kex.c \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/scp.c \ src/crypto/external/bsd/openssh/dist/serverloop.c \ src/crypto/external/bsd/openssh/dist/ssh.1 \ src/crypto/external/bsd/openssh/dist/ssh_config.5 \ src/crypto/external/bsd/openssh/dist/sshconnect.c cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/auth.h \ src/crypto/external/bsd/openssh/dist/monitor_wrap.h \ src/crypto/external/bsd/openssh/dist/myproposal.h \ src/crypto/external/bsd/openssh/dist/ssh-keysign.c cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/auth2-chall.c \
CVS commit: src/crypto/external/bsd/openssl/dist
Module Name:src Committed By: christos Date: Sat Feb 20 03:22:14 UTC 2021 Modified Files: src/crypto/external/bsd/openssl/dist: CHANGES Configure NEWS README src/crypto/external/bsd/openssl/dist/apps: ca.c src/crypto/external/bsd/openssl/dist/crypto: armcap.c ppccap.c src/crypto/external/bsd/openssl/dist/crypto/conf: conf_def.c src/crypto/external/bsd/openssl/dist/crypto/evp: evp_enc.c src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c src/crypto/external/bsd/openssl/dist/ssl: d1_lib.c src/crypto/external/bsd/openssl/dist/test: rsa_test.c Log Message: merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssl/dist/CHANGES \ src/crypto/external/bsd/openssl/dist/NEWS \ src/crypto/external/bsd/openssl/dist/README cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssl/dist/Configure cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssl/dist/apps/ca.c cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/openssl/dist/crypto/armcap.c cvs rdiff -u -r1.18 -r1.19 \ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/openssl/dist/crypto/conf/conf_def.c cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssl/dist/crypto/evp/evp_enc.c cvs rdiff -u -r1.21 -r1.22 \ src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssl/dist/ssl/d1_lib.c cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssl/dist/test/rsa_test.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/CHANGES diff -u src/crypto/external/bsd/openssl/dist/CHANGES:1.25 src/crypto/external/bsd/openssl/dist/CHANGES:1.26 --- src/crypto/external/bsd/openssl/dist/CHANGES:1.25 Wed Dec 9 19:33:08 2020 +++ src/crypto/external/bsd/openssl/dist/CHANGES Fri Feb 19 22:22:13 2021 @@ -7,6 +7,43 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1i and 1.1.1j [16 Feb 2021] + + *) Fixed the X509_issuer_and_serial_hash() function. It attempts to + create a unique hash value based on the issuer and serial number data + contained within an X509 certificate. However it was failing to correctly + handle any errors that may occur while parsing the issuer field (which might + occur if the issuer field is maliciously constructed). This may subsequently + result in a NULL pointer deref and a crash leading to a potential denial of + service attack. + (CVE-2021-23841) + [Matt Caswell] + + *) Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING + padding mode to correctly check for rollback attacks. This is considered a + bug in OpenSSL 1.1.1 because it does not support SSLv2. In 1.0.2 this is + CVE-2021-23839. + [Matt Caswell] + + *) Fixed the EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate + functions. Previously they could overflow the output length argument in some + cases where the input length is close to the maximum permissable length for + an integer on the platform. In such cases the return value from the function + call would be 1 (indicating success), but the output length value would be + negative. This could cause applications to behave incorrectly or crash. + (CVE-2021-23840) + [Matt Caswell] + + *) Fixed SRP_Calc_client_key so that it runs in constant time. The previous + implementation called BN_mod_exp without setting BN_FLG_CONSTTIME. This + could be exploited in a side channel attack to recover the password. Since + the attack is local host only this is outside of the current OpenSSL + threat model and therefore no CVE is assigned. + + Thanks to Mohammed Sabt and Daniel De Almeida Braga for reporting this + issue. + [Matt Caswell] + Changes between 1.1.1h and 1.1.1i [8 Dec 2020] *) Fixed NULL pointer deref in the GENERAL_NAME_cmp function Index: src/crypto/external/bsd/openssl/dist/NEWS diff -u src/crypto/external/bsd/openssl/dist/NEWS:1.25 src/crypto/external/bsd/openssl/dist/NEWS:1.26 --- src/crypto/external/bsd/openssl/dist/NEWS:1.25 Wed Dec 9 19:33:08 2020 +++ src/crypto/external/bsd/openssl/dist/NEWS Fri Feb 19 22:22:13 2021 @@ -5,6 +5,16 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021] + + o Fixed a NULL pointer deref in the X509_issuer_and_serial_hash() +function (CVE-2021-23841) + o Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING +padding mode to correctly check for rollback attacks + o Fixed an overflow in the
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc
Module Name:src Committed By: joerg Date: Fri Feb 5 21:43:21 UTC 2021 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc: aes.inc Log Message: Allow v9 assembly for AES code for 32bit compat build with clang. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc:1.5 src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc:1.6 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc:1.5 Tue Sep 15 09:22:32 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc Fri Feb 5 21:43:20 2021 @@ -4,5 +4,6 @@ AES_SRCS = aes_core.c aes_cbc.c aes-spar AESCPPFLAGS = -DAES_ASM AFLAGS.aes-sparcv9.S+= -Wa,-Av9 AFLAGS.aest4-sparcv9.S+= -Wa,-Av9 +AFLAGS.aesfx-sparcv9.S+= -Wa,-Av9 .endif .include "../../aes.inc"
CVS commit: src/crypto/external/bsd/openssl
Module Name:src Committed By: christos Date: Thu Dec 10 00:33:14 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist: CHANGES Configure NEWS README e_os.h src/crypto/external/bsd/openssl/dist/apps: ca.c s_client.c src/crypto/external/bsd/openssl/dist/crypto/aes/asm: aesni-sha1-x86_64.pl src/crypto/external/bsd/openssl/dist/crypto/asn1: tasn_dec.c tasn_enc.c src/crypto/external/bsd/openssl/dist/crypto/bn: bn_lib.c src/crypto/external/bsd/openssl/dist/crypto/conf: conf_def.c src/crypto/external/bsd/openssl/dist/crypto/ec: ec_ameth.c ec_asn1.c ec_key.c ec_lib.c src/crypto/external/bsd/openssl/dist/crypto/engine: eng_lib.c src/crypto/external/bsd/openssl/dist/crypto/evp: e_aes.c src/crypto/external/bsd/openssl/dist/crypto/modes: gcm128.c src/crypto/external/bsd/openssl/dist/crypto/rand: rand_unix.c randfile.c src/crypto/external/bsd/openssl/dist/crypto/sha/asm: sha1-x86_64.pl src/crypto/external/bsd/openssl/dist/crypto/ui: ui_openssl.c src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c src/crypto/external/bsd/openssl/dist/include/openssl: bn.h src/crypto/external/bsd/openssl/dist/ssl: s3_lib.c ssl_lib.c ssl_sess.c t1_lib.c src/crypto/external/bsd/openssl/dist/test: ectest.c rsa_test.c src/crypto/external/bsd/openssl/lib/libcrypto/arch/aarch64: aesv8-armx.S chacha-armv8.S poly1305-armv8.S sha1-armv8.S sha512-armv8.S src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm: aesv8-armx.S chacha-armv8.S ecp_nistz256-armv4.S poly1305-armv8.S sha1-armv8.S sha512-armv8.S src/crypto/external/bsd/openssl/lib/libcrypto/man: ADMISSIONS.3 ASN1_INTEGER_get_int64.3 ASN1_ITEM_lookup.3 ASN1_OBJECT_new.3 ASN1_STRING_TABLE_add.3 ASN1_STRING_length.3 ASN1_STRING_new.3 ASN1_STRING_print_ex.3 ASN1_TIME_set.3 ASN1_TYPE_get.3 ASN1_generate_nconf.3 ASYNC_WAIT_CTX_new.3 ASYNC_start_job.3 BF_encrypt.3 BIO_ADDR.3 BIO_ADDRINFO.3 BIO_connect.3 BIO_ctrl.3 BIO_f_base64.3 BIO_f_buffer.3 BIO_f_cipher.3 BIO_f_md.3 BIO_f_null.3 BIO_f_ssl.3 BIO_find_type.3 BIO_get_data.3 BIO_get_ex_new_index.3 BIO_meth_new.3 BIO_new.3 BIO_new_CMS.3 BIO_parse_hostserv.3 BIO_printf.3 BIO_push.3 BIO_read.3 BIO_s_accept.3 BIO_s_bio.3 BIO_s_connect.3 BIO_s_fd.3 BIO_s_file.3 BIO_s_mem.3 BIO_s_null.3 BIO_s_socket.3 BIO_set_callback.3 BIO_should_retry.3 BN_BLINDING_new.3 BN_CTX_new.3 BN_CTX_start.3 BN_add.3 BN_add_word.3 BN_bn2bin.3 BN_cmp.3 BN_copy.3 BN_generate_prime.3 BN_mod_inverse.3 BN_mod_mul_montgomery.3 BN_mod_mul_reciprocal.3 BN_new.3 BN_num_bytes.3 BN_rand.3 BN_security_bits.3 BN_set_bit.3 BN_swap.3 BN_zero.3 BUF_MEM_new.3 CMS_add0_cert.3 CMS_add1_recipient_cert.3 CMS_add1_signer.3 CMS_compress.3 CMS_decrypt.3 CMS_encrypt.3 CMS_final.3 CMS_get0_RecipientInfos.3 CMS_get0_SignerInfos.3 CMS_get0_type.3 CMS_get1_ReceiptRequest.3 CMS_sign.3 CMS_sign_receipt.3 CMS_uncompress.3 CMS_verify.3 CMS_verify_receipt.3 CONF_modules_free.3 CONF_modules_load_file.3 CRYPTO_THREAD_run_once.3 CRYPTO_get_ex_new_index.3 CTLOG_STORE_get0_log_by_id.3 CTLOG_STORE_new.3 CTLOG_new.3 CT_POLICY_EVAL_CTX_new.3 DEFINE_STACK_OF.3 DES_random_key.3 DH_generate_key.3 DH_generate_parameters.3 DH_get0_pqg.3 DH_get_1024_160.3 DH_meth_new.3 DH_new.3 DH_new_by_nid.3 DH_set_method.3 DH_size.3 DSA_SIG_new.3 DSA_do_sign.3 DSA_dup_DH.3 DSA_generate_key.3 DSA_generate_parameters.3 DSA_get0_pqg.3 DSA_meth_new.3 DSA_new.3 DSA_set_method.3 DSA_sign.3 DSA_size.3 DTLS_get_data_mtu.3 DTLS_set_timer_cb.3 DTLSv1_listen.3 ECDSA_SIG_new.3 ECPKParameters_print.3 EC_GFp_simple_method.3 EC_GROUP_copy.3 EC_GROUP_new.3 EC_KEY_get_enc_flags.3 EC_KEY_new.3 EC_POINT_add.3 EC_POINT_new.3 ENGINE_add.3 ERR_GET_LIB.3 ERR_clear_error.3 ERR_error_string.3 ERR_get_error.3 ERR_load_crypto_strings.3 ERR_load_strings.3 ERR_print_errors.3 ERR_put_error.3 ERR_remove_state.3 ERR_set_mark.3 EVP_BytesToKey.3 EVP_CIPHER_CTX_get_cipher_data.3 EVP_CIPHER_meth_new.3 EVP_DigestInit.3 EVP_DigestSignInit.3 EVP_DigestVerifyInit.3 EVP_EncodeInit.3 EVP_EncryptInit.3 EVP_MD_meth_new.3 EVP_OpenInit.3 EVP_PKEY_ASN1_METHOD.3 EVP_PKEY_CTX_ctrl.3 EVP_PKEY_CTX_new.3 EVP_PKEY_CTX_set1_pbe_pass.3 EVP_PKEY_CTX_set_hkdf_md.3 EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 EVP_PKEY_CTX_set_scrypt_N.3 EVP_PKEY_CTX_set_tls1_prf_md.3
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Fri Dec 4 18:42:50 UTC 2020 Modified Files: src/crypto/external/bsd/openssh: openssh2netbsd src/crypto/external/bsd/openssh/dist: PROTOCOL PROTOCOL.agent auth-options.c auth-options.h auth.c auth2-pubkey.c authfd.c authfd.h authfile.c channels.c channels.h clientloop.c compat.c compat.h hostfile.c hostfile.h kex.c kexdh.c krl.c log.c match.c match.h misc.c misc.h monitor.c monitor_wrap.c monitor_wrap.h msg.c mux.c packet.c readconf.c readconf.h readpass.c scp.1 scp.c servconf.c servconf.h serverloop.c session.c sftp-client.c sftp-server.8 sftp-server.c sftp.1 sftp.c sk-usbhid.c ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-ecdsa-sk.c ssh-keygen.1 ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-pkcs11.c ssh-sk-helper.c ssh-sk.c ssh.1 ssh.c ssh.h ssh_api.c ssh_config ssh_config.5 sshbuf-getput-basic.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5 sshkey.c sshkey.h sshsig.c version.h src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: shlib_version Removed Files: src/crypto/external/bsd/openssh/dist/ssh-sk-helper: Makefile Log Message: Merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/openssh2netbsd cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/PROTOCOL \ src/crypto/external/bsd/openssh/dist/authfd.h \ src/crypto/external/bsd/openssh/dist/readpass.c \ src/crypto/external/bsd/openssh/dist/ssh_config \ src/crypto/external/bsd/openssh/dist/sshbuf.h cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/PROTOCOL.agent \ src/crypto/external/bsd/openssh/dist/hostfile.h \ src/crypto/external/bsd/openssh/dist/msg.c cvs rdiff -u -r1.23 -r1.24 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.13 -r1.14 \ src/crypto/external/bsd/openssh/dist/auth-options.h \ src/crypto/external/bsd/openssh/dist/match.c cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssh/dist/auth.c \ src/crypto/external/bsd/openssh/dist/channels.c \ src/crypto/external/bsd/openssh/dist/kex.c \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/scp.c \ src/crypto/external/bsd/openssh/dist/serverloop.c \ src/crypto/external/bsd/openssh/dist/ssh.1 \ src/crypto/external/bsd/openssh/dist/ssh_config.5 \ src/crypto/external/bsd/openssh/dist/sshconnect.c cvs rdiff -u -r1.25 -r1.26 \ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/authfd.c \ src/crypto/external/bsd/openssh/dist/scp.1 \ src/crypto/external/bsd/openssh/dist/sftp-server.c cvs rdiff -u -r1.24 -r1.25 src/crypto/external/bsd/openssh/dist/authfile.c \ src/crypto/external/bsd/openssh/dist/readconf.h \ src/crypto/external/bsd/openssh/dist/sftp-client.c cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/channels.h \ src/crypto/external/bsd/openssh/dist/hostfile.c \ src/crypto/external/bsd/openssh/dist/krl.c cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/clientloop.c \ src/crypto/external/bsd/openssh/dist/sftp.c \ src/crypto/external/bsd/openssh/dist/ssh-agent.c cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/compat.c \ src/crypto/external/bsd/openssh/dist/log.c \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/compat.h \ src/crypto/external/bsd/openssh/dist/sftp-server.8 \ src/crypto/external/bsd/openssh/dist/ssh.h \ src/crypto/external/bsd/openssh/dist/sshkey.h cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/kexdh.c cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/match.h \ src/crypto/external/bsd/openssh/dist/ssh_api.c \ src/crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/misc.h cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/monitor.c cvs rdiff -u -r1.19 -r1.20 \ src/crypto/external/bsd/openssh/dist/monitor_wrap.h \ src/crypto/external/bsd/openssh/dist/ssh-keysign.c cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/mux.c \ src/crypto/external/bsd/openssh/dist/ssh-keygen.1 \ src/crypto/external/bsd/openssh/dist/ssh-keyscan.c cvs rdiff -u -r1.41 -r1.42 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/dist/readconf.c \
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Nov 12 19:43:19 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: getrrsetbyname.c Log Message: eliminate direct use of _res for threaded programs. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/openssh/dist/getrrsetbyname.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/getrrsetbyname.c diff -u src/crypto/external/bsd/openssh/dist/getrrsetbyname.c:1.5 src/crypto/external/bsd/openssh/dist/getrrsetbyname.c:1.6 --- src/crypto/external/bsd/openssh/dist/getrrsetbyname.c:1.5 Tue Apr 18 14:41:46 2017 +++ src/crypto/external/bsd/openssh/dist/getrrsetbyname.c Thu Nov 12 14:43:18 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: getrrsetbyname.c,v 1.5 2017/04/18 18:41:46 christos Exp $ */ +/* $NetBSD: getrrsetbyname.c,v 1.6 2020/11/12 19:43:18 christos Exp $ */ /* $OpenBSD: getrrsetbyname.c,v 1.10 2005/03/30 02:58:28 tedu Exp $ */ /* @@ -47,7 +47,7 @@ /* OPENBSD ORIGINAL: lib/libc/net/getrrsetbyname.c */ #include "includes.h" -__RCSID("$NetBSD: getrrsetbyname.c,v 1.5 2017/04/18 18:41:46 christos Exp $"); +__RCSID("$NetBSD: getrrsetbyname.c,v 1.6 2020/11/12 19:43:18 christos Exp $"); #ifndef HAVE_GETRRSETBYNAME @@ -189,8 +189,9 @@ getrrsetbyname(const char *hostname, uns unsigned int rdtype, unsigned int flags, struct rrsetinfo **res) { - struct __res_state *_resp = _THREAD_PRIVATE(_res, _res, &_res); + struct __res_state *_resp; int result; + unsigned long options; struct rrsetinfo *rrset = NULL; struct dns_response *response = NULL; struct dns_rr *rr; @@ -201,27 +202,33 @@ getrrsetbyname(const char *hostname, uns /* check for invalid class and type */ if (rdclass > 0x || rdtype > 0x) { - result = ERRSET_INVAL; - goto fail; + return ERRSET_INVAL; } /* don't allow queries of class or type ANY */ if (rdclass == 0xff || rdtype == 0xff) { - result = ERRSET_INVAL; - goto fail; + return ERRSET_INVAL; } /* don't allow flags yet, unimplemented */ if (flags) { - result = ERRSET_INVAL; - goto fail; + return ERRSET_INVAL; } +#ifndef __NetBSD__ + _resp = _THREAD_PRIVATE(_res, _res, &_res); /* initialize resolver */ if ((_resp->options & RES_INIT) == 0 && res_init() == -1) { result = ERRSET_FAIL; goto fail; } +#else + _resp = __res_get_state(); + if (_resp == NULL) { + return ERRSET_FAIL; + } +#endif + options = _resp->options; #ifdef DEBUG _resp->options |= RES_DEBUG; @@ -234,8 +241,8 @@ getrrsetbyname(const char *hostname, uns #endif /* RES_USE_DNSEC */ /* make query */ - length = res_query(hostname, (signed int) rdclass, (signed int) rdtype, - answer, sizeof(answer)); + length = res_nquery(_resp, hostname, (signed int) rdclass, + (signed int) rdtype, answer, sizeof(answer)); if (length < 0) { switch(h_errno) { case HOST_NOT_FOUND: @@ -335,9 +342,17 @@ getrrsetbyname(const char *hostname, uns free_dns_response(response); *res = rrset; + _resp->options = options; +#ifdef __NetBSD__ + __res_put_state(_resp); +#endif return (ERRSET_SUCCESS); fail: + _resp->options = options; +#ifdef __NetBSD__ + __res_put_state(_resp); +#endif if (rrset != NULL) freerrset(rrset); if (response != NULL) @@ -466,7 +481,7 @@ parse_dns_qsection(const u_char *answer, /* name */ length = dn_expand(answer, answer + size, *cp, name, - sizeof(name)); + (int)sizeof(name)); if (length < 0) { free_dns_query(head); return (NULL); @@ -513,7 +528,7 @@ parse_dns_rrsection(const u_char *answer /* name */ length = dn_expand(answer, answer + size, *cp, name, - sizeof(name)); + (int)sizeof(name)); if (length < 0) { free_dns_rr(head); return (NULL);
CVS commit: src/crypto/external/bsd/netpgp/dist/src/netpgpverify
Module Name:src Committed By: wiz Date: Sun Nov 1 11:29:17 UTC 2020 Modified Files: src/crypto/external/bsd/netpgp/dist/src/netpgpverify: Makefile.in bzlib_private.h libverify.c verify.h Added Files: src/crypto/external/bsd/netpgp/dist/src/netpgpverify: HOWTO dash-escaped-text dash-escaped-text.asc netpgpv-bzlib.h verify.map Removed Files: src/crypto/external/bsd/netpgp/dist/src/netpgpverify: bzlib.h Log Message: Sync with netpgpverify-20201101 from pkgsrc (the master for this). No effective change except for version bump. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/HOWTO \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/dash-escaped-text \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/dash-escaped-text.asc \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/netpgpv-bzlib.h \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.map cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h cvs rdiff -u -r1.2 -r0 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib.h cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib_private.h cvs rdiff -u -r1.16 -r1.17 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in:1.11 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in:1.12 --- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in:1.11 Mon Apr 17 19:50:28 2017 +++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in Sun Nov 1 11:29:17 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.in,v 1.11 2017/04/17 19:50:28 agc Exp $ +# $NetBSD: Makefile.in,v 1.12 2020/11/01 11:29:17 wiz Exp $ PROG=netpgpverify @@ -16,7 +16,7 @@ MANDIR=@MANDIR@ all: ${PROG} ${PROG}: ${OBJS} - ${CC} ${OBJS} -o ${PROG} + ${CC} ${LDFLAGS} ${CFLAGS} ${OBJS} -o ${PROG} install: install -c -s ${PROG} ${DESTDIR}${PREFIX}/bin Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h:1.11 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h:1.12 --- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h:1.11 Mon May 4 00:18:34 2020 +++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h Sun Nov 1 11:29:17 2020 @@ -23,9 +23,9 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef NETPGP_VERIFY_H_ -#define NETPGP_VERIFY_H_ 20200503 +#define NETPGP_VERIFY_H_ 20201101 -#define NETPGPVERIFY_VERSION "netpgpverify portable 20200503" +#define NETPGPVERIFY_VERSION "netpgpverify portable 20201101" #include Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib_private.h diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib_private.h:1.4 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib_private.h:1.5 --- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib_private.h:1.4 Mon May 4 00:18:34 2020 +++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib_private.h Sun Nov 1 11:29:17 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: bzlib_private.h,v 1.4 2020/05/04 00:18:34 agc Exp $ */ +/* $NetBSD: bzlib_private.h,v 1.5 2020/11/01 11:29:17 wiz Exp $ */ /*-*/ @@ -32,7 +32,7 @@ #include #endif -#include "bzlib.h" +#include "netpgpv-bzlib.h" Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.16 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.17 --- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.16 Sat Oct 17 23:08:57 2020 +++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c Sun Nov 1 11:29:17 2020 @@ -40,7 +40,7 @@ #include #include -#include "bzlib.h" +#include "netpgpv-bzlib.h" #include "zlib.h" #include "array.h" Added files: Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/HOWTO diff -u /dev/null src/crypto/external/bsd/netpgp/dist/src/netpgpverify/HOWTO:1.1 --- /dev/null Sun Nov 1 11:29:17 2020 +++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/HOWTO Sun Nov 1 11:29:17 2020 @@ -0,0 +1,55 @@ +How to use ssh keys in PGP signatures += + +1. generate a new ssh key pair + + % ssh-keygen -t rsa -b 4096 -f sshtest-20140202 + Generating public/private rsa key pair. + Enter passphrase (empty for no passphrase): + Enter same passphrase again: +
CVS commit: src/crypto/external/bsd/openssl/include/openssl
Module Name:src Committed By: rin Date: Mon Oct 19 12:46:04 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/include/openssl: opensslconf.h Log Message: Define OPENSSL_NO_EC_NISTP_64_GCC_128 also for aarch64eb. Fix ssh-keygen(1) on aarch64eb. Also, all tests in tests/crypto pass with this change. As martin pointed out when this macro was defined for sparc64, http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssl/include/openssl/opensslconf.h#rev1.5 this code seems broken on LP64BE architectures. At the moment, mips64eb is not affected since only N32 is supported as userland. Also, we do not support powerpc64 (eb) yet. But we may need to take care of them in future. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 \ src/crypto/external/bsd/openssl/include/openssl/opensslconf.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/include/openssl/opensslconf.h diff -u src/crypto/external/bsd/openssl/include/openssl/opensslconf.h:1.8 src/crypto/external/bsd/openssl/include/openssl/opensslconf.h:1.9 --- src/crypto/external/bsd/openssl/include/openssl/opensslconf.h:1.8 Thu Oct 8 16:00:09 2020 +++ src/crypto/external/bsd/openssl/include/openssl/opensslconf.h Mon Oct 19 12:46:04 2020 @@ -50,7 +50,12 @@ extern "C" { # define OPENSSL_NO_DEVCRYPTOENG # endif #endif -#if !defined(_LP64) || defined(__alpha__) || defined(__sparc64__) +/* + * XXX + * This seems broken on big-endian or strictly-aligned architectures. + */ +#if !defined(_LP64) || \ +defined(__AARCH64EB__) || defined(__alpha__) || defined(__sparc64__) # ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 # define OPENSSL_NO_EC_NISTP_64_GCC_128 # endif
CVS commit: src/crypto/external/bsd/netpgp/dist/src/netpgpverify
Module Name:src Committed By: jhigh Date: Sat Oct 17 23:08:57 UTC 2020 Modified Files: src/crypto/external/bsd/netpgp/dist/src/netpgpverify: libverify.c Log Message: absorb issuer fingerprint (RFC4880bis 5.2.3.28) in libverify.c To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.15 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.16 --- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.15 Mon May 4 00:18:34 2020 +++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c Sat Oct 17 23:08:57 2020 @@ -151,6 +151,8 @@ typedef struct pgpv_signature_t { char *features; char *why_revoked; uint8_t *revoke_fingerprint; + uint8_t *issuer_fingerprint; + uint8_t ifver; uint8_t revoke_alg; uint8_t revoke_sensitive; uint8_t trustsig; @@ -925,6 +927,7 @@ str_to_keyid(const char *s, uint8_t *key #define SUBPKT_FEATURES 30 #define SUBPKT_SIGNATURE_TARGET 31 #define SUBPKT_EMBEDDED_SIGNATURE 32 +#define SUBPKT_ISSUER_FINGERPRINT 33 #define UNCOMPRESSED 0 #define ZIP_COMPRESSION 1 @@ -1180,6 +1183,10 @@ read_sig_subpackets(pgpv_t *pgp, pgpv_si sigpkt->sig.revoked = *p++ + 1; sigpkt->sig.why_revoked = (char *)(void *)p; break; + case SUBPKT_ISSUER_FINGERPRINT: + sigpkt->sig.ifver = *p; + sigpkt->sig.issuer_fingerprint = [1]; + break; default: printf("Ignoring unusual/reserved signature subpacket %d\n", subpkt.tag); break;
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: jhigh Date: Wed Oct 14 05:19:41 UTC 2020 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: keyring.c packet-parse.c packet.h Log Message: allow netpgp to absorb gpg2 subpkt 33 for list/enc/decrypt rsa keys To generate a diff of this commit: cvs rdiff -u -r1.56 -r1.57 \ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c cvs rdiff -u -r1.52 -r1.53 \ src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c cvs rdiff -u -r1.31 -r1.32 \ src/crypto/external/bsd/netpgp/dist/src/lib/packet.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.56 src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.57 --- src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.56 Tue Nov 13 14:52:30 2018 +++ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Wed Oct 14 05:19:41 2020 @@ -57,7 +57,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: keyring.c,v 1.56 2018/11/13 14:52:30 mlelstv Exp $"); +__RCSID("$NetBSD: keyring.c,v 1.57 2020/10/14 05:19:41 jhigh Exp $"); #endif #ifdef HAVE_FCNTL_H @@ -620,8 +620,12 @@ cb_keyring_read(const pgp_packet_t *pkt, key->subsigc += 1; break; case PGP_PTAG_CT_TRUST: - key->subsigs[key->subsigc - 1].trustlevel = pkt->u.ss_trust.level; - key->subsigs[key->subsigc - 1].trustamount = pkt->u.ss_trust.amount; + EXPAND_ARRAY(key, subsig); + key->subsigs[key->subsigc].trustlevel = pkt->u.ss_trust.level; + key->subsigs[key->subsigc].trustamount = pkt->u.ss_trust.amount; + + key->subsigc += 1; + break; case PGP_PTAG_SS_KEY_EXPIRY: EXPAND_ARRAY(keyring, key); @@ -667,7 +671,6 @@ cb_keyring_read(const pgp_packet_t *pkt, default: break; } - return PGP_RELEASE_MEMORY; } Index: src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c:1.52 src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c:1.53 --- src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c:1.52 Tue Nov 13 14:52:30 2018 +++ src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c Wed Oct 14 05:19:41 2020 @@ -58,7 +58,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: packet-parse.c,v 1.52 2018/11/13 14:52:30 mlelstv Exp $"); +__RCSID("$NetBSD: packet-parse.c,v 1.53 2020/10/14 05:19:41 jhigh Exp $"); #endif #include @@ -984,6 +984,7 @@ pgp_parser_content_free(pgp_packet_t *c) case PGP_PTAG_SS_PRIMARY_USER_ID: case PGP_PTAG_SS_REVOCABLE: case PGP_PTAG_SS_REVOCATION_KEY: + case PGP_PTAG_SS_ISSUER_FINGERPRINT: case PGP_PTAG_CT_LITDATA_HEADER: case PGP_PTAG_CT_LITDATA_BODY: case PGP_PTAG_CT_SIGNED_CLEARTEXT_BODY: @@ -1554,6 +1555,7 @@ parse_one_sig_subpacket(pgp_sig_t *sig, pgp_packet_t pkt; uint8_t bools = 0x0; uint8_t c = 0x0; + uint8_t temp = 0x0; unsigned doread = 1; unsignedt8; unsignedt7; @@ -1764,6 +1766,26 @@ parse_one_sig_subpacket(pgp_sig_t *sig, } break; + case PGP_PTAG_SS_ISSUER_FINGERPRINT: + /* octet 0: version */ + /* 0x04:20 bytes, 0x05:32 bytes */ + if (!limread(, 1, , stream)) { + return 0; + } + + switch (temp) { + case 0x04: pkt.u.ss_issuer_fingerprint.len = 20; break; + case 0x05: pkt.u.ss_issuer_fingerprint.len = 32; break; + default: +return 0; + } + + if (!limread(pkt.u.ss_issuer_fingerprint.fingerprint, + pkt.u.ss_issuer_fingerprint.len, , stream)) { + return 0; + } + break; + case PGP_PTAG_SS_REVOCATION_KEY: /* octet 0 = class. Bit 0x80 must be set */ if (!limread(_revocation_key.class, 1, Index: src/crypto/external/bsd/netpgp/dist/src/lib/packet.h diff -u src/crypto/external/bsd/netpgp/dist/src/lib/packet.h:1.31 src/crypto/external/bsd/netpgp/dist/src/lib/packet.h:1.32 --- src/crypto/external/bsd/netpgp/dist/src/lib/packet.h:1.31 Tue Nov 13 14:52:30 2018 +++ src/crypto/external/bsd/netpgp/dist/src/lib/packet.h Wed Oct 14 05:19:41 2020 @@ -251,7 +251,7 @@ typedef enum { PGP_PTAG_SS_FEATURES = 0x200 + 30, /* features */ PGP_PTAG_SS_SIGNATURE_TARGET = 0x200 + 31, /* signature target */ PGP_PTAG_SS_EMBEDDED_SIGNATURE = 0x200 + 32, /* embedded signature */ - + PGP_PTAG_SS_ISSUER_FINGERPRINT = 0x200 + 33, /* issuer fingerprint */ PGP_PTAG_SS_USERDEFINED00 = 0x200 + 100, /* internal or * user-defined */ PGP_PTAG_SS_USERDEFINED01 = 0x200 + 101, @@ -659,6 +659,11 @@ typedef struct pgp_ss_trust_t { uint8_t amount; /* Amount */ } pgp_ss_trust_t; +typedef struct pgp_ss_issuer_fingerprint { + uint8_t len; /* 20 or 32 */ + uint8_t fingerprint[32]; /* max 32 */ +} pgp_ss_issuer_fingerprint; + /** Signature Subpacket :
CVS commit: src/crypto/external/bsd/openssl/include/openssl
Module Name:src Committed By: jakllsch Date: Thu Oct 8 16:00:09 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/include/openssl: opensslconf.h Log Message: openssl: Define OPENSSL_NO_EC_NISTP_64_GCC_128 for Alpha too The ecp_nistp521.c code depends on doing unaligned 64-bit accesses, which the NetBSD/alpha kernel doesn't like to trap and emulate. fixes PR lib/55701 To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/openssl/include/openssl/opensslconf.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/include/openssl/opensslconf.h diff -u src/crypto/external/bsd/openssl/include/openssl/opensslconf.h:1.7 src/crypto/external/bsd/openssl/include/openssl/opensslconf.h:1.8 --- src/crypto/external/bsd/openssl/include/openssl/opensslconf.h:1.7 Sat Dec 8 17:07:27 2018 +++ src/crypto/external/bsd/openssl/include/openssl/opensslconf.h Thu Oct 8 16:00:09 2020 @@ -50,7 +50,7 @@ extern "C" { # define OPENSSL_NO_DEVCRYPTOENG # endif #endif -#if !defined(_LP64) || defined(__sparc64__) +#if !defined(_LP64) || defined(__alpha__) || defined(__sparc64__) # ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 # define OPENSSL_NO_EC_NISTP_64_GCC_128 # endif
CVS commit: src/crypto/external/bsd/openssl
Module Name:src Committed By: christos Date: Mon Oct 5 14:34:04 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/bn: bn_print.c src/crypto/external/bsd/openssl/dist/include/openssl: bn.h src/crypto/external/bsd/openssl/lib/libcrypto: crypto.map Log Message: revert previous octal conversion code (broken and not worth it). To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/dist/include/openssl/bn.h cvs rdiff -u -r1.10 -r1.11 \ src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c diff -u src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c:1.2 src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c:1.3 --- src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c:1.2 Sun Oct 4 15:32:48 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c Mon Oct 5 10:34:03 2020 @@ -266,87 +266,6 @@ int BN_dec2bn(BIGNUM **bn, const char *a return 0; } -int BN_oct2bn(BIGNUM **bn, const char *a) -{ -BIGNUM *ret = NULL; -BN_ULONG l = 0; -int neg = 0, h, m, i, j, b, k, c, r; -int num; - -if (a == NULL || *a == '\0') -return 0; - -if (*a == '-') { -neg = 1; -a++; -} - -for (i = 0; i <= INT_MAX / 4 && ossl_isdigit(a[i]) && a[i] < '8'; i++) -continue; - -if (i == 0 || i > INT_MAX / 4) -goto err; - -num = i + neg; -if (bn == NULL) -return num; - -/* a is the start of the hex digits, and it is 'i' long */ -if (*bn == NULL) { -if ((ret = BN_new()) == NULL) -return 0; -} else { -ret = *bn; -BN_zero(ret); -} - -/* i is the number of hex digits */ -if (bn_expand(ret, i * 4) == NULL) -goto err; - -j = i; /* least significant 'oct' */ -h = 0; -b = 0; -#define M (BN_BYTES * 8 / 3) -while (j > 0) { -m = (M <= j) ? M : j; - while (m > 0) { - k = a[j - m] - '0'; - l = (l << 3) | k; - b += 3; - m--; - } -j -= M; - if (j <= 0) { - ret->d[h++] = l; - break; - } - b = BN_BYTES * 8 - b; - r = 3 - b; - k = a[j--] - '0'; - l = (l << r) | (k >> b); - ret->d[h++] = l; - l = k & ((2 << r) - 1); - if (j == 0) { - ret->d[h++] = l; - break; - } -} -ret->top = h; -bn_correct_top(ret); - -*bn = ret; -bn_check_top(ret); -/* Don't set the negative flag if it's zero. */ -if (ret->top != 0) -ret->neg = neg; -return num; - err: -if (*bn == NULL) -BN_free(ret); -return 0; -} - int BN_asc2bn(BIGNUM **bn, const char *a) { const char *p = a; @@ -354,14 +273,9 @@ int BN_asc2bn(BIGNUM **bn, const char *a if (*p == '-') p++; -if (p[0] == '0') { - if (p[1] == 'X' || p[1] == 'x') { - if (!BN_hex2bn(bn, p + 2)) - return 0; - } else { - if (!BN_oct2bn(bn, p + 1)) - return 0; - } +if (p[0] == '0' && (p[1] == 'X' || p[1] == 'x')) { +if (!BN_hex2bn(bn, p + 2)) +return 0; } else { if (!BN_dec2bn(bn, p)) return 0; Index: src/crypto/external/bsd/openssl/dist/include/openssl/bn.h diff -u src/crypto/external/bsd/openssl/dist/include/openssl/bn.h:1.2 src/crypto/external/bsd/openssl/dist/include/openssl/bn.h:1.3 --- src/crypto/external/bsd/openssl/dist/include/openssl/bn.h:1.2 Sun Oct 4 15:32:48 2020 +++ src/crypto/external/bsd/openssl/dist/include/openssl/bn.h Mon Oct 5 10:34:03 2020 @@ -310,7 +310,6 @@ char *BN_bn2hex(const BIGNUM *a); char *BN_bn2dec(const BIGNUM *a); int BN_hex2bn(BIGNUM **a, const char *str); int BN_dec2bn(BIGNUM **a, const char *str); -int BN_oct2bn(BIGNUM **a, const char *str); int BN_asc2bn(BIGNUM **a, const char *str); int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns Index: src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map diff -u src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.10 src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.11 --- src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.10 Mon Oct 5 07:29:36 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map Mon Oct 5 10:34:04 2020 @@ -552,7 +552,6 @@ OPENSSL_1_1_0 { BN_nnmod; BN_num_bits; BN_num_bits_word; -BN_oct2bn; BN_options; BN_print; BN_print_fp;
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto
Module Name:src Committed By: simonb Date: Mon Oct 5 11:29:36 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto: crypto.map Log Message: Whitespace nit. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 \ src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map diff -u src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.9 src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.10 --- src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.9 Sun Oct 4 19:32:48 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map Mon Oct 5 11:29:36 2020 @@ -552,7 +552,7 @@ OPENSSL_1_1_0 { BN_nnmod; BN_num_bits; BN_num_bits_word; - BN_oct2bn; +BN_oct2bn; BN_options; BN_print; BN_print_fp;
CVS commit: src/crypto/external/bsd/openssl
Module Name:src Committed By: christos Date: Sun Oct 4 19:32:48 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/bn: bn_print.c src/crypto/external/bsd/openssl/dist/include/openssl: bn.h src/crypto/external/bsd/openssl/lib/libcrypto: crypto.map Log Message: Add BN_oct2bn(3) for factor(6) To generate a diff of this commit: cvs rdiff -u -r1.1.1.10 -r1.2 \ src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c cvs rdiff -u -r1.1.1.3 -r1.2 \ src/crypto/external/bsd/openssl/dist/include/openssl/bn.h cvs rdiff -u -r1.8 -r1.9 \ src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c diff -u src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c:1.1.1.10 src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c:1.2 --- src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c:1.1.1.10 Sat Mar 21 20:49:05 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c Sun Oct 4 15:32:48 2020 @@ -266,6 +266,87 @@ int BN_dec2bn(BIGNUM **bn, const char *a return 0; } +int BN_oct2bn(BIGNUM **bn, const char *a) +{ +BIGNUM *ret = NULL; +BN_ULONG l = 0; +int neg = 0, h, m, i, j, b, k, c, r; +int num; + +if (a == NULL || *a == '\0') +return 0; + +if (*a == '-') { +neg = 1; +a++; +} + +for (i = 0; i <= INT_MAX / 4 && ossl_isdigit(a[i]) && a[i] < '8'; i++) +continue; + +if (i == 0 || i > INT_MAX / 4) +goto err; + +num = i + neg; +if (bn == NULL) +return num; + +/* a is the start of the hex digits, and it is 'i' long */ +if (*bn == NULL) { +if ((ret = BN_new()) == NULL) +return 0; +} else { +ret = *bn; +BN_zero(ret); +} + +/* i is the number of hex digits */ +if (bn_expand(ret, i * 4) == NULL) +goto err; + +j = i; /* least significant 'oct' */ +h = 0; +b = 0; +#define M (BN_BYTES * 8 / 3) +while (j > 0) { +m = (M <= j) ? M : j; + while (m > 0) { + k = a[j - m] - '0'; + l = (l << 3) | k; + b += 3; + m--; + } +j -= M; + if (j <= 0) { + ret->d[h++] = l; + break; + } + b = BN_BYTES * 8 - b; + r = 3 - b; + k = a[j--] - '0'; + l = (l << r) | (k >> b); + ret->d[h++] = l; + l = k & ((2 << r) - 1); + if (j == 0) { + ret->d[h++] = l; + break; + } +} +ret->top = h; +bn_correct_top(ret); + +*bn = ret; +bn_check_top(ret); +/* Don't set the negative flag if it's zero. */ +if (ret->top != 0) +ret->neg = neg; +return num; + err: +if (*bn == NULL) +BN_free(ret); +return 0; +} + int BN_asc2bn(BIGNUM **bn, const char *a) { const char *p = a; @@ -273,9 +354,14 @@ int BN_asc2bn(BIGNUM **bn, const char *a if (*p == '-') p++; -if (p[0] == '0' && (p[1] == 'X' || p[1] == 'x')) { -if (!BN_hex2bn(bn, p + 2)) -return 0; +if (p[0] == '0') { + if (p[1] == 'X' || p[1] == 'x') { + if (!BN_hex2bn(bn, p + 2)) + return 0; + } else { + if (!BN_oct2bn(bn, p + 1)) + return 0; + } } else { if (!BN_dec2bn(bn, p)) return 0; Index: src/crypto/external/bsd/openssl/dist/include/openssl/bn.h diff -u src/crypto/external/bsd/openssl/dist/include/openssl/bn.h:1.1.1.3 src/crypto/external/bsd/openssl/dist/include/openssl/bn.h:1.2 --- src/crypto/external/bsd/openssl/dist/include/openssl/bn.h:1.1.1.3 Sun Sep 23 09:17:50 2018 +++ src/crypto/external/bsd/openssl/dist/include/openssl/bn.h Sun Oct 4 15:32:48 2020 @@ -310,6 +310,7 @@ char *BN_bn2hex(const BIGNUM *a); char *BN_bn2dec(const BIGNUM *a); int BN_hex2bn(BIGNUM **a, const char *str); int BN_dec2bn(BIGNUM **a, const char *str); +int BN_oct2bn(BIGNUM **a, const char *str); int BN_asc2bn(BIGNUM **a, const char *str); int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns Index: src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map diff -u src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.8 src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.9 --- src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.8 Sat Mar 21 20:53:11 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map Sun Oct 4 15:32:48 2020 @@ -552,6 +552,7 @@ OPENSSL_1_1_0 { BN_nnmod; BN_num_bits; BN_num_bits_word; + BN_oct2bn; BN_options; BN_print; BN_print_fp;
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc
Module Name:src Committed By: mrg Date: Tue Sep 15 09:22:32 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc: aes.inc Log Message: build the 32 bit aesfx-sparcv9.S for sparc64 32 bit comapt libs. now libcrypto works -m32. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc:1.4 src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc:1.5 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc:1.4 Thu Nov 3 22:18:29 2016 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/aes.inc Tue Sep 15 09:22:32 2020 @@ -1,6 +1,6 @@ .if ${MACHINE} == "sparc64" .PATH.S: ${.PARSEDIR} -AES_SRCS = aes_core.c aes_cbc.c aes-sparcv9.S aest4-sparcv9.S +AES_SRCS = aes_core.c aes_cbc.c aes-sparcv9.S aest4-sparcv9.S aesfx-sparcv9.S AESCPPFLAGS = -DAES_ASM AFLAGS.aes-sparcv9.S+= -Wa,-Av9 AFLAGS.aest4-sparcv9.S+= -Wa,-Av9
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/engine
Module Name:src Committed By: tsutsui Date: Sat Sep 12 09:37:01 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/engine: eng_devcrypto.c Log Message: Restore a local change for PR/54740 lost during openssl 1.1.1e merge. syslogd(8) complains "Could not open /dev/crypto: Device not configured" again when pseudo-device crypto(4) is not configured in a kernel. http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssl/dist/crypto/engine/eng_devcrypto.c#rev1.5 http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssl/dist/crypto/engine/eng_devcrypto.c#rev1.7 Should be pullued up to netbsd-9. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/openssl/dist/crypto/engine/eng_devcrypto.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/engine/eng_devcrypto.c diff -u src/crypto/external/bsd/openssl/dist/crypto/engine/eng_devcrypto.c:1.7 src/crypto/external/bsd/openssl/dist/crypto/engine/eng_devcrypto.c:1.8 --- src/crypto/external/bsd/openssl/dist/crypto/engine/eng_devcrypto.c:1.7 Sun Mar 22 00:53:05 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/engine/eng_devcrypto.c Sat Sep 12 09:37:01 2020 @@ -761,7 +761,7 @@ void engine_load_devcrypto_int() if ((cfd = open("/dev/crypto", O_RDWR, 0)) < 0) { #ifndef ENGINE_DEVCRYPTO_DEBUG -if (errno != ENOENT) +if (errno != ENOENT && errno != ENXIO) #endif fprintf(stderr, "Could not open /dev/crypto: %s\n", strerror(errno)); return;
CVS commit: src/crypto/external/bsd/heimdal
Module Name:src Committed By: mrg Date: Thu Jul 23 07:53:35 UTC 2020 Modified Files: src/crypto/external/bsd/heimdal: Makefile.inc src/crypto/external/bsd/heimdal/bin/krb5-config: Makefile Log Message: move $VERSION from Makefile.inc into the single Makefile that uses it. this should do two nice things: - eliminate "nbsed" missing messages in builds - slightly speed up the build by removing a few dozen exec sed calls To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/heimdal/Makefile.inc cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/heimdal/Makefile.inc diff -u src/crypto/external/bsd/heimdal/Makefile.inc:1.5 src/crypto/external/bsd/heimdal/Makefile.inc:1.6 --- src/crypto/external/bsd/heimdal/Makefile.inc:1.5 Tue Dec 17 00:17:00 2019 +++ src/crypto/external/bsd/heimdal/Makefile.inc Thu Jul 23 07:53:35 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.inc,v 1.5 2019/12/17 00:17:00 christos Exp $ +# $NetBSD: Makefile.inc,v 1.6 2020/07/23 07:53:35 mrg Exp $ HEIMBASE?= ${NETBSDSRCDIR}/crypto/external/bsd/heimdal HEIMDIST= ${HEIMBASE}/dist @@ -16,8 +16,6 @@ LIBIPC_PIC= ${LIBIPCDIR}/libipc.a LIBIPC_PIC= ${LIBIPCDIR}/libipc_pic.a .endif -VERSION!= ${TOOL_SED} -ne 's/.*PACKAGE_VERSION[ ]*"\([0-9.]*\)"/\1/p' ${.PARSEDIR}/include/config.h - .if ${USETOOLS} != "yes" COMPILEETOBJ!= cd ${HEIMBASE}/lib/libcom_err/compile_et && ${PRINTOBJDIR} TOOL_COMPILE_ET= ${COMPILEETOBJ}/compile_et Index: src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile diff -u src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile:1.4 src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile:1.5 --- src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile:1.4 Tue Dec 17 00:16:26 2019 +++ src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile Thu Jul 23 07:53:35 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.4 2019/12/17 00:16:26 christos Exp $ +# $NetBSD: Makefile,v 1.5 2020/07/23 07:53:35 mrg Exp $ .include .include <${.CURDIR}/../../Makefile.inc> @@ -10,6 +10,8 @@ MAN= krb5-config.1 CLEANFILES+= krb5-config +VERSION!= ${TOOL_SED} -ne 's/.*PACKAGE_VERSION[ ]*"\([0-9.]*\)"/\1/p' ${HEIMBASE}/include/config.h + krb5-config: krb5-config.in ${TOOL_SED} \ -e "s!@PACKAGE\@!heimdal!g" \
CVS commit: src/crypto/external/bsd/openssl/dist/crypto
Module Name:src Committed By: riastradh Date: Sun Jul 19 15:33:08 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto: ppccap.c Log Message: Expand on importance of not using fpu for crypto if there's no fpu. To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 \ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/ppccap.c diff -u src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.17 src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.18 --- src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.17 Wed Jul 15 08:14:41 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c Sun Jul 19 15:33:08 2020 @@ -374,8 +374,11 @@ void OPENSSL_cpuid_setup(void) size_t len = sizeof(val); /* - * If machdep.fpu_present == 0, FPU is absent and emulated by software. - * Avoid using it for better performance. + * If machdep.fpu_present == 0, FPU is absent and emulated by + * software. In that case, using FPU instructions hurts rather + * than helps performance, and the software is unlikely to run in + * constant time so it would expose us to timing side channel + * attacks. So don't do it! */ error = sysctlbyname("machdep.fpu_present", , , NULL, 0); if (error != 0 || (error == 0 && val != 0))
CVS commit: src/crypto/external/bsd/openssl/dist/crypto
Module Name:src Committed By: rin Date: Wed Jul 15 08:14:41 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto: ppccap.c Log Message: PR port-powerpc/55425 Update comment; FPU emulation seems to work just fine now. However, FPU-optimized code should still be avoided for better performance, if FPU is not present. To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 \ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/ppccap.c diff -u src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.16 src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.17 --- src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.16 Tue Jul 7 01:47:47 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c Wed Jul 15 08:14:41 2020 @@ -375,8 +375,7 @@ void OPENSSL_cpuid_setup(void) /* * If machdep.fpu_present == 0, FPU is absent and emulated by software. - * Avoid using it as calculation results may not be correct in bit-to-bit - * precision. + * Avoid using it for better performance. */ error = sysctlbyname("machdep.fpu_present", , , NULL, 0); if (error != 0 || (error == 0 && val != 0))
CVS commit: src/crypto/external/bsd/openssl/dist/crypto
Module Name:src Committed By: rin Date: Tue Jul 7 01:47:47 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto: ppccap.c Log Message: Part of PR port-powerpc/55425 openssl fails on FPU emulation for powerpc When machdep.fpu_present sysctl variable can be retrieved, and its value is zero, avoid using FPU arithmetic. FPU is absent and emulated by kernel in that case, and calculation results are not correct in bit-to-bit precision. This behavior should be useful even if we could fix FPU emulation; it is much faster to skip FPU arithmetic in general, rather than relying upon emulation by kernel via illegal instruction handler. To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 \ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/ppccap.c diff -u src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.15 src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.16 --- src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.15 Mon Jun 22 16:25:08 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c Tue Jul 7 01:47:47 2020 @@ -26,6 +26,10 @@ # include # include #endif +#if defined(__NetBSD__) +# include +# include +#endif #include #include #include @@ -365,6 +369,18 @@ void OPENSSL_cpuid_setup(void) sigaction(SIGILL, _act, _oact); #ifndef OSSL_IMPLEMENT_GETAUXVAL +# ifdef __NetBSD__ +int error, val; +size_t len = sizeof(val); + +/* + * If machdep.fpu_present == 0, FPU is absent and emulated by software. + * Avoid using it as calculation results may not be correct in bit-to-bit + * precision. + */ +error = sysctlbyname("machdep.fpu_present", , , NULL, 0); +if (error != 0 || (error == 0 && val != 0)) +# endif if (sigsetjmp(ill_jmp,1) == 0) { OPENSSL_fpu_probe(); OPENSSL_ppccap_P |= PPC_FPU;
CVS commit: src/crypto/external/bsd/openssl/dist/crypto
Module Name:src Committed By: christos Date: Mon Jun 22 22:43:56 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto: armcap.c Log Message: remove unneeded ifdefs To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssl/dist/crypto/armcap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/armcap.c diff -u src/crypto/external/bsd/openssl/dist/crypto/armcap.c:1.11 src/crypto/external/bsd/openssl/dist/crypto/armcap.c:1.12 --- src/crypto/external/bsd/openssl/dist/crypto/armcap.c:1.11 Sat Mar 21 20:53:02 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/armcap.c Mon Jun 22 18:43:56 2020 @@ -41,7 +41,6 @@ static void ill_handler(int sig) * Following subroutines could have been inlined, but it's not all * ARM compilers support inline assembler... */ -#if __ARM_MAX_ARCH__>=7 void _armv7_neon_probe(void); void _armv8_aes_probe(void); void _armv8_sha1_probe(void); @@ -54,11 +53,9 @@ uint32_t _armv7_tick(void); uint32_t OPENSSL_rdtsc(void) { -#if __ARM_MAX_ARCH__>=7 if (OPENSSL_armcap_P & ARMV7_TICK) return _armv7_tick(); else -#endif return 0; } @@ -210,7 +207,6 @@ void OPENSSL_cpuid_setup(void) _armv7_tick(); OPENSSL_armcap_P |= ARMV7_TICK; } -#endif sigaction(SIGILL, _oact, NULL); sigprocmask(SIG_SETMASK, , NULL);
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm
Module Name:src Committed By: christos Date: Mon Jun 22 19:56:36 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm: modes.inc Log Message: Always compile in v8 support. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/modes.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/modes.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/modes.inc:1.4 src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/modes.inc:1.5 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/modes.inc:1.4 Wed Mar 7 15:38:39 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/modes.inc Mon Jun 22 15:56:36 2020 @@ -3,9 +3,8 @@ .PATH.S: ${.PARSEDIR} MODES_SRCS += ghash-armv4.S -.if ${ARM_MAX_ARCH} >= 8 MODES_SRCS += ghashv8-armx.S -.endif +AFLAGS.ghashv8-armx.S = -Wa,-march=armv8.4-a MODESCPPFLAGS = -DGHASH_ASM .include "../../modes.inc"
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/modes
Module Name:src Committed By: christos Date: Mon Jun 22 19:55:43 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/modes: gcm128.c Log Message: reduce diff with upstream. we always compile with v8 assembly and detect at runtime. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 \ src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c diff -u src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c:1.8 src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c:1.9 --- src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c:1.8 Sun Jun 21 18:17:35 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c Mon Jun 22 15:55:43 2020 @@ -668,6 +668,7 @@ void gcm_ghash_4bit_x86(u64 Xi[2], const # if __ARM_MAX_ARCH__>=7 # define GHASH_ASM_ARM # define GCM_FUNCREF_4BIT +# define PMULL_CAPABLE(OPENSSL_armcap_P & ARMV8_PMULL) # if defined(__arm__) || defined(__arm) #define NEON_CAPABLE(OPENSSL_armcap_P & ARMV7_NEON) # endif @@ -675,18 +676,15 @@ void gcm_init_neon(u128 Htable[16], cons void gcm_gmult_neon(u64 Xi[2], const u128 Htable[16]); void gcm_ghash_neon(u64 Xi[2], const u128 Htable[16], const u8 *inp, size_t len); -# if __ARM_MAX_ARCH__>=8 -#define PMULL_CAPABLE(OPENSSL_armcap_P & ARMV8_PMULL) void gcm_init_v8(u128 Htable[16], const u64 Xi[2]); void gcm_gmult_v8(u64 Xi[2], const u128 Htable[16]); void gcm_ghash_v8(u64 Xi[2], const u128 Htable[16], const u8 *inp, size_t len); -# endif # endif # elif defined(__sparc__) || defined(__sparc) # include "sparc_arch.h" -# define GHASH_ASM_SPARC -# define GCM_FUNCREF_4BIT +# define GHASH_ASM_SPARC +# define GCM_FUNCREF_4BIT extern unsigned int OPENSSL_sparcv9cap_P[]; void gcm_init_vis3(u128 Htable[16], const u64 Xi[2]); void gcm_gmult_vis3(u64 Xi[2], const u128 Htable[16]);
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch
Module Name:src Committed By: christos Date: Mon Jun 22 16:34:57 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc: sha.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64: sha.inc Log Message: use the C version of keccak To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc:1.4 src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc:1.5 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc:1.4 Mon Jun 22 12:26:29 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc Mon Jun 22 12:34:57 2020 @@ -1,7 +1,6 @@ .PATH.S: ${.PARSEDIR} SHA_SRCS = sha1-ppc.S SHACPPFLAGS = -DSHA1_ASM -KECCAKNI = yes .if NOT_USING_SHAXXX_FROM_LIBC SHA_SRCS += sha512-ppc.S sha512p8-ppc.S SHA_SRCS += sha256-ppc.S sha256p8-ppc.S Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc:1.2 src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc:1.3 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc:1.2 Wed Apr 15 17:29:28 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc Mon Jun 22 12:34:57 2020 @@ -1,7 +1,6 @@ .PATH.S: ${.PARSEDIR} -SHA_SRCS = sha1-ppc.S keccak1600-ppc64.S keccak1600.c -SHACPPFLAGS = -DSHA1_ASM -DKECCAK1600_ASM -KECCAKNI = yes +SHA_SRCS = sha1-ppc.S +SHACPPFLAGS = -DSHA1_ASM .if NOT_USING_SHAXXX_FROM_LIBC SHA_SRCS += sha512-ppc.S sha512p8-ppc.S SHA_SRCS += sha256-ppc.S sha256p8-ppc.S
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64
Module Name:src Committed By: christos Date: Mon Jun 22 16:26:52 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64: keccak1600-ppc64.S keccak1600p8-ppc.S Log Message: regen To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600-ppc64.S \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600p8-ppc.S Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600-ppc64.S diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600-ppc64.S:1.2 src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600-ppc64.S:1.3 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600-ppc64.S:1.2 Sat Apr 11 18:41:06 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600-ppc64.S Mon Jun 22 12:26:52 2020 @@ -317,16 +317,16 @@ dword_le_load: .long 0 -.globl SHA3_absorb_vsx -.type SHA3_absorb_vsx,@function +.globl SHA3_absorb +.type SHA3_absorb,@function .section ".opd","aw" .align 3 -SHA3_absorb_vsx: -.quad .SHA3_absorb_vsx,.TOC.@tocbase,0 +SHA3_absorb: +.quad .SHA3_absorb,.TOC.@tocbase,0 .previous .align 5 -.SHA3_absorb_vsx: +.SHA3_absorb: stdu 1,-272(1) mflr 0 std 14,128(1) @@ -546,16 +546,16 @@ SHA3_absorb_vsx: .byte 0,12,4,1,0x80,18,4,0 .long 0 -.globl SHA3_squeeze_vsx -.type SHA3_squeeze_vsx,@function +.globl SHA3_squeeze +.type SHA3_squeeze,@function .section ".opd","aw" .align 3 -SHA3_squeeze_vsx: -.quad .SHA3_squeeze_vsx,.TOC.@tocbase,0 +SHA3_squeeze: +.quad .SHA3_squeeze,.TOC.@tocbase,0 .previous .align 5 -.SHA3_squeeze_vsx: +.SHA3_squeeze: stdu 1,-80(1) mflr 0 std 28,48(1) Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600p8-ppc.S diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600p8-ppc.S:1.2 src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600p8-ppc.S:1.3 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600p8-ppc.S:1.2 Sat Apr 11 18:41:06 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600p8-ppc.S Mon Jun 22 12:26:52 2020 @@ -288,16 +288,16 @@ KeccakF1600: .byte 0,12,0x04,1,0x80,0,1,0 .long 0 -.globl SHA3_absorb_vsx -.type SHA3_absorb_vsx,@function +.globl SHA3_absorb +.type SHA3_absorb,@function .section ".opd","aw" .align 3 -SHA3_absorb_vsx: -.quad .SHA3_absorb_vsx,.TOC.@tocbase,0 +SHA3_absorb: +.quad .SHA3_absorb,.TOC.@tocbase,0 .previous .align 5 -.SHA3_absorb_vsx: +.SHA3_absorb: stdu 1,-256(1) li 10,63 li 11,79 @@ -595,16 +595,16 @@ SHA3_absorb_vsx: .byte 0,12,0x04,1,0x80,0,4,0 .long 0 -.globl SHA3_squeeze_vsx -.type SHA3_squeeze_vsx,@function +.globl SHA3_squeeze +.type SHA3_squeeze,@function .section ".opd","aw" .align 3 -SHA3_squeeze_vsx: -.quad .SHA3_squeeze_vsx,.TOC.@tocbase,0 +SHA3_squeeze: +.quad .SHA3_squeeze,.TOC.@tocbase,0 .previous .align 5 -.SHA3_squeeze_vsx: +.SHA3_squeeze: mflr 9 subi 4,4,1 addi 8,3,4
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc
Module Name:src Committed By: christos Date: Mon Jun 22 16:26:29 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc: keccak1600p8-ppc.S sha.inc Log Message: Regen and disable keccak asm To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/keccak1600p8-ppc.S cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/keccak1600p8-ppc.S diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/keccak1600p8-ppc.S:1.2 src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/keccak1600p8-ppc.S:1.3 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/keccak1600p8-ppc.S:1.2 Sat Apr 11 18:41:06 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/keccak1600p8-ppc.S Mon Jun 22 12:26:29 2020 @@ -288,11 +288,11 @@ KeccakF1600: .byte 0,12,0x04,1,0x80,0,1,0 .long 0 -.globl SHA3_absorb_vsx -.type SHA3_absorb_vsx,@function +.globl SHA3_absorb +.type SHA3_absorb,@function .align 5 -SHA3_absorb_vsx: +SHA3_absorb: stwu 1,-232(1) li 10,39 li 11,55 @@ -590,11 +590,11 @@ SHA3_absorb_vsx: .byte 0,12,0x04,1,0x80,0,4,0 .long 0 -.globl SHA3_squeeze_vsx -.type SHA3_squeeze_vsx,@function +.globl SHA3_squeeze +.type SHA3_squeeze,@function .align 5 -SHA3_squeeze_vsx: +SHA3_squeeze: mflr 9 subi 4,4,1 addi 8,3,4 Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc:1.3 src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc:1.4 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc:1.3 Sat Apr 11 18:41:06 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc Mon Jun 22 12:26:29 2020 @@ -1,6 +1,6 @@ .PATH.S: ${.PARSEDIR} -SHA_SRCS = sha1-ppc.S keccak1600p8-ppc.S keccak1600.c -SHACPPFLAGS = -DSHA1_ASM -DKECCAK1600_ASM +SHA_SRCS = sha1-ppc.S +SHACPPFLAGS = -DSHA1_ASM KECCAKNI = yes .if NOT_USING_SHAXXX_FROM_LIBC SHA_SRCS += sha512-ppc.S sha512p8-ppc.S
CVS commit: src/crypto/external/bsd/openssl/dist/crypto
Module Name:src Committed By: christos Date: Mon Jun 22 16:25:08 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto: ppccap.c src/crypto/external/bsd/openssl/dist/crypto/sha: keccak1600.c src/crypto/external/bsd/openssl/dist/crypto/sha/asm: keccak1600-ppc64.pl keccak1600p8-ppc.pl Log Message: Revert the conditional use of vsx on keccak. Upstream wants to disable it instead (dot-asm: So that both assembly modules export SHA3_absorb_vsx... Either way, it makes lesser sense to deploy vector keccak1600p8-ppc.pl, because benefits are not that clear. It's only nominally faster than scalar module on POWER8 but significantly slower on POWER9. Because POWER9 is better equipped to handle non-vector code. On related note, there is version optimized for little-endian, as well as 32-bit version. [And since MIPS was mentioned, there is even MIPS module...] To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 \ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl \ src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600p8-ppc.pl Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/ppccap.c diff -u src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.14 src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.15 --- src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.14 Tue Jun 16 23:22:06 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c Mon Jun 22 12:25:08 2020 @@ -160,37 +160,6 @@ void ecp_nistz256_from_mont(unsigned lon } #endif -size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len, -size_t r); -void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r); - -size_t SHA3_absorb_default(uint64_t A[5][5], const unsigned char *inp, -size_t len, size_t r); -void SHA3_squeeze_default(uint64_t A[5][5], unsigned char *out, size_t len, -size_t r); - -size_t SHA3_absorb_vsx(uint64_t A[5][5], const unsigned char *inp, -size_t len, size_t r); -void SHA3_squeeze_vsx(uint64_t A[5][5], unsigned char *out, size_t len, -size_t r); - -size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len, -size_t r) -{ -return OPENSSL_ppccap_P & PPC_CRYPTO207 -? SHA3_absorb_vsx(A, inp, len, r) -: SHA3_absorb_default(A, inp, len, r); -} - -void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r) -{ -OPENSSL_ppccap_P & PPC_CRYPTO207 -? SHA3_squeeze_vsx(A, out, len, r) -: SHA3_squeeze_default(A, out, len, r); -} - - - static sigjmp_buf ill_jmp; static void ill_handler(int sig) { Index: src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c diff -u src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c:1.2 src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c:1.3 --- src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c:1.2 Sat Apr 11 18:41:06 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c Mon Jun 22 12:25:08 2020 @@ -11,12 +11,6 @@ #include #include -#ifdef __powerpc__ -#define SHA3_absorb SHA3_absorb_default -#define SHA3_squeeze SHA3_squeeze_default -#undef KECCAK1600_ASM -#endif - size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len, size_t r); void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r); Index: src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl diff -u src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl:1.2 src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl:1.3 --- src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl:1.2 Sat Apr 11 18:41:06 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl Mon Jun 22 12:25:08 2020 @@ -405,10 +405,10 @@ dword_le_load: .long 0 .size dword_le_load,.-dword_le_load -.globl SHA3_absorb_vsx -.type SHA3_absorb_vsx,\@function +.globl SHA3_absorb +.type SHA3_absorb,\@function .align 5 -SHA3_absorb_vsx: +SHA3_absorb: $STU $sp,-$FRAME($sp) mflr r0 $PUSH r14,`$FRAME-$SIZE_T*18`($sp) @@ -627,15 +627,15 @@ SHA3_absorb_vsx: .long 0 .byte 0,12,4,1,0x80,18,4,0 .long 0 -.size SHA3_absorb_vsx,.-SHA3_absorb_vsx +.size SHA3_absorb,.-SHA3_absorb ___ { my ($A_flat,$out,$len,$bsz) = map("r$_",(28..31)); $code.=<<___; -.globl SHA3_squeeze_vsx -.type SHA3_squeeze_vsx,\@function +.globl SHA3_squeeze +.type SHA3_squeeze,\@function .align 5 -SHA3_squeeze_vsx: +SHA3_squeeze: $STU $sp,`-10*$SIZE_T`($sp) mflr r0 $PUSH r28,`6*$SIZE_T`($sp) @@ -705,7 +705,7 @@ SHA3_squeeze_vsx: .long 0 .byte
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/modes
Module Name:src Committed By: christos Date: Sun Jun 21 22:17:35 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/modes: gcm128.c Log Message: Revert to the upstream version To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c diff -u src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c:1.7 src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c:1.8 --- src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c:1.7 Sat Mar 21 20:53:07 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/modes/gcm128.c Sun Jun 21 18:17:35 2020 @@ -685,7 +685,6 @@ void gcm_ghash_v8(u64 Xi[2], const u128 # endif # elif defined(__sparc__) || defined(__sparc) # include "sparc_arch.h" -# if defined(__arch64__) # define GHASH_ASM_SPARC # define GCM_FUNCREF_4BIT extern unsigned int OPENSSL_sparcv9cap_P[]; @@ -693,7 +692,6 @@ void gcm_init_vis3(u128 Htable[16], cons void gcm_gmult_vis3(u64 Xi[2], const u128 Htable[16]); void gcm_ghash_vis3(u64 Xi[2], const u128 Htable[16], const u8 *inp, size_t len); -# endif # elif defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC)) # include "ppc_arch.h" # define GHASH_ASM_PPC
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/bn/asm
Module Name:src Committed By: christos Date: Sun Jun 21 22:16:53 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/bn/asm: mips.pl Log Message: Revert to the upstream version, there are no more warnings To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl diff -u src/crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl:1.7 src/crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl:1.8 --- src/crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl:1.7 Sat Mar 21 20:53:03 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl Sun Jun 21 18:16:53 2020 @@ -486,9 +486,8 @@ $code.=<<___; $ST $ta3,-2*$BNSZ($a0) .set noreorder - $ST $ta2,-$BNSZ($a0) bgtz $ta0,.L_bn_sqr_words_loop - nop + $ST $ta2,-$BNSZ($a0) beqz $a2,.L_bn_sqr_words_return nop @@ -817,9 +816,8 @@ bn_div_3_words: $LD $a0,($a3) move $ta2,$a1 - $LD $a1,-$BNSZ($a3) bne $a0,$a2,bn_div_3_words_internal - nop + $LD $a1,-$BNSZ($a3) li $v0,-1 jr $ra move $a0,$v0
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc
Module Name:src Committed By: christos Date: Sun Jun 21 22:16:08 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc: bn.inc crypto.inc modes.inc Log Message: Re-enable the v9 testing and assembly To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/crypto.inc cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/modes.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc:1.1 src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc:1.2 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc:1.1 Sun Mar 2 04:02:43 2014 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/bn.inc Sun Jun 21 18:16:08 2020 @@ -1,6 +1,5 @@ -.if ${MACHINE} == "sparc64" .PATH.S: ${.PARSEDIR} # XXX bn-sparcv8plus.S doesn't work well. why? BN_SRCS = bn-sparcv8.S -.endif +AFLAGS.bn-sparcv8.S+= -Wa,-Av9 .include "../../bn.inc" Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/crypto.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/crypto.inc:1.12 src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/crypto.inc:1.13 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/crypto.inc:1.12 Sat May 9 09:16:42 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/crypto.inc Sun Jun 21 18:16:08 2020 @@ -1,10 +1,9 @@ .PATH.S: ${.PARSEDIR} .PATH.c: ${.PARSEDIR} CPUID = yes -CPUID_SRCS += sparccpuid.S sparccap.c +CPUID_SRCS += sparccpuid.S sparcv9cap.c CPPFLAGS += -DOPENSSL_CPUID_OBJ -.if ${MACHINE} == "sparc64" CPUID_SRCS += sparcv9-mont.S sparcv9a-mont.S CPUID_SRCS += sparct4-mont.S vis3-mont.S #CPPFLAGS += -DOPENSSL_BN_ASM_MONT @@ -12,6 +11,5 @@ AFLAGS.sparcv9-mont.S+= -Wa,-Av9 AFLAGS.sparcv9a-mont.S+= -Wa,-Av9a AFLAGS.sparct4-mont.S+= -Wa,-Av9a AFLAGS.vis3-mont.S+= -Wa,-Av9a -.endif .include "../../crypto.inc" Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/modes.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/modes.inc:1.3 src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/modes.inc:1.4 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/modes.inc:1.3 Fri Oct 14 12:09:44 2016 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/modes.inc Sun Jun 21 18:16:08 2020 @@ -1,7 +1,5 @@ -.if ${MACHINE} == "sparc64" .PATH.S: ${.PARSEDIR} MODES_SRCS = ghash-sparcv9.S MODESCPPFLAGS = -DGHASH_ASM AFLAGS.ghash-sparcv9.S+= -Wa,-Av9 -.endif .include "../../modes.inc"
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips
Module Name:src Committed By: christos Date: Sun Jun 21 22:16:16 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips: mips.S mips64.S Log Message: regen To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.S cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips64.S Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.S diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.S:1.3 src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.S:1.4 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.S:1.3 Sat Mar 21 20:53:12 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips.S Sun Jun 21 18:16:16 2020 @@ -316,9 +316,8 @@ bn_sqr_words_internal: sw $11,-2*4($4) .set noreorder - sw $10,-4($4) bgtz $8,.L_bn_sqr_words_loop - nop + sw $10,-4($4) beqz $6,.L_bn_sqr_words_return nop @@ -589,9 +588,8 @@ bn_div_3_words: lw $4,($7) move $10,$5 - lw $5,-4($7) bne $4,$6,bn_div_3_words_internal - nop + lw $5,-4($7) li $2,-1 jr $31 move $4,$2 Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips64.S diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips64.S:1.4 src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips64.S:1.5 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips64.S:1.4 Sat Mar 21 20:53:12 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/mips/mips64.S Sun Jun 21 18:16:16 2020 @@ -313,9 +313,8 @@ bn_sqr_words_internal: sd $11,-2*8($4) .set noreorder - sd $10,-8($4) bgtz $8,.L_bn_sqr_words_loop - nop + sd $10,-8($4) beqz $6,.L_bn_sqr_words_return nop @@ -586,9 +585,8 @@ bn_div_3_words: ld $4,($7) move $10,$5 - ld $5,-8($7) bne $4,$6,bn_div_3_words_internal - nop + ld $5,-8($7) li $2,-1 jr $31 move $4,$2
CVS commit: src/crypto/external/bsd/openssl/dist/crypto
Module Name:src Committed By: christos Date: Wed Jun 17 03:22:06 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto: ppccap.c Log Message: fix pasto (noted by Viktor Duchovny) To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 \ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/ppccap.c diff -u src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.13 src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.14 --- src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.13 Sat Apr 11 18:41:06 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c Tue Jun 16 23:22:06 2020 @@ -185,7 +185,7 @@ size_t SHA3_absorb(uint64_t A[5][5], con void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r) { OPENSSL_ppccap_P & PPC_CRYPTO207 -? SHA3_absorb_vsx(A, out, len, r) +? SHA3_squeeze_vsx(A, out, len, r) : SHA3_squeeze_default(A, out, len, r); }
CVS commit: src/crypto/external/bsd/openssh/bin/scp
Module Name:src Committed By: christos Date: Fri May 29 12:15:30 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/bin/scp: Makefile Log Message: delete previous and fix bug instead. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/bin/scp/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/bin/scp/Makefile diff -u src/crypto/external/bsd/openssh/bin/scp/Makefile:1.4 src/crypto/external/bsd/openssh/bin/scp/Makefile:1.5 --- src/crypto/external/bsd/openssh/bin/scp/Makefile:1.4 Fri May 29 06:01:23 2020 +++ src/crypto/external/bsd/openssh/bin/scp/Makefile Fri May 29 08:15:30 2020 @@ -1,9 +1,7 @@ -# $NetBSD: Makefile,v 1.4 2020/05/29 10:01:23 kamil Exp $ +# $NetBSD: Makefile,v 1.5 2020/05/29 12:15:30 christos Exp $ BINDIR=/usr/bin PROG= scp -COPTS.scp.c += -Wno-format-nonliteral - .include
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri May 29 12:14:49 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: scp.c Log Message: Fix printf format error. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/scp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/scp.c diff -u src/crypto/external/bsd/openssh/dist/scp.c:1.26 src/crypto/external/bsd/openssh/dist/scp.c:1.27 --- src/crypto/external/bsd/openssh/dist/scp.c:1.26 Thu May 28 13:05:49 2020 +++ src/crypto/external/bsd/openssh/dist/scp.c Fri May 29 08:14:49 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: scp.c,v 1.26 2020/05/28 17:05:49 christos Exp $ */ +/* $NetBSD: scp.c,v 1.27 2020/05/29 12:14:49 christos Exp $ */ /* $OpenBSD: scp.c,v 1.210 2020/05/06 20:57:38 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which @@ -73,7 +73,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: scp.c,v 1.26 2020/05/28 17:05:49 christos Exp $"); +__RCSID("$NetBSD: scp.c,v 1.27 2020/05/29 12:14:49 christos Exp $"); #include /* roundup MAX */ #include @@ -366,7 +366,7 @@ __dead static void lostconn(int); int okname(char *); void run_err(const char *,...) __printflike(1, 2); void run_err(const char *,...) __printflike(1, 2); -int note_err(const char *,...); +int note_err(const char *,...) __printflike(1, 2); void verifydir(char *); struct passwd *pwd; @@ -1503,7 +1503,7 @@ bad: run_err("%s: %s", np, strerror(er } } if (close(ofd) == -1) - note_err(np, "%s: close: %s", np, strerror(errno)); + note_err("%s: close: %s", np, strerror(errno)); (void) response(); if (showprogress) stop_progress_meter();
CVS commit: src/crypto/external/bsd/openssh/bin/scp
Module Name:src Committed By: kamil Date: Fri May 29 10:01:23 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/bin/scp: Makefile Log Message: Specify -Wno-format-nonlitera for scp.c (OpenSSH) Fixes build with Clang/LLVM. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/bin/scp/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/bin/scp/Makefile diff -u src/crypto/external/bsd/openssh/bin/scp/Makefile:1.3 src/crypto/external/bsd/openssh/bin/scp/Makefile:1.4 --- src/crypto/external/bsd/openssh/bin/scp/Makefile:1.3 Sun Mar 1 20:59:52 2020 +++ src/crypto/external/bsd/openssh/bin/scp/Makefile Fri May 29 10:01:23 2020 @@ -1,7 +1,9 @@ -# $NetBSD: Makefile,v 1.3 2020/03/01 20:59:52 christos Exp $ +# $NetBSD: Makefile,v 1.4 2020/05/29 10:01:23 kamil Exp $ BINDIR=/usr/bin PROG= scp +COPTS.scp.c += -Wno-format-nonliteral + .include
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Thu May 28 17:05:50 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: PROTOCOL PROTOCOL.mux auth-options.c auth-rhosts.c auth2-chall.c auth2-passwd.c auth2.c authfd.c authfile.c channels.c cipher-chachapoly.c cipher-chachapoly.h cipher.c clientloop.c clientloop.h digest-libc.c gss-serv.c hmac.c hostfile.c kex.c krl.c krl.h misc.c monitor.c mux.c packet.c packet.h readconf.c readconf.h scp.1 scp.c servconf.c servconf.h session.c sftp.1 sftp.c sk-usbhid.c ssh-add.c ssh-agent.c ssh-dss.c ssh-ed25519-sk.c ssh-ed25519.c ssh-keygen.1 ssh-keygen.c ssh-pkcs11-helper.c ssh-pkcs11.c ssh-sk.c ssh-xmss.c ssh.1 ssh.c ssh_config.5 sshbuf-misc.c sshbuf.c sshbuf.h sshconnect.c sshconnect2.c sshd.c sshd_config.5 sshkey.c sshkey.h sshsig.c umac.c utf8.c utf8.h version.h src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: shlib_version Log Message: Merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/PROTOCOL \ src/crypto/external/bsd/openssh/dist/sshbuf.h cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/PROTOCOL.mux \ src/crypto/external/bsd/openssh/dist/sshbuf-misc.c cvs rdiff -u -r1.22 -r1.23 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/auth-rhosts.c \ src/crypto/external/bsd/openssh/dist/sshbuf.c \ src/crypto/external/bsd/openssh/dist/sshkey.h cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/auth2-chall.c \ src/crypto/external/bsd/openssh/dist/cipher.c \ src/crypto/external/bsd/openssh/dist/clientloop.h cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/openssh/dist/auth2-passwd.c cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/auth2.c \ src/crypto/external/bsd/openssh/dist/packet.h \ src/crypto/external/bsd/openssh/dist/servconf.h \ src/crypto/external/bsd/openssh/dist/sftp.1 \ src/crypto/external/bsd/openssh/dist/ssh-add.c cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/authfd.c \ src/crypto/external/bsd/openssh/dist/scp.1 cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/authfile.c \ src/crypto/external/bsd/openssh/dist/readconf.h cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/channels.c \ src/crypto/external/bsd/openssh/dist/kex.c \ src/crypto/external/bsd/openssh/dist/ssh.1 \ src/crypto/external/bsd/openssh/dist/ssh_config.5 \ src/crypto/external/bsd/openssh/dist/sshconnect.c cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/openssh/dist/cipher-chachapoly.c cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssh/dist/cipher-chachapoly.h \ src/crypto/external/bsd/openssh/dist/sk-usbhid.c \ src/crypto/external/bsd/openssh/dist/ssh-ed25519-sk.c \ src/crypto/external/bsd/openssh/dist/ssh-sk.c \ src/crypto/external/bsd/openssh/dist/ssh-xmss.c cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/clientloop.c \ src/crypto/external/bsd/openssh/dist/sftp.c \ src/crypto/external/bsd/openssh/dist/ssh-agent.c cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/digest-libc.c \ src/crypto/external/bsd/openssh/dist/hmac.c cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/gss-serv.c cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/hostfile.c \ src/crypto/external/bsd/openssh/dist/krl.c \ src/crypto/external/bsd/openssh/dist/ssh-dss.c cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/krl.h cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/monitor.c cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/mux.c \ src/crypto/external/bsd/openssh/dist/scp.c \ src/crypto/external/bsd/openssh/dist/ssh-keygen.1 cvs rdiff -u -r1.40 -r1.41 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/readconf.c \ src/crypto/external/bsd/openssh/dist/session.c \ src/crypto/external/bsd/openssh/dist/sshd_config.5 cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/servconf.c \ src/crypto/external/bsd/openssh/dist/ssh.c \ src/crypto/external/bsd/openssh/dist/version.h cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/ssh-ed25519.c cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/ssh-keygen.c cvs rdiff -u -r1.18 -r1.19 \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c \ src/crypto/external/bsd/openssh/dist/umac.c cvs rdiff -u -r1.19 -r1.20
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto
Module Name:src Committed By: nia Date: Sat May 9 13:16:43 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto: crypto.inc evp.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/aarch64: crypto.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/alpha: crypto.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm: crypto.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386: crypto.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc: crypto.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64: crypto.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc: crypto.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc64: crypto.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/vax: crypto.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64: crypto.inc Log Message: Define OPENSSL_CPUID_OBJ in general CPPFLAGS instead of CRYPTOCPPFLAGS This is used in various parts of the distribution, defining it here avoids future problems with CPU-specific features not being detected. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 \ src/crypto/external/bsd/openssl/lib/libcrypto/crypto.inc \ src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/aarch64/crypto.inc cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/alpha/crypto.inc cvs rdiff -u -r1.10 -r1.11 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/crypto.inc cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/crypto.inc cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/crypto.inc cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/crypto.inc cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/crypto.inc cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc64/crypto.inc cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/vax/crypto.inc cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/crypto.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/crypto.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/crypto.inc:1.9 src/crypto/external/bsd/openssl/lib/libcrypto/crypto.inc:1.10 --- src/crypto/external/bsd/openssl/lib/libcrypto/crypto.inc:1.9 Sat Dec 8 22:35:44 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/crypto.inc Sat May 9 13:16:41 2020 @@ -1,4 +1,4 @@ -# $NetBSD: crypto.inc,v 1.9 2018/12/08 22:35:44 christos Exp $ +# $NetBSD: crypto.inc,v 1.10 2020/05/09 13:16:41 nia Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -37,7 +37,6 @@ SRCS += ${CRYPTO_SRCS} CRYPTO_SRCS+= mem_clr.c .else CRYPTO_SRCS+= ${CPUID_SRCS} -#CRYPTOCPPFLAGS=-DOPENSSL_CPUID_OBJ .endif CRYPTOCPPFLAGS+=-DOPENSSL_NO_STATIC_ENGINE Index: src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc:1.9 src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc:1.10 --- src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc:1.9 Sat May 9 12:20:50 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc Sat May 9 13:16:41 2020 @@ -1,4 +1,4 @@ -# $NetBSD: evp.inc,v 1.9 2020/05/09 12:20:50 nia Exp $ +# $NetBSD: evp.inc,v 1.10 2020/05/09 13:16:41 nia Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -85,7 +85,6 @@ EVP_AES_SRCS = e_aes.c .for cryptosrc in ${EVP_AES_SRCS} CPPFLAGS.${cryptosrc} += ${AESCPPFLAGS} -CPPFLAGS.${cryptosrc} += ${CRYPTOCPPFLAGS} .endfor CPPFLAGS.e_aes.c += -I${OPENSSLSRC}/crypto/modes Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/aarch64/crypto.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/aarch64/crypto.inc:1.4 src/crypto/external/bsd/openssl/lib/libcrypto/arch/aarch64/crypto.inc:1.5 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/aarch64/crypto.inc:1.4 Mon Sep 24 11:03:39 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/aarch64/crypto.inc Sat May 9 13:16:42 2020 @@ -1,9 +1,9 @@ .PATH.S: ${.PARSEDIR} CPUID_SRCS += arm64cpuid.S armcap.c -CRYPTOCPPFLAGS += -DOPENSSL_CPUID_OBJ CPUID = yes ARM_MAX_ARCH=8 CPPFLAGS += -D__ARM_MAX_ARCH__=${ARM_MAX_ARCH} +CPPFLAGS += -DOPENSSL_CPUID_OBJ CFLAGS+= ${${ACTIVE_CC} == "clang" :? -no-integrated-as :} .include "../../crypto.inc" Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/alpha/crypto.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/alpha/crypto.inc:1.2 src/crypto/external/bsd/openssl/lib/libcrypto/arch/alpha/crypto.inc:1.3
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto
Module Name:src Committed By: nia Date: Sat May 9 12:20:50 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto: evp.inc Log Message: Ensure that -DOPENSSL_CPUID_OBJ is passed when compiling AES EVP bits This way CPUs that support AES-NI actually get detected properly ;_; (... just one part of the puzzle) To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 \ src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc:1.8 src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc:1.9 --- src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc:1.8 Sun Sep 23 13:33:04 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc Sat May 9 12:20:50 2020 @@ -1,4 +1,4 @@ -# $NetBSD: evp.inc,v 1.8 2018/09/23 13:33:04 christos Exp $ +# $NetBSD: evp.inc,v 1.9 2020/05/09 12:20:50 nia Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -85,6 +85,7 @@ EVP_AES_SRCS = e_aes.c .for cryptosrc in ${EVP_AES_SRCS} CPPFLAGS.${cryptosrc} += ${AESCPPFLAGS} +CPPFLAGS.${cryptosrc} += ${CRYPTOCPPFLAGS} .endfor CPPFLAGS.e_aes.c += -I${OPENSSLSRC}/crypto/modes
CVS commit: src/crypto/external/bsd/netpgp/dist/src/netpgpverify
Module Name:src Committed By: agc Date: Mon May 4 00:18:34 UTC 2020 Modified Files: src/crypto/external/bsd/netpgp/dist/src/netpgpverify: Makefile.bsd b64.c b64.h bignum.c bn.h bzlib.c bzlib.h bzlib_private.h libverify.c rsa.c rsa.h verify.h zlib.c zlib.h Log Message: Bring over changes from source of truth in pkgsrc - bump version to 20200503 Update netpgpverify and libnetpgpverify to version 20200503 ensure all exported functions use a unique prfix, so that they don't conflict with symbols (both data and text) in libcrypto. this works for statically linked binaries and libraries, rather then the version map which only works for dynalically-linked. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.c \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.h \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib.h \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/zlib.h cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bignum.c cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bn.h \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib_private.h \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.c cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib.c cvs rdiff -u -r1.14 -r1.15 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.h \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/zlib.c cvs rdiff -u -r1.10 -r1.11 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd:1.7 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd:1.8 --- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd:1.7 Mon Apr 17 19:50:28 2017 +++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd Mon May 4 00:18:34 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.bsd,v 1.7 2017/04/17 19:50:28 agc Exp $ +# $NetBSD: Makefile.bsd,v 1.8 2020/05/04 00:18:34 agc Exp $ PROG=netpgpverify @@ -12,6 +12,11 @@ SRCS+= md5c.c rmd160.c sha1.c sha2.c CPPFLAGS+=-I. +CPPFLAGS.bzlib.c+= -Wno-error=implicit-fallthrough +CPPFLAGS.zlib.c+= -Wno-error=implicit-fallthrough + +LDFLAGS+=-Wl,--version-script=${.CURDIR}/verify.map + .ifndef PRODUCTION CPPFLAGS+=-g -O0 LDFLAGS+=-g -O0 Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.c diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.c:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.c:1.2 --- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.c:1.1 Sun Mar 9 00:15:45 2014 +++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.c Mon May 4 00:18:34 2020 @@ -235,7 +235,7 @@ encodeblock(uint8_t *wordin, uint8_t *wo ** base64 encode a stream adding padding and line breaks as per spec. */ int -b64encode(const char *in, const size_t insize, void *vp, size_t outsize, int linesize) +netpgpv_b64encode(const char *in, const size_t insize, void *vp, size_t outsize, int linesize) { const char *inp; unsigned i; @@ -299,7 +299,7 @@ decodeblock(uint8_t wordin[4], uint8_t w ** decode a base64 encoded stream discarding padding, line breaks and noise */ int -b64decode(const char *in, const size_t insize, void *vp, size_t outsize) +netpgpv_b64decode(const char *in, const size_t insize, void *vp, size_t outsize) { const char *inp; unsigned wordlen; @@ -349,7 +349,7 @@ b64decode(const char *in, const size_t i /* return the encoded size for n bytes input */ int -b64_encsize(unsigned n) +netpgpv_b64_encsize(unsigned n) { return ((4 * n) / 3) + 4; } Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.h diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.h:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.h:1.2 --- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.h:1.1 Sun Mar 9 00:15:45 2014 +++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/b64.h Mon May 4 00:18:34 2020 @@ -25,8 +25,8 @@ #ifndef B64_H_ #define B64_H_ 20091223 -int b64encode(const char */*in*/, const size_t /*insize*/, void */*vp*/, size_t /*outsize*/, int /*linesize*/); -int b64decode(const char */*in*/, const size_t /*insize*/, void */*vp*/, size_t /*outsize*/); -int b64_encsize(unsigned /*n*/); +int netpgpv_b64encode(const char */*in*/, const size_t /*insize*/, void */*vp*/,
CVS commit: src/crypto/external/bsd/netpgp/lib/verify
Module Name:src Committed By: christos Date: Sun May 3 21:46:37 UTC 2020 Modified Files: src/crypto/external/bsd/netpgp/lib/verify: Makefile Added Files: src/crypto/external/bsd/netpgp/lib/verify: verify.map Log Message: Add a linker map to hide all the symbols the this library accidentally exported. In particular the following symbols: DSA_SIG_free DSA_SIG_new DSA_do_sign DSA_do_verify DSA_free DSA_new DSA_size RSA_check_key RSA_free RSA_generate_key RSA_new RSA_private_decrypt RSA_private_encrypt RSA_public_decrypt RSA_public_encrypt conflict with libcrypto and break pkg_add which links against both libraries. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/netpgp/lib/verify/Makefile cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/netpgp/lib/verify/verify.map Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/lib/verify/Makefile diff -u src/crypto/external/bsd/netpgp/lib/verify/Makefile:1.12 src/crypto/external/bsd/netpgp/lib/verify/Makefile:1.13 --- src/crypto/external/bsd/netpgp/lib/verify/Makefile:1.12 Sun Oct 13 03:28:05 2019 +++ src/crypto/external/bsd/netpgp/lib/verify/Makefile Sun May 3 17:46:37 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.12 2019/10/13 07:28:05 mrg Exp $ +# $NetBSD: Makefile,v 1.13 2020/05/03 21:46:37 christos Exp $ LIB=netpgpverify SRCS+=b64.c @@ -30,4 +30,6 @@ INCSDIR=/usr/include/netpgp COPTS+= ${${ACTIVE_CC} == "gcc":? -Wno-implicit-fallthrough :} COPTS.libverify.c+= ${GCC_NO_FORMAT_TRUNCATION} +LDFLAGS+=-Wl,--version-script=${.CURDIR}/verify.map + .include Added files: Index: src/crypto/external/bsd/netpgp/lib/verify/verify.map diff -u /dev/null src/crypto/external/bsd/netpgp/lib/verify/verify.map:1.1 --- /dev/null Sun May 3 17:46:37 2020 +++ src/crypto/external/bsd/netpgp/lib/verify/verify.map Sun May 3 17:46:37 2020 @@ -0,0 +1,17 @@ +NETPGPVERIFY_5_0 { +global: + pgpv_new; + pgpv_new_cursor; + pgpv_read_pubring; + pgpv_read_ssh_pubkeys; + pgpv_verify; + pgpv_get_verified; + pgpv_dump; + pgpv_get_entry; + pgpv_get_cursor_num; + pgpv_get_cursor_str; + pgpv_get_cursor_element; + pgpv_close; + pgpv_cursor_close; +local: *; +};
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/rand
Module Name:src Committed By: nia Date: Thu Apr 30 10:59:02 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/rand: rand_unix.c Log Message: Fix the detection of KERN_ARND by OpenSSL. Firstly, include the correct headers. Then, make sure that requests never exceed 256 bytes. Disable a hack for old FreeBSD versions, just in case it actually gets used. This should mean that OpenSSL doesn't ever fall back to reading from /dev/urandom. XXX pullup, XXX upstream. To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 \ src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c diff -u src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c:1.15 src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c:1.16 --- src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c:1.15 Sun Mar 22 00:53:07 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c Thu Apr 30 10:59:02 2020 @@ -26,12 +26,12 @@ # include # endif #endif -#if defined(__FreeBSD__) && !defined(OPENSSL_SYS_UEFI) +#if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(OPENSSL_SYS_UEFI) # include # include # include #endif -#if defined(__OpenBSD__) || defined(__NetBSD__) +#if defined(__OpenBSD__) # include #endif @@ -247,10 +247,12 @@ static ssize_t sysctl_random(char *buf, * when the sysctl returns long and we want to request something not a * multiple of longs, which should never be the case. */ +#if defined(__FreeBSD__) if (!ossl_assert(buflen % sizeof(long) == 0)) { errno = EINVAL; return -1; } +#endif /* * On NetBSD before 4.0 KERN_ARND was an alias for KERN_URND, and only @@ -268,7 +270,8 @@ static ssize_t sysctl_random(char *buf, mib[1] = KERN_ARND; do { -len = buflen; +/* On NetBSD, KERN_ARND fails if more than 256 bytes are requested */ +len = buflen > 256 ? 256 : buflen; if (sysctl(mib, 2, buf, , NULL, 0) == -1) return done > 0 ? done : -1; done += len;
CVS commit: src/crypto/external/bsd/openssl/dist
Module Name:src Committed By: christos Date: Fri Apr 24 19:37:09 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist: CHANGES NEWS README src/crypto/external/bsd/openssl/dist/apps: ocsp.c s_time.c src/crypto/external/bsd/openssl/dist/crypto/ec: ec_asn1.c ec_lib.c ecp_smpl.c src/crypto/external/bsd/openssl/dist/crypto/evp: e_aes.c src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c src/crypto/external/bsd/openssl/dist/ssl: t1_lib.c Log Message: merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssl/dist/CHANGES \ src/crypto/external/bsd/openssl/dist/NEWS \ src/crypto/external/bsd/openssl/dist/README cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssl/dist/apps/ocsp.c cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssl/dist/apps/s_time.c cvs rdiff -u -r1.9 -r1.10 \ src/crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c cvs rdiff -u -r1.8 -r1.9 \ src/crypto/external/bsd/openssl/dist/crypto/ec/ec_lib.c cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssl/dist/crypto/ec/ecp_smpl.c cvs rdiff -u -r1.22 -r1.23 \ src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c cvs rdiff -u -r1.19 -r1.20 \ src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/CHANGES diff -u src/crypto/external/bsd/openssl/dist/CHANGES:1.23 src/crypto/external/bsd/openssl/dist/CHANGES:1.24 --- src/crypto/external/bsd/openssl/dist/CHANGES:1.23 Sun Apr 5 17:53:44 2020 +++ src/crypto/external/bsd/openssl/dist/CHANGES Fri Apr 24 15:37:09 2020 @@ -7,6 +7,27 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1f and 1.1.1g [21 Apr 2020] + + *) Fixed segmentation fault in SSL_check_chain() + Server or client applications that call the SSL_check_chain() function + during or after a TLS 1.3 handshake may crash due to a NULL pointer + dereference as a result of incorrect handling of the + "signature_algorithms_cert" TLS extension. The crash occurs if an invalid + or unrecognised signature algorithm is received from the peer. This could + be exploited by a malicious peer in a Denial of Service attack. + (CVE-2020-1967) + [Benjamin Kaduk] + + *) Added AES consttime code for no-asm configurations + an optional constant time support for AES was added + when building openssl for no-asm. + Enable with: ./config no-asm -DOPENSSL_AES_CONST_TIME + Disable with: ./config no-asm -DOPENSSL_NO_AES_CONST_TIME + At this time this feature is by default disabled. + It will be enabled by default in 3.0. + [Bernd Edlinger] + Changes between 1.1.1e and 1.1.1f [31 Mar 2020] *) Revert the change of EOF detection while reading in libssl to avoid Index: src/crypto/external/bsd/openssl/dist/NEWS diff -u src/crypto/external/bsd/openssl/dist/NEWS:1.23 src/crypto/external/bsd/openssl/dist/NEWS:1.24 --- src/crypto/external/bsd/openssl/dist/NEWS:1.23 Sun Apr 5 17:53:44 2020 +++ src/crypto/external/bsd/openssl/dist/NEWS Fri Apr 24 15:37:09 2020 @@ -5,6 +5,10 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.1.1f and OpenSSL 1.1.1g [21 Apr 2020] + + o Fixed segmentation fault in SSL_check_chain() (CVE-2020-1967) + Major changes between OpenSSL 1.1.1e and OpenSSL 1.1.1f [31 Mar 2020] o Revert the unexpected EOF reporting via SSL_ERROR_SSL Index: src/crypto/external/bsd/openssl/dist/README diff -u src/crypto/external/bsd/openssl/dist/README:1.23 src/crypto/external/bsd/openssl/dist/README:1.24 --- src/crypto/external/bsd/openssl/dist/README:1.23 Sun Apr 5 17:53:44 2020 +++ src/crypto/external/bsd/openssl/dist/README Fri Apr 24 15:37:09 2020 @@ -1,5 +1,5 @@ - OpenSSL 1.1.1f 31 Mar 2020 + OpenSSL 1.1.1g 21 Apr 2020 Copyright (c) 1998-2020 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Index: src/crypto/external/bsd/openssl/dist/apps/ocsp.c diff -u src/crypto/external/bsd/openssl/dist/apps/ocsp.c:1.21 src/crypto/external/bsd/openssl/dist/apps/ocsp.c:1.22 --- src/crypto/external/bsd/openssl/dist/apps/ocsp.c:1.21 Sat Mar 21 20:53:02 2020 +++ src/crypto/external/bsd/openssl/dist/apps/ocsp.c Fri Apr 24 15:37:09 2020 @@ -1,5 +1,5 @@ /* - * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a
CVS commit: src/crypto/external/bsd/netpgp/dist
Module Name:src Committed By: jhigh Date: Sat Apr 18 19:27:49 UTC 2020 Modified Files: src/crypto/external/bsd/netpgp/dist: configure.ac src/crypto/external/bsd/netpgp/dist/src/lib: config.h.in misc.c symmetric.c Log Message: added blowfish symmetric cipher per RFC4880 9.2 To generate a diff of this commit: cvs rdiff -u -r1.42 -r1.43 src/crypto/external/bsd/netpgp/dist/configure.ac cvs rdiff -u -r1.17 -r1.18 \ src/crypto/external/bsd/netpgp/dist/src/lib/config.h.in cvs rdiff -u -r1.42 -r1.43 src/crypto/external/bsd/netpgp/dist/src/lib/misc.c cvs rdiff -u -r1.18 -r1.19 \ src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/configure.ac diff -u src/crypto/external/bsd/netpgp/dist/configure.ac:1.42 src/crypto/external/bsd/netpgp/dist/configure.ac:1.43 --- src/crypto/external/bsd/netpgp/dist/configure.ac:1.42 Sun Mar 9 00:33:50 2014 +++ src/crypto/external/bsd/netpgp/dist/configure.ac Sat Apr 18 19:27:49 2020 @@ -1,10 +1,10 @@ -# $NetBSD: configure.ac,v 1.42 2014/03/09 00:33:50 agc Exp $ +# $NetBSD: configure.ac,v 1.43 2020/04/18 19:27:49 jhigh Exp $ # # Process this file with autoconf to produce a configure script. AC_INIT([netpgp],[20140220],[Alistair Crooks c0596823]) AC_PREREQ(2.69) -AC_REVISION([$Revision: 1.42 $]) +AC_REVISION([$Revision: 1.43 $]) AS_SHELL_SANITIZE @@ -60,7 +60,7 @@ AC_CHECK_HEADERS([dmalloc.h direct.h err AC_CHECK_HEADERS([openssl/aes.h openssl/bn.h openssl/camellia.h openssl/cast.h \ openssl/des.h openssl/dsa.h openssl/err.h openssl/idea.h \ openssl/md5.h openssl/rand.h openssl/rsa.h openssl/sha.h \ - openssl/err.h openssl/sha.h]) + openssl/err.h openssl/sha.h openssl/blowfish.h]) AC_CHECK_HEADERS([sys/cdefs.h sys/file.h sys/mman.h sys/param.h \ sys/resource.h sys/uio.h]) Index: src/crypto/external/bsd/netpgp/dist/src/lib/config.h.in diff -u src/crypto/external/bsd/netpgp/dist/src/lib/config.h.in:1.17 src/crypto/external/bsd/netpgp/dist/src/lib/config.h.in:1.18 --- src/crypto/external/bsd/netpgp/dist/src/lib/config.h.in:1.17 Mon Feb 17 06:38:07 2014 +++ src/crypto/external/bsd/netpgp/dist/src/lib/config.h.in Sat Apr 18 19:27:48 2020 @@ -39,6 +39,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_OPENSSL_AES_H +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_BLOWFISH_H + /* Define to 1 if you have the header file. */ #undef HAVE_OPENSSL_BN_H @@ -120,8 +123,7 @@ /* Define to 1 if you have the header file. */ #undef HAVE_ZLIB_H -/* Define to the sub-directory in which libtool stores uninstalled libraries. - */ +/* Define to the sub-directory where libtool stores uninstalled libraries. */ #undef LT_OBJDIR /* Name of package */ Index: src/crypto/external/bsd/netpgp/dist/src/lib/misc.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.42 src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.43 --- src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.42 Tue Nov 13 14:52:30 2018 +++ src/crypto/external/bsd/netpgp/dist/src/lib/misc.c Sat Apr 18 19:27:48 2020 @@ -57,7 +57,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: misc.c,v 1.42 2018/11/13 14:52:30 mlelstv Exp $"); +__RCSID("$NetBSD: misc.c,v 1.43 2020/04/18 19:27:48 jhigh Exp $"); #endif #include @@ -816,6 +816,7 @@ static str2cipher_t str2cipher[] = { { "idea", PGP_SA_IDEA }, { "aes128", PGP_SA_AES_128 }, { "aes256", PGP_SA_AES_256 }, + { "blowfish", PGP_SA_BLOWFISH }, { "camellia128", PGP_SA_CAMELLIA_128 }, { "camellia256", PGP_SA_CAMELLIA_256 }, { "tripledes", PGP_SA_TRIPLEDES }, Index: src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c:1.18 src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c:1.19 --- src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c:1.18 Sun Nov 7 08:39:59 2010 +++ src/crypto/external/bsd/netpgp/dist/src/lib/symmetric.c Sat Apr 18 19:27:48 2020 @@ -54,7 +54,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: symmetric.c,v 1.18 2010/11/07 08:39:59 agc Exp $"); +__RCSID("$NetBSD: symmetric.c,v 1.19 2020/04/18 19:27:48 jhigh Exp $"); #endif #include "crypto.h" @@ -82,6 +82,10 @@ __RCSID("$NetBSD: symmetric.c,v 1.18 201 #include #endif +#ifdef HAVE_OPENSSL_BLOWFISH_H +#include +#endif + #include "crypto.h" #include "netpgpdefs.h" @@ -192,6 +196,81 @@ static pgp_crypt_t cast5 = TRAILER }; +#ifdef HAVE_OPENSSL_BLOWFISH_H + +/* RFC 4880 9.2 Blowfish 128 */ +#define BLOWFISH_KEY_LENGTH 16 + +static int +blowfish_init(pgp_crypt_t *crypt) +{ +if (crypt->encrypt_key) { +
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64
Module Name:src Committed By: christos Date: Wed Apr 15 21:29:28 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64: sha.inc Log Message: Switch sha3 to the assembly version (fix the build) To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc:1.1 src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc:1.2 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc:1.1 Sat Oct 15 08:19:02 2016 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/sha.inc Wed Apr 15 17:29:28 2020 @@ -1,6 +1,7 @@ .PATH.S: ${.PARSEDIR} -SHA_SRCS = sha1-ppc.S -SHACPPFLAGS = -DSHA1_ASM +SHA_SRCS = sha1-ppc.S keccak1600-ppc64.S keccak1600.c +SHACPPFLAGS = -DSHA1_ASM -DKECCAK1600_ASM +KECCAKNI = yes .if NOT_USING_SHAXXX_FROM_LIBC SHA_SRCS += sha512-ppc.S sha512p8-ppc.S SHA_SRCS += sha256-ppc.S sha256p8-ppc.S
CVS commit: src/crypto/external/bsd/openssl
Module Name:src Committed By: christos Date: Sat Apr 11 22:41:06 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto: ppccap.c src/crypto/external/bsd/openssl/dist/crypto/sha: keccak1600.c src/crypto/external/bsd/openssl/dist/crypto/sha/asm: keccak1600-ppc64.pl keccak1600p8-ppc.pl src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc: keccak1600p8-ppc.S sha.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64: keccak1600-ppc64.S keccak1600p8-ppc.S Log Message: We can only use the SHA3 assembly routines if we have VSX To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c cvs rdiff -u -r1.1.1.2 -r1.2 \ src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c cvs rdiff -u -r1.1.1.2 -r1.2 \ src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl \ src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600p8-ppc.pl cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/keccak1600p8-ppc.S cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc/sha.inc cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600-ppc64.S \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/powerpc64/keccak1600p8-ppc.S Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/ppccap.c diff -u src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.12 src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.13 --- src/crypto/external/bsd/openssl/dist/crypto/ppccap.c:1.12 Sat Mar 21 20:53:02 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/ppccap.c Sat Apr 11 18:41:06 2020 @@ -160,6 +160,37 @@ void ecp_nistz256_from_mont(unsigned lon } #endif +size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len, +size_t r); +void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r); + +size_t SHA3_absorb_default(uint64_t A[5][5], const unsigned char *inp, +size_t len, size_t r); +void SHA3_squeeze_default(uint64_t A[5][5], unsigned char *out, size_t len, +size_t r); + +size_t SHA3_absorb_vsx(uint64_t A[5][5], const unsigned char *inp, +size_t len, size_t r); +void SHA3_squeeze_vsx(uint64_t A[5][5], unsigned char *out, size_t len, +size_t r); + +size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len, +size_t r) +{ +return OPENSSL_ppccap_P & PPC_CRYPTO207 +? SHA3_absorb_vsx(A, inp, len, r) +: SHA3_absorb_default(A, inp, len, r); +} + +void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r) +{ +OPENSSL_ppccap_P & PPC_CRYPTO207 +? SHA3_absorb_vsx(A, out, len, r) +: SHA3_squeeze_default(A, out, len, r); +} + + + static sigjmp_buf ill_jmp; static void ill_handler(int sig) { Index: src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c diff -u src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c:1.1.1.2 src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c:1.2 --- src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c:1.1.1.2 Sun Jun 9 13:47:44 2019 +++ src/crypto/external/bsd/openssl/dist/crypto/sha/keccak1600.c Sat Apr 11 18:41:06 2020 @@ -11,6 +11,12 @@ #include #include +#ifdef __powerpc__ +#define SHA3_absorb SHA3_absorb_default +#define SHA3_squeeze SHA3_squeeze_default +#undef KECCAK1600_ASM +#endif + size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len, size_t r); void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t r); Index: src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl diff -u src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl:1.1.1.2 src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl:1.2 --- src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl:1.1.1.2 Sat Mar 21 20:49:11 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/sha/asm/keccak1600-ppc64.pl Sat Apr 11 18:41:06 2020 @@ -405,10 +405,10 @@ dword_le_load: .long 0 .size dword_le_load,.-dword_le_load -.globl SHA3_absorb -.type SHA3_absorb,\@function +.globl SHA3_absorb_vsx +.type SHA3_absorb_vsx,\@function .align 5 -SHA3_absorb: +SHA3_absorb_vsx: $STU $sp,-$FRAME($sp) mflr r0 $PUSH r14,`$FRAME-$SIZE_T*18`($sp) @@ -627,15 +627,15 @@ SHA3_absorb: .long 0 .byte 0,12,4,1,0x80,18,4,0 .long 0 -.size SHA3_absorb,.-SHA3_absorb +.size SHA3_absorb_vsx,.-SHA3_absorb_vsx ___ { my ($A_flat,$out,$len,$bsz) = map("r$_",(28..31)); $code.=<<___; -.globl SHA3_squeeze -.type SHA3_squeeze,\@function +.globl SHA3_squeeze_vsx +.type SHA3_squeeze_vsx,\@function .align 5 -SHA3_squeeze:
CVS commit: src/crypto/external/bsd/openssl/dist
Module Name:src Committed By: christos Date: Sun Apr 5 21:53:45 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist: CHANGES NEWS README src/crypto/external/bsd/openssl/dist/apps: s_server.c src/crypto/external/bsd/openssl/dist/crypto: ex_data.c src/crypto/external/bsd/openssl/dist/crypto/x509: x509_vfy.c src/crypto/external/bsd/openssl/dist/ssl: ssl_err.c Log Message: merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 src/crypto/external/bsd/openssl/dist/CHANGES \ src/crypto/external/bsd/openssl/dist/NEWS \ src/crypto/external/bsd/openssl/dist/README cvs rdiff -u -r1.22 -r1.23 \ src/crypto/external/bsd/openssl/dist/apps/s_server.c cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/openssl/dist/crypto/ex_data.c cvs rdiff -u -r1.18 -r1.19 \ src/crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssl/dist/ssl/ssl_err.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/CHANGES diff -u src/crypto/external/bsd/openssl/dist/CHANGES:1.22 src/crypto/external/bsd/openssl/dist/CHANGES:1.23 --- src/crypto/external/bsd/openssl/dist/CHANGES:1.22 Sat Mar 21 20:53:02 2020 +++ src/crypto/external/bsd/openssl/dist/CHANGES Sun Apr 5 17:53:44 2020 @@ -7,6 +7,24 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1e and 1.1.1f [31 Mar 2020] + + *) Revert the change of EOF detection while reading in libssl to avoid + regressions in applications depending on the current way of reporting + the EOF. As the existing method is not fully accurate the change to + reporting the EOF via SSL_ERROR_SSL is kept on the current development + branch and will be present in the 3.0 release. + [Tomas Mraz] + + *) Revised BN_generate_prime_ex to not avoid factors 3..17863 in p-1 + when primes for RSA keys are computed. + Since we previously always generated primes == 2 (mod 3) for RSA keys, + the 2-prime and 3-prime RSA modules were easy to distinguish, since + N = p*q = 1 (mod 3), but N = p*q*r = 2 (mod 3). Therefore fingerprinting + 2-prime vs. 3-prime RSA keys was possible by computing N mod 3. + This avoids possible fingerprinting of newly generated RSA modules. + [Bernd Edlinger] + Changes between 1.1.1d and 1.1.1e [17 Mar 2020] *) Properly detect EOF while reading in libssl. Previously if we hit an EOF while reading in libssl then we would report an error back to the Index: src/crypto/external/bsd/openssl/dist/NEWS diff -u src/crypto/external/bsd/openssl/dist/NEWS:1.22 src/crypto/external/bsd/openssl/dist/NEWS:1.23 --- src/crypto/external/bsd/openssl/dist/NEWS:1.22 Sat Mar 21 20:53:02 2020 +++ src/crypto/external/bsd/openssl/dist/NEWS Sun Apr 5 17:53:44 2020 @@ -5,10 +5,16 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.1.1e and OpenSSL 1.1.1f [31 Mar 2020] + + o Revert the unexpected EOF reporting via SSL_ERROR_SSL + Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020] o Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (CVE-2019-1551) + o Properly detect unexpected EOF while reading in libssl and report +it via SSL_ERROR_SSL Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019] Index: src/crypto/external/bsd/openssl/dist/README diff -u src/crypto/external/bsd/openssl/dist/README:1.22 src/crypto/external/bsd/openssl/dist/README:1.23 --- src/crypto/external/bsd/openssl/dist/README:1.22 Sat Mar 21 20:53:02 2020 +++ src/crypto/external/bsd/openssl/dist/README Sun Apr 5 17:53:44 2020 @@ -1,7 +1,7 @@ - OpenSSL 1.1.1e 17 Mar 2020 + OpenSSL 1.1.1f 31 Mar 2020 - Copyright (c) 1998-2019 The OpenSSL Project + Copyright (c) 1998-2020 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson All rights reserved. Index: src/crypto/external/bsd/openssl/dist/apps/s_server.c diff -u src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.22 src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.23 --- src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.22 Sun Mar 22 16:01:48 2020 +++ src/crypto/external/bsd/openssl/dist/apps/s_server.c Sun Apr 5 17:53:44 2020 @@ -1,5 +1,5 @@ /* - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * Copyright 2005 Nokia. All rights reserved. * @@ -1904,7 +1904,7 @@ int s_server_main(int argc, char *argv[] BIO_printf(bio_s_out,
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/md4
Module Name:src Committed By: christos Date: Sun Mar 29 14:58:22 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/md4: md4_dgst.c Log Message: restore previous unsigned change. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 \ src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c diff -u src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c:1.8 src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c:1.9 --- src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c:1.8 Sat Mar 21 20:53:06 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c Sun Mar 29 10:58:22 2020 @@ -37,7 +37,7 @@ int MD4_Init(MD4_CTX *c) void md4_block_data_order(MD4_CTX *c, const void *data_, size_t num) { const unsigned char *data = data_; -register MD32_REG_T A, B, C, D, l; +register unsigned MD32_REG_T A, B, C, D, l; # ifndef MD32_XARRAY /* See comment in crypto/sha/sha_local.h for details. */ unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
CVS commit: src/crypto/external/bsd/openssl/dist/test/testutil
Module Name:src Committed By: joerg Date: Mon Mar 23 22:21:34 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/test/testutil: format_output.c main.c output.h tests.c Log Message: Fix format string usage. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/openssl/dist/test/testutil/format_output.c \ src/crypto/external/bsd/openssl/dist/test/testutil/main.c \ src/crypto/external/bsd/openssl/dist/test/testutil/tests.c cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssl/dist/test/testutil/output.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/test/testutil/format_output.c diff -u src/crypto/external/bsd/openssl/dist/test/testutil/format_output.c:1.4 src/crypto/external/bsd/openssl/dist/test/testutil/format_output.c:1.5 --- src/crypto/external/bsd/openssl/dist/test/testutil/format_output.c:1.4 Sun Mar 22 00:53:11 2020 +++ src/crypto/external/bsd/openssl/dist/test/testutil/format_output.c Mon Mar 23 22:21:34 2020 @@ -31,9 +31,9 @@ static void test_diff_header(const char static void test_string_null_empty(const char *m, char c) { if (m == NULL) -test_printf_stderr("% 4s %c NULL\n", "", c); +test_printf_stderr("%4s %c NULL\n", "", c); else -test_printf_stderr("% 4u:%c ''\n", 0u, c); +test_printf_stderr("%4u:%c ''\n", 0u, c); } static void test_fail_string_common(const char *prefix, const char *file, @@ -94,18 +94,18 @@ static void test_fail_string_common(cons bdiff[i] = '\0'; } if (n1 == n2 && !diff) { -test_printf_stderr("% 4u: '%s'\n", cnt, n2 > n1 ? b2 : b1); +test_printf_stderr("%4u: '%s'\n", cnt, n2 > n1 ? b2 : b1); } else { if (cnt == 0 && (m1 == NULL || *m1 == '\0')) test_string_null_empty(m1, '-'); else if (n1 > 0) -test_printf_stderr("% 4u:- '%s'\n", cnt, b1); +test_printf_stderr("%4u:- '%s'\n", cnt, b1); if (cnt == 0 && (m2 == NULL || *m2 == '\0')) test_string_null_empty(m2, '+'); else if (n2 > 0) -test_printf_stderr("% 4u:+ '%s'\n", cnt, b2); +test_printf_stderr("%4u:+ '%s'\n", cnt, b2); if (diff && i > 0) -test_printf_stderr("% 4s%s\n", "", bdiff); +test_printf_stderr("%4s%s\n", "", bdiff); } m1 += n1; m2 += n2; @@ -410,7 +410,7 @@ void test_output_bignum(const char *name static void test_memory_null_empty(const unsigned char *m, char c) { if (m == NULL) -test_printf_stderr("% 4s %c%s\n", "", c, "NULL"); +test_printf_stderr("%4s %c%s\n", "", c, "NULL"); else test_printf_stderr("%04x %c%s\n", 0u, c, "empty"); } @@ -494,7 +494,7 @@ static void test_fail_memory_common(cons else if (n2 > 0) test_printf_stderr("%04x:+%s\n", cnt, b2); if (diff && i > 0) -test_printf_stderr("% 4s %s\n", "", bdiff); +test_printf_stderr("%4s %s\n", "", bdiff); } m1 += n1; m2 += n2; Index: src/crypto/external/bsd/openssl/dist/test/testutil/main.c diff -u src/crypto/external/bsd/openssl/dist/test/testutil/main.c:1.4 src/crypto/external/bsd/openssl/dist/test/testutil/main.c:1.5 --- src/crypto/external/bsd/openssl/dist/test/testutil/main.c:1.4 Sun Mar 22 00:53:11 2020 +++ src/crypto/external/bsd/openssl/dist/test/testutil/main.c Mon Mar 23 22:21:34 2020 @@ -25,7 +25,7 @@ static void check_arg_usage(void) for (i = 0; i < n; i++) if (!arg_used[i+1]) -test_printf_stderr("Warning ignored command-line argument %d: %s\n", +test_printf_stderr("Warning ignored command-line argument %zu: %s\n", i, args[i+1]); if (i < arg_count) test_printf_stderr("Warning arguments %zu and later unchecked\n", i); Index: src/crypto/external/bsd/openssl/dist/test/testutil/tests.c diff -u src/crypto/external/bsd/openssl/dist/test/testutil/tests.c:1.4 src/crypto/external/bsd/openssl/dist/test/testutil/tests.c:1.5 --- src/crypto/external/bsd/openssl/dist/test/testutil/tests.c:1.4 Sun Mar 22 00:53:11 2020 +++ src/crypto/external/bsd/openssl/dist/test/testutil/tests.c Mon Mar 23 22:21:34 2020 @@ -72,6 +72,7 @@ static void test_fail_message(const char const char *fmt, ...) PRINTF_FORMAT(8, 9); +PRINTF_FORMAT(8, 0) static void test_fail_message_va(const char *prefix, const char *file, int line, const char *type, const char *left, const char *right, Index: src/crypto/external/bsd/openssl/dist/test/testutil/output.h diff -u
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/sha
Module Name:src Committed By: christos Date: Sun Mar 22 20:16:49 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/sha: sha256.c Log Message: reduce diff with upstream To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 \ src/crypto/external/bsd/openssl/dist/crypto/sha/sha256.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/sha/sha256.c diff -u src/crypto/external/bsd/openssl/dist/crypto/sha/sha256.c:1.9 src/crypto/external/bsd/openssl/dist/crypto/sha/sha256.c:1.10 --- src/crypto/external/bsd/openssl/dist/crypto/sha/sha256.c:1.9 Sat Mar 21 20:53:08 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/sha/sha256.c Sun Mar 22 16:16:49 2020 @@ -168,7 +168,7 @@ static const SHA_LONG K256[64] = { static void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num) { -MD32_REG_T a, b, c, d, e, f, g, h, s0, s1, T1, T2; +unsigned MD32_REG_T a, b, c, d, e, f, g, h, s0, s1, T1, T2; SHA_LONG X[16], l; int i; const unsigned char *data = in; @@ -246,7 +246,7 @@ static void sha256_block_data_order(SHA2 static void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num) { -MD32_REG_T a, b, c, d, e, f, g, h, s0, s1, T1; +unsigned MD32_REG_T a, b, c, d, e, f, g, h, s0, s1, T1; SHA_LONG X[16]; int i; const unsigned char *data = in;
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/ripemd
Module Name:src Committed By: christos Date: Sun Mar 22 20:15:30 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/ripemd: rmd_dgst.c Log Message: reduce diff with upstream To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 \ src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c diff -u src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c:1.8 src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c:1.9 --- src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c:1.8 Sat Mar 21 20:53:08 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c Sun Mar 22 16:15:29 2020 @@ -36,8 +36,8 @@ int RIPEMD160_Init(RIPEMD160_CTX *c) void ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *p, size_t num) { const unsigned char *data = p; -register MD32_REG_T A, B, C, D, E; -MD32_REG_T a, b, c, d, e, l; +register unsigned MD32_REG_T A, B, C, D, E; +unsigned MD32_REG_T a, b, c, d, e, l; # ifndef MD32_XARRAY /* See comment in crypto/sha/sha_local.h for details. */ unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/md5
Module Name:src Committed By: christos Date: Sun Mar 22 20:13:15 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/md5: md5_dgst.c Log Message: reduce diff with upstream To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/openssl/dist/crypto/md5/md5_dgst.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/md5/md5_dgst.c diff -u src/crypto/external/bsd/openssl/dist/crypto/md5/md5_dgst.c:1.6 src/crypto/external/bsd/openssl/dist/crypto/md5/md5_dgst.c:1.7 --- src/crypto/external/bsd/openssl/dist/crypto/md5/md5_dgst.c:1.6 Sat Mar 21 20:53:06 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/md5/md5_dgst.c Sun Mar 22 16:13:15 2020 @@ -37,7 +37,7 @@ int MD5_Init(MD5_CTX *c) void md5_block_data_order(MD5_CTX *c, const void *data_, size_t num) { const unsigned char *data = data_; -register MD32_REG_T A, B, C, D, l; +register unsigned MD32_REG_T A, B, C, D, l; # ifndef MD32_XARRAY /* See comment in crypto/sha/sha_local.h for details. */ unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/evp
Module Name:src Committed By: christos Date: Sun Mar 22 20:09:17 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/evp: e_aes.c Log Message: reduce diff with upstream. To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 \ src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c diff -u src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c:1.21 src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c:1.22 --- src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c:1.21 Sun Mar 22 16:05:29 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c Sun Mar 22 16:09:17 2020 @@ -2551,7 +2551,7 @@ const EVP_CIPHER *EVP_aes_##keylen##_##m #if defined(OPENSSL_CPUID_OBJ) && defined(AES_ASM) && (defined(__arm__) || defined(__arm) || defined(__aarch64__)) # include "arm_arch.h" -# if __ARM_MAX_ARCH__>= 7 +# if __ARM_MAX_ARCH__>=7 # if defined(BSAES_ASM) # define BSAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON) # endif @@ -2559,7 +2559,7 @@ const EVP_CIPHER *EVP_aes_##keylen##_##m # define VPAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON) # endif # endif -# if __ARM_MAX_ARCH__>= 8 +# if __ARM_MAX_ARCH__>=8 # define HWAES_CAPABLE (OPENSSL_armcap_P & ARMV8_AES) # define HWAES_set_encrypt_key aes_v8_set_encrypt_key # define HWAES_set_decrypt_key aes_v8_set_decrypt_key
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/bio
Module Name:src Committed By: christos Date: Sun Mar 22 20:07:05 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/bio: bss_log.c Log Message: eliminate diff with upstream. To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c diff -u src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c:1.11 src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c:1.12 --- src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c:1.11 Sat Mar 21 20:53:03 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/bio/bss_log.c Sun Mar 22 16:07:05 2020 @@ -97,7 +97,7 @@ static const BIO_METHOD methods_slg = { slg_ctrl, slg_new, slg_free, -NULL, +NULL, /* slg_callback_ctrl */ }; const BIO_METHOD *BIO_s_log(void)
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/evp
Module Name:src Committed By: christos Date: Sun Mar 22 20:05:29 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/evp: e_aes.c Log Message: put back removed code To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 \ src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c diff -u src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c:1.20 src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c:1.21 --- src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c:1.20 Sat Mar 21 20:53:05 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c Sun Mar 22 16:05:29 2020 @@ -2801,6 +2801,8 @@ static int aes_cfb1_cipher(EVP_CIPHER_CT EVP_CIPHER_CTX_encrypting(ctx), dat->block); EVP_CIPHER_CTX_set_num(ctx, num); len -= MAXBITCHUNK; +out += MAXBITCHUNK; +in += MAXBITCHUNK; } if (len) { int num = EVP_CIPHER_CTX_num(ctx);
CVS commit: src/crypto/external/bsd/openssl/dist/apps
Module Name:src Committed By: christos Date: Sun Mar 22 20:01:48 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/apps: s_server.c Log Message: add back missing goto; To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 \ src/crypto/external/bsd/openssl/dist/apps/s_server.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/apps/s_server.c diff -u src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.21 src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.22 --- src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.21 Sun Mar 22 15:56:07 2020 +++ src/crypto/external/bsd/openssl/dist/apps/s_server.c Sun Mar 22 16:01:48 2020 @@ -1809,6 +1809,7 @@ int s_server_main(int argc, char *argv[] goto end; if (max_version != 0 && SSL_CTX_set_max_proto_version(ctx, max_version) == 0) +goto end; if (session_id_prefix) { if (strlen(session_id_prefix) >= 32)
CVS commit: src/crypto/external/bsd/openssl/dist/apps
Module Name:src Committed By: christos Date: Sun Mar 22 19:56:07 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/apps: s_client.c s_server.c Log Message: always use fdin To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 \ src/crypto/external/bsd/openssl/dist/apps/s_client.c cvs rdiff -u -r1.20 -r1.21 \ src/crypto/external/bsd/openssl/dist/apps/s_server.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/apps/s_client.c diff -u src/crypto/external/bsd/openssl/dist/apps/s_client.c:1.21 src/crypto/external/bsd/openssl/dist/apps/s_client.c:1.22 --- src/crypto/external/bsd/openssl/dist/apps/s_client.c:1.21 Sat Mar 21 20:53:02 2020 +++ src/crypto/external/bsd/openssl/dist/apps/s_client.c Sun Mar 22 15:56:07 2020 @@ -2804,7 +2804,7 @@ int s_client_main(int argc, char **argv) * set the flag so we exit. */ if (read_tty && !at_eof) -openssl_fdset(fileno_stdin(), ); +openssl_fdset(fdin, ); #if !defined(OPENSSL_SYS_VMS) if (write_tty) openssl_fdset(fdout, ); Index: src/crypto/external/bsd/openssl/dist/apps/s_server.c diff -u src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.20 src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.21 --- src/crypto/external/bsd/openssl/dist/apps/s_server.c:1.20 Sat Mar 21 20:53:02 2020 +++ src/crypto/external/bsd/openssl/dist/apps/s_server.c Sun Mar 22 15:56:07 2020 @@ -2423,7 +2423,7 @@ static int sv_body(int s, int stype, int } FD_ZERO(); #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) -openssl_fdset(fileno_stdin(), ); +openssl_fdset(fdin, ); #endif openssl_fdset(s, ); /*
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc
Module Name:src Committed By: christos Date: Sun Mar 22 17:35:29 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc: sparccap.c Log Message: cryptlib header moved To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/sparccap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/sparccap.c diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/sparccap.c:1.3 src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/sparccap.c:1.4 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/sparccap.c:1.3 Mon Sep 24 16:36:51 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/sparc/sparccap.c Sun Mar 22 13:35:29 2020 @@ -1,5 +1,5 @@ #include "e_os.h" -#include "internal/cryptlib_int.h" +#include "crypto/cryptlib.h" uint32_t OPENSSL_rdtsc(void) {
CVS commit: src/crypto/external/bsd/openssl/dist/include/openssl
Module Name:src Committed By: christos Date: Sun Mar 22 02:30:16 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/include/openssl: safestack.h Log Message: Add more casts. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/openssl/dist/include/openssl/safestack.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/include/openssl/safestack.h diff -u src/crypto/external/bsd/openssl/dist/include/openssl/safestack.h:1.5 src/crypto/external/bsd/openssl/dist/include/openssl/safestack.h:1.6 --- src/crypto/external/bsd/openssl/dist/include/openssl/safestack.h:1.5 Sat Mar 21 20:53:10 2020 +++ src/crypto/external/bsd/openssl/dist/include/openssl/safestack.h Sat Mar 21 22:30:15 2020 @@ -28,7 +28,7 @@ extern "C" { { \ return OPENSSL_sk_num((const OPENSSL_STACK *)(const void *)sk); \ } \ -static ossl_unused ossl_inline t2 *sk_##t1##_value(const STACK_OF(t1) *sk, int idx) \ +static ossl_unused ossl_inline t2 *sk_##t1##_value(const STACK_OF(t1)*sk, int idx) \ { \ return (t2 *)(void *)OPENSSL_sk_value((const OPENSSL_STACK *)(const void *)sk, idx); \ } \ @@ -42,11 +42,11 @@ extern "C" { } \ static ossl_unused ossl_inline STACK_OF(t1) *sk_##t1##_new_reserve(sk_##t1##_compfunc compare, int n) \ { \ -return (STACK_OF(t1) *)OPENSSL_sk_new_reserve((OPENSSL_sk_compfunc)compare, n); \ +return (STACK_OF(t1) *)(void *)OPENSSL_sk_new_reserve((OPENSSL_sk_compfunc)compare, n); \ } \ static ossl_unused ossl_inline int sk_##t1##_reserve(STACK_OF(t1) *sk, int n) \ { \ -return OPENSSL_sk_reserve((OPENSSL_STACK *)sk, n); \ +return OPENSSL_sk_reserve((OPENSSL_STACK *)(void *)sk, n); \ } \ static ossl_unused ossl_inline void sk_##t1##_free(STACK_OF(t1) *sk) \ { \
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: jhigh Date: Sat Mar 21 01:07:21 UTC 2020 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: netpgp.c Log Message: cleanly fail initialization on empty keyring To generate a diff of this commit: cvs rdiff -u -r1.102 -r1.103 \ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.102 src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.103 --- src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.102 Tue Nov 13 14:52:30 2018 +++ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Sat Mar 21 01:07:21 2020 @@ -34,7 +34,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: netpgp.c,v 1.102 2018/11/13 14:52:30 mlelstv Exp $"); +__RCSID("$NetBSD: netpgp.c,v 1.103 2020/03/21 01:07:21 jhigh Exp $"); #endif #include @@ -429,7 +429,7 @@ get_first_ring(pgp_keyring_t *ring, char int i; int n; - if (ring == NULL) { + if (ring == NULL || ring->keyc == 0) { return 0; } (void) memset(id, 0x0, len);
CVS commit: src/crypto/external/bsd/openssh/libexec/ssh-sk-helper
Module Name:src Committed By: christos Date: Wed Mar 4 17:30:40 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/libexec/ssh-sk-helper: Makefile Log Message: Add a libm dependency To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile diff -u src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.2 src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.3 --- src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.2 Mon Mar 2 19:43:20 2020 +++ src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile Wed Mar 4 12:30:40 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.2 2020/03/03 00:43:20 christos Exp $ +# $NetBSD: Makefile,v 1.3 2020/03/04 17:30:40 christos Exp $ BINDIR= /usr/libexec @@ -6,7 +6,7 @@ PROG= ssh-sk-helper SRCS= ssh-sk-helper.c ssh-sk.c sk-usbhid.c MAN= ssh-sk-helper.8 -LDADD+=-lfido2 -lcbor -lusbhid -DPADD+=${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} +LDADD+=-lfido2 -lcbor -lusbhid -lm +DPADD+=${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} ${LIBM} .include
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Tue Mar 3 00:43:21 UTC 2020 Modified Files: src/crypto/external/bsd/openssh: Makefile src/crypto/external/bsd/openssh/libexec/ssh-sk-helper: Makefile Log Message: Enable ssh-sk-helper To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/Makefile cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/Makefile diff -u src/crypto/external/bsd/openssh/Makefile:1.2 src/crypto/external/bsd/openssh/Makefile:1.3 --- src/crypto/external/bsd/openssh/Makefile:1.2 Wed Feb 26 19:24:38 2020 +++ src/crypto/external/bsd/openssh/Makefile Mon Mar 2 19:43:20 2020 @@ -1,5 +1,5 @@ -# $NetBSD: Makefile,v 1.2 2020/02/27 00:24:38 christos Exp $ +# $NetBSD: Makefile,v 1.3 2020/03/03 00:43:20 christos Exp $ -SUBDIR= lib .WAIT bin # libexec +SUBDIR= lib .WAIT bin libexec .include Index: src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile diff -u src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.1 src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.2 --- src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.1 Wed Feb 26 19:24:41 2020 +++ src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile Mon Mar 2 19:43:20 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.1 2020/02/27 00:24:41 christos Exp $ +# $NetBSD: Makefile,v 1.2 2020/03/03 00:43:20 christos Exp $ BINDIR= /usr/libexec @@ -6,7 +6,7 @@ PROG= ssh-sk-helper SRCS= ssh-sk-helper.c ssh-sk.c sk-usbhid.c MAN= ssh-sk-helper.8 -LDADD+=-lfido2 -lusbhid -DPADD+=${LIBFIDO2} ${LIBUSBHID} +LDADD+=-lfido2 -lcbor -lusbhid +DPADD+=${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} .include
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Mon Mar 2 15:23:17 UTC 2020 Modified Files: src/crypto/external/bsd/openssh: Makefile.inc Log Message: Enable compression To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/Makefile.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/Makefile.inc diff -u src/crypto/external/bsd/openssh/Makefile.inc:1.14 src/crypto/external/bsd/openssh/Makefile.inc:1.15 --- src/crypto/external/bsd/openssh/Makefile.inc:1.14 Fri Apr 6 14:58:59 2018 +++ src/crypto/external/bsd/openssh/Makefile.inc Mon Mar 2 10:23:17 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.inc,v 1.14 2018/04/06 18:58:59 christos Exp $ +# $NetBSD: Makefile.inc,v 1.15 2020/03/02 15:23:17 christos Exp $ WARNS?= 4 @@ -11,6 +11,7 @@ SSHDIST?= ${NETBSDSRCDIR}/crypto/externa CPPFLAGS+=-I${SSHDIST} +CPPFLAGS+=-D_OPENBSD_SOURCE CPPFLAGS+=-DHAVE_DLOPEN CPPFLAGS+=-DHAVE_HEADER_AD CPPFLAGS+=-DHAVE_LOGIN_CAP @@ -19,7 +20,7 @@ CPPFLAGS+=-DHAVE_STDLIB_H CPPFLAGS+=-DOPENSSL_API_COMPAT=0x1010L .endif -CPPFLAGS+=-DWITH_OPENSSL -DENABLE_PKCS11 -D_OPENBSD_SOURCE -DWITH_XMSS +CPPFLAGS+=-DWITH_OPENSSL -DENABLE_PKCS11 -DWITH_XMSS -DWITH_ZLIB .if !defined(NOPIC) CPPFLAGS+=-DHAVE_DLOPEN .endif
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sun Mar 1 14:51:06 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-sk-client.c Log Message: fix a sign-compare issue (for the pam module) To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/ssh-sk-client.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-sk-client.c diff -u src/crypto/external/bsd/openssh/dist/ssh-sk-client.c:1.2 src/crypto/external/bsd/openssh/dist/ssh-sk-client.c:1.3 --- src/crypto/external/bsd/openssh/dist/ssh-sk-client.c:1.2 Wed Feb 26 19:24:40 2020 +++ src/crypto/external/bsd/openssh/dist/ssh-sk-client.c Sun Mar 1 09:51:06 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: ssh-sk-client.c,v 1.2 2020/02/27 00:24:40 christos Exp $ */ +/* $NetBSD: ssh-sk-client.c,v 1.3 2020/03/01 14:51:06 christos Exp $ */ /* $OpenBSD: ssh-sk-client.c,v 1.7 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2019 Google LLC @@ -16,7 +16,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "includes.h" -__RCSID("$NetBSD: ssh-sk-client.c,v 1.2 2020/02/27 00:24:40 christos Exp $"); +__RCSID("$NetBSD: ssh-sk-client.c,v 1.3 2020/03/01 14:51:06 christos Exp $"); #include #include @@ -160,7 +160,7 @@ client_converse(struct sshbuf *msg, stru ll = log_level_get(); if ((r = sshbuf_put_u32(req, type)) != 0 || (r = sshbuf_put_u8(req, log_is_on_stderr() != 0)) != 0 || - (r = sshbuf_put_u32(req, ll < 0 ? 0 : ll)) != 0 || + (r = sshbuf_put_u32(req, (uint32_t)(ll < 0 ? 0 : ll))) != 0 || (r = sshbuf_putb(req, msg)) != 0) { error("%s: build: %s", __func__, ssh_err(r)); goto out;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Sun Mar 1 08:21:38 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: ssh_config sshd_config Log Message: Sync with OpenSSH 8.2p1 sample configs - Add GSSAPIAuthentication and related options - Add KerberosAuthentication and related options - Bring in the lengthy but useful comment block about the side-effect of UsePAM with regards to PermitRootLogin. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/ssh_config cvs rdiff -u -r1.24 -r1.25 src/crypto/external/bsd/openssh/dist/sshd_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh_config diff -u src/crypto/external/bsd/openssh/dist/ssh_config:1.13 src/crypto/external/bsd/openssh/dist/ssh_config:1.14 --- src/crypto/external/bsd/openssh/dist/ssh_config:1.13 Fri Feb 28 10:41:48 2020 +++ src/crypto/external/bsd/openssh/dist/ssh_config Sun Mar 1 08:21:38 2020 @@ -1,4 +1,4 @@ -# $NetBSD: ssh_config,v 1.13 2020/02/28 10:41:48 kim Exp $ +# $NetBSD: ssh_config,v 1.14 2020/03/01 08:21:38 kim Exp $ # $OpenBSD: ssh_config,v 1.34 2019/02/04 02:39:42 dtucker Exp $ # This is the ssh client system-wide configuration file. See @@ -27,6 +27,8 @@ Host *.netbsd.org *.NetBSD.org # ForwardX11 no # PasswordAuthentication yes # HostbasedAuthentication no +# GSSAPIAuthentication no +# GSSAPIDelegateCredentials no # BatchMode no # CheckHostIP yes # AddressFamily any Index: src/crypto/external/bsd/openssh/dist/sshd_config diff -u src/crypto/external/bsd/openssh/dist/sshd_config:1.24 src/crypto/external/bsd/openssh/dist/sshd_config:1.25 --- src/crypto/external/bsd/openssh/dist/sshd_config:1.24 Fri Feb 28 10:59:58 2020 +++ src/crypto/external/bsd/openssh/dist/sshd_config Sun Mar 1 08:21:38 2020 @@ -1,4 +1,4 @@ -# $NetBSD: sshd_config,v 1.24 2020/02/28 10:59:58 kim Exp $ +# $NetBSD: sshd_config,v 1.25 2020/03/01 08:21:38 kim Exp $ # $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ # This is the sshd server system-wide configuration file. See @@ -60,6 +60,27 @@ AuthorizedKeysFile .ssh/authorized_keys # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +UsePAM yes + #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no @@ -72,7 +93,6 @@ AuthorizedKeysFile .ssh/authorized_keys #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes -UsePAM yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0
CVS commit: src/crypto/external/bsd/openssh/lib
Module Name:src Committed By: mgorny Date: Sat Feb 29 20:44:16 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/lib: Makefile Log Message: Workaround build failure due to -Werror=format-nonliteral Reviewed by kamil. To generate a diff of this commit: cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/lib/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/lib/Makefile diff -u src/crypto/external/bsd/openssh/lib/Makefile:1.31 src/crypto/external/bsd/openssh/lib/Makefile:1.32 --- src/crypto/external/bsd/openssh/lib/Makefile:1.31 Thu Feb 27 00:24:40 2020 +++ src/crypto/external/bsd/openssh/lib/Makefile Sat Feb 29 20:44:15 2020 @@ -1,10 +1,11 @@ -# $NetBSD: Makefile,v 1.31 2020/02/27 00:24:40 christos Exp $ +# $NetBSD: Makefile,v 1.32 2020/02/29 20:44:15 mgorny Exp $ .include .include "../Makefile.inc" CWARNFLAGS.clang+= -Wno-error=sizeof-array-div +CWARNFLAGS.clang+= -Wno-error=format-nonliteral LIB= ssh SRCS=\ addrmatch.c \
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm
Module Name:src Committed By: thorpej Date: Sat Feb 29 17:14:40 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm: arm.inc Log Message: earmv5 / earmv5eb is a valid MACHINE_ARCH, so match it when setting __ARM_MAX_ARCH__. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/arm.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/arm.inc diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/arm.inc:1.2 src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/arm.inc:1.3 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/arm.inc:1.2 Fri Mar 9 01:34:30 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/arm/arm.inc Sat Feb 29 17:14:40 2020 @@ -4,7 +4,8 @@ ${MACHINE_ARCH} == "armeb" || \ ${MACHINE_ARCH} == "arm" ARM_MAX_ARCH=4 -. elif ${MACHINE_ARCH} == "earm" || \ +. elif !empty(MACHINE_ARCH:Mearmv5*) || \ + ${MACHINE_ARCH} == "earm" || \ ${MACHINE_ARCH} == "earmhf" || \ ${MACHINE_ARCH} == "earmeb" || \ ${MACHINE_ARCH} == "earmhfeb"
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: tnn Date: Sat Feb 29 14:03:17 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: xmalloc.h Log Message: annotate xvasprintf w/ format string attribute To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/xmalloc.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/xmalloc.h diff -u src/crypto/external/bsd/openssh/dist/xmalloc.h:1.12 src/crypto/external/bsd/openssh/dist/xmalloc.h:1.13 --- src/crypto/external/bsd/openssh/dist/xmalloc.h:1.12 Thu Feb 27 00:24:40 2020 +++ src/crypto/external/bsd/openssh/dist/xmalloc.h Sat Feb 29 14:03:17 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: xmalloc.h,v 1.12 2020/02/27 00:24:40 christos Exp $ */ +/* $NetBSD: xmalloc.h,v 1.13 2020/02/29 14:03:17 tnn Exp $ */ /* $OpenBSD: xmalloc.h,v 1.19 2019/11/12 22:32:48 djm Exp $ */ /* @@ -26,4 +26,5 @@ int xasprintf(char **, const char *, .. __attribute__((__format__ (printf, 2, 3))) __attribute__((__nonnull__ (2))); int xvasprintf(char **, const char *, va_list) +__attribute__((__format__ (printf, 2, 0))) __attribute__((__nonnull__ (2)));
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Fri Feb 28 17:50:29 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: version.h Log Message: Remove unreferenced SSH_RELEASE To generate a diff of this commit: cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/dist/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/version.h diff -u src/crypto/external/bsd/openssh/dist/version.h:1.31 src/crypto/external/bsd/openssh/dist/version.h:1.32 --- src/crypto/external/bsd/openssh/dist/version.h:1.31 Thu Feb 27 00:27:44 2020 +++ src/crypto/external/bsd/openssh/dist/version.h Fri Feb 28 17:50:29 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.31 2020/02/27 00:27:44 christos Exp $ */ +/* $NetBSD: version.h,v 1.32 2020/02/28 17:50:29 kim Exp $ */ /* $OpenBSD: version.h,v 1.86 2020/02/14 00:39:20 djm Exp $ */ #define __OPENSSH_VERSION "OpenSSH_8.2" @@ -10,4 +10,3 @@ * used for bug compatibility operation. present NetBSD SSH version as comment */ #define SSH_VERSION __OPENSSH_VERSION " " __NETBSDSSH_VERSION SSH_HPN SSH_LPK -#define SSH_RELEASE SSH_VERSION SSH_HPN SSH_LPK
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Fri Feb 28 17:27:34 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: readconf.c Log Message: Fix duplicate entries in the keywords list. To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/readconf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/readconf.c diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.29 src/crypto/external/bsd/openssh/dist/readconf.c:1.30 --- src/crypto/external/bsd/openssh/dist/readconf.c:1.29 Thu Feb 27 00:24:40 2020 +++ src/crypto/external/bsd/openssh/dist/readconf.c Fri Feb 28 17:27:34 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: readconf.c,v 1.29 2020/02/27 00:24:40 christos Exp $ */ +/* $NetBSD: readconf.c,v 1.30 2020/02/28 17:27:34 kim Exp $ */ /* $OpenBSD: readconf.c,v 1.326 2020/02/06 22:46:31 djm Exp $ */ /* * Author: Tatu Ylonen @@ -14,7 +14,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: readconf.c,v 1.29 2020/02/27 00:24:40 christos Exp $"); +__RCSID("$NetBSD: readconf.c,v 1.30 2020/02/28 17:27:34 kim Exp $"); #include #include #include @@ -196,9 +196,25 @@ static struct { { "useprivilegedport", oDeprecated }, /* Unsupported options */ +#ifdef AFS + { "afstokenpassing", oAFSTokenPassing }, +#else { "afstokenpassing", oUnsupported }, +#endif +#if defined(KRB4) || defined(KRB5) + { "kerberosauthentication", oKerberosAuthentication }, +#else { "kerberosauthentication", oUnsupported }, +#endif +#if defined(AFS) || defined(KRB5) + { "kerberostgtpassing", oKerberosTgtPassing }, + { "kerberos5tgtpassing", oKerberosTgtPassing }, /* alias */ + { "kerberos4tgtpassing", oKerberosTgtPassing }, /* alias */ +#else { "kerberostgtpassing", oUnsupported }, + { "kerberos5tgtpassing", oUnsupported }, + { "kerberos4tgtpassing", oUnsupported }, +#endif { "rsaauthentication", oUnsupported }, { "rhostsrsaauthentication", oUnsupported }, { "compressionlevel", oUnsupported }, @@ -235,17 +251,6 @@ static struct { { "challengeresponseauthentication", oChallengeResponseAuthentication }, { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ -#if defined(KRB4) || defined(KRB5) - { "kerberosauthentication", oKerberosAuthentication }, -#endif -#if defined(AFS) || defined(KRB5) - { "kerberostgtpassing", oKerberosTgtPassing }, - { "kerberos5tgtpassing", oKerberosTgtPassing }, /* alias */ - { "kerberos4tgtpassing", oKerberosTgtPassing }, /* alias */ -#endif -#ifdef AFS - { "afstokenpassing", oAFSTokenPassing }, -#endif #if defined(GSSAPI) { "gssapiauthentication", oGssAuthentication }, { "gssapidelegatecredentials", oGssDelegateCreds },
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Fri Feb 28 10:59:58 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: sshd_config Log Message: Cleanup - Match the case of the UsePAM keyword used in the manual page and code, to aid case-sensitive grep etc. - Remove references to obsole UseLogin and UsePrivilegeSeparation keywords. - Whitespace police To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/sshd_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshd_config diff -u src/crypto/external/bsd/openssh/dist/sshd_config:1.23 src/crypto/external/bsd/openssh/dist/sshd_config:1.24 --- src/crypto/external/bsd/openssh/dist/sshd_config:1.23 Sun Aug 26 07:46:37 2018 +++ src/crypto/external/bsd/openssh/dist/sshd_config Fri Feb 28 10:59:58 2020 @@ -1,4 +1,4 @@ -# $NetBSD: sshd_config,v 1.23 2018/08/26 07:46:37 christos Exp $ +# $NetBSD: sshd_config,v 1.24 2020/02/28 10:59:58 kim Exp $ # $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ # This is the sshd server system-wide configuration file. See @@ -53,7 +53,7 @@ AuthorizedKeysFile .ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes -# To disable password authentication, set this and UsePam to no +# To disable password authentication, set this and UsePAM to no #PasswordAuthentication yes #PermitEmptyPasswords no @@ -72,9 +72,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes -#UseLogin no -#UsePrivilegeSeparation sandbox -UsePam yes +UsePAM yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 @@ -121,7 +119,6 @@ Subsystem sftp /usr/libexec/sftp-server # buffer size for hpn to non-hpn connections #HPNBufferSize 2048 - # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Fri Feb 28 10:41:49 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: ssh_config Log Message: Move NetBSD.org-specific entry above the match-all entry The first matching entry that sets an option "wins." Therefore more specific matches should be provided before the "Host *" entry that matches everything. This way options set in the more specific entry will not be accidentally made ineffective by the match-all entry. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/ssh_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh_config diff -u src/crypto/external/bsd/openssh/dist/ssh_config:1.12 src/crypto/external/bsd/openssh/dist/ssh_config:1.13 --- src/crypto/external/bsd/openssh/dist/ssh_config:1.12 Sat Apr 20 17:16:40 2019 +++ src/crypto/external/bsd/openssh/dist/ssh_config Fri Feb 28 10:41:48 2020 @@ -1,4 +1,4 @@ -# $NetBSD: ssh_config,v 1.12 2019/04/20 17:16:40 christos Exp $ +# $NetBSD: ssh_config,v 1.13 2020/02/28 10:41:48 kim Exp $ # $OpenBSD: ssh_config,v 1.34 2019/02/04 02:39:42 dtucker Exp $ # This is the ssh client system-wide configuration file. See @@ -18,6 +18,10 @@ # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. +# NetBSD.org DNS provides SSHFP records - use them when possible +Host *.netbsd.org *.NetBSD.org +VerifyHostKeyDNS ask + # Host * # ForwardAgent no # ForwardX11 no @@ -45,7 +49,3 @@ # If you use xorg from pkgsrc then uncomment the following line. # XAuthLocation /usr/pkg/bin/xauth - -# NetBSD.org DNS provides SSHFP records - use them when possible -Host *.netbsd.org *.NetBSD.org -VerifyHostKeyDNS ask
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Feb 27 00:27:44 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: version.h Log Message: fix date To generate a diff of this commit: cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/version.h diff -u src/crypto/external/bsd/openssh/dist/version.h:1.30 src/crypto/external/bsd/openssh/dist/version.h:1.31 --- src/crypto/external/bsd/openssh/dist/version.h:1.30 Wed Feb 26 19:24:40 2020 +++ src/crypto/external/bsd/openssh/dist/version.h Wed Feb 26 19:27:44 2020 @@ -1,8 +1,8 @@ -/* $NetBSD: version.h,v 1.30 2020/02/27 00:24:40 christos Exp $ */ +/* $NetBSD: version.h,v 1.31 2020/02/27 00:27:44 christos Exp $ */ /* $OpenBSD: version.h,v 1.86 2020/02/14 00:39:20 djm Exp $ */ #define __OPENSSH_VERSION "OpenSSH_8.2" -#define __NETBSDSSH_VERSION "NetBSD_Secure_Shell-2020025" +#define __NETBSDSSH_VERSION "NetBSD_Secure_Shell-20200225" #define SSH_HPN "-hpn13v14" #define SSH_LPK "-lpk" /*
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Thu Feb 27 00:24:41 UTC 2020 Modified Files: src/crypto/external/bsd/openssh: Makefile src/crypto/external/bsd/openssh/bin/scp: Makefile src/crypto/external/bsd/openssh/bin/sftp: Makefile src/crypto/external/bsd/openssh/bin/sftp-server: Makefile src/crypto/external/bsd/openssh/bin/ssh: Makefile src/crypto/external/bsd/openssh/bin/ssh-add: Makefile src/crypto/external/bsd/openssh/bin/ssh-agent: Makefile src/crypto/external/bsd/openssh/bin/ssh-keygen: Makefile src/crypto/external/bsd/openssh/bin/ssh-keyscan: Makefile src/crypto/external/bsd/openssh/bin/ssh-keysign: Makefile src/crypto/external/bsd/openssh/bin/ssh-pkcs11-helper: Makefile src/crypto/external/bsd/openssh/bin/sshd: Makefile src/crypto/external/bsd/openssh/dist: PROTOCOL.certkeys auth-options.c auth-options.h auth.c auth2-chall.c auth2-gss.c auth2-hostbased.c auth2-kbdint.c auth2-pubkey.c authfd.c authfd.h authfile.c authfile.h channels.c channels.h cipher.c cipher.h clientloop.c gss-serv.c hash.c hostfile.c kex.c kexgen.c kexgexc.c krl.c match.c misc.c misc.h moduli.c monitor.c monitor_wrap.c monitor_wrap.h msg.c mux.c myproposal.h packet.c pathnames.h progressmeter.c readconf.c readconf.h readpass.c scp.1 scp.c servconf.c servconf.h serverloop.c session.c sftp-glob.c sftp-realpath.c sftp-server.8 sftp.1 sftp.c sk-usbhid.c ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-ecdsa-sk.c ssh-ed25519-sk.c ssh-keygen.1 ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh-keysign.c ssh-pkcs11-client.c ssh-pkcs11-helper.8 ssh-pkcs11-helper.c ssh-pkcs11.c ssh-pkcs11.h ssh-sk-client.c ssh-sk-helper.c ssh-sk.c ssh.1 ssh.c ssh_api.c ssh_config.5 sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-io.c sshbuf-misc.c sshbuf.c sshbuf.h sshconnect.c sshconnect.h sshconnect2.c sshd.8 sshd.c sshd_config.5 ssherr.c ssherr.h sshkey-xmss.c sshkey.c sshkey.h sshsig.c umac.c version.h xmalloc.c xmalloc.h src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: Makefile shlib_version Added Files: src/crypto/external/bsd/openssh/libexec: Makefile Makefile.inc src/crypto/external/bsd/openssh/libexec/ssh-sk-helper: Makefile Log Message: Merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/Makefile cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/bin/scp/Makefile cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/bin/sftp/Makefile cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssh/bin/sftp-server/Makefile cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/bin/ssh/Makefile cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/bin/ssh-add/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssh/bin/ssh-agent/Makefile cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/openssh/bin/ssh-keygen/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssh/bin/ssh-keysign/Makefile cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssh/bin/ssh-pkcs11-helper/Makefile cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/bin/sshd/Makefile cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys \ src/crypto/external/bsd/openssh/dist/auth2-kbdint.c \ src/crypto/external/bsd/openssh/dist/sftp-glob.c \ src/crypto/external/bsd/openssh/dist/sftp-server.8 \ src/crypto/external/bsd/openssh/dist/xmalloc.c \ src/crypto/external/bsd/openssh/dist/xmalloc.h cvs rdiff -u -r1.21 -r1.22 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sshd.8 \ src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/openssh/dist/auth-options.h \ src/crypto/external/bsd/openssh/dist/match.c \ src/crypto/external/bsd/openssh/dist/progressmeter.c \ src/crypto/external/bsd/openssh/dist/ssh-keysign.8 \ src/crypto/external/bsd/openssh/dist/sshbuf.h cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/auth.c \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/serverloop.c cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/auth2-chall.c \ src/crypto/external/bsd/openssh/dist/channels.h \ src/crypto/external/bsd/openssh/dist/cipher.c cvs rdiff -u -r1.13 -r1.14
CVS commit: src/crypto/external/bsd/openssl/dist/crypto
Module Name:src Committed By: christos Date: Sun Feb 16 15:03:22 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/md4: md4_dgst.c src/crypto/external/bsd/openssl/dist/crypto/ripemd: rmd_dgst.c Log Message: use unsigned to avoid undefined behavior in shifts (nisharg joshi) To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c diff -u src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c:1.6 src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c:1.7 --- src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c:1.6 Thu Feb 8 16:51:29 2018 +++ src/crypto/external/bsd/openssl/dist/crypto/md4/md4_dgst.c Sun Feb 16 10:03:22 2020 @@ -37,10 +37,10 @@ int MD4_Init(MD4_CTX *c) void md4_block_data_order(MD4_CTX *c, const void *data_, size_t num) { const unsigned char *data = data_; -register MD32_REG_T A, B, C, D, l; +register unsigned MD32_REG_T A, B, C, D, l; # ifndef MD32_XARRAY /* See comment in crypto/sha/sha_locl.h for details. */ -MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, +unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15; # define X(i) XX##i # else Index: src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c diff -u src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c:1.6 src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c:1.7 --- src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c:1.6 Thu Feb 8 16:51:31 2018 +++ src/crypto/external/bsd/openssl/dist/crypto/ripemd/rmd_dgst.c Sun Feb 16 10:03:22 2020 @@ -36,11 +36,11 @@ int RIPEMD160_Init(RIPEMD160_CTX *c) void ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *p, size_t num) { const unsigned char *data = p; -register MD32_REG_T A, B, C, D, E; -MD32_REG_T a, b, c, d, e, l; +register unsigned MD32_REG_T A, B, C, D, E; +unsigned MD32_REG_T a, b, c, d, e, l; # ifndef MD32_XARRAY /* See comment in crypto/sha/sha_locl.h for details. */ -MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, +unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15; # define X(i) XX##i # else
CVS commit: src/crypto/external/bsd/openssl/dist/crypto/rand
Module Name:src Committed By: riastradh Date: Sat Feb 15 23:19:37 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/rand: rand_unix.c Log Message: Open /dev/urandom with O_CLOEXEC. Let's avoid bleeding file descriptors into our clients' children, shall we? XXX pullup To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 \ src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c diff -u src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c:1.13 src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c:1.14 --- src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c:1.13 Thu Jan 23 02:54:55 2020 +++ src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c Sat Feb 15 23:19:37 2020 @@ -479,7 +479,7 @@ static int get_random_device(size_t n) return rd->fd; /* open the random device ... */ -if ((rd->fd = open(random_device_paths[n], O_RDONLY)) == -1) +if ((rd->fd = open(random_device_paths[n], O_RDONLY|O_CLOEXEC)) == -1) return rd->fd; /* ... and cache its relevant stat(2) data */
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64
Module Name:src Committed By: christos Date: Thu Jan 23 17:37:03 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64: aesni-x86_64.S ecp_nistz256-x86_64.S ghash-x86_64.S rsaz-avx2.S vpaes-x86_64.S x86_64-mont5.S Log Message: regen To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/aesni-x86_64.S cvs rdiff -u -r1.4 -r1.5 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/ecp_nistz256-x86_64.S cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/ghash-x86_64.S cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/rsaz-avx2.S cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/vpaes-x86_64.S cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/x86_64-mont5.S Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/aesni-x86_64.S diff -u src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/aesni-x86_64.S:1.9 src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/aesni-x86_64.S:1.10 --- src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/aesni-x86_64.S:1.9 Sun Sep 23 09:33:05 2018 +++ src/crypto/external/bsd/openssl/lib/libcrypto/arch/x86_64/aesni-x86_64.S Thu Jan 23 12:37:03 2020 @@ -5,6 +5,7 @@ .type aesni_encrypt,@function .align 16 aesni_encrypt: +.cfi_startproc movups (%rdi),%xmm2 movl 240(%rdx),%eax movups (%rdx),%xmm0 @@ -23,12 +24,14 @@ aesni_encrypt: movups %xmm2,(%rsi) pxor %xmm2,%xmm2 .byte 0xf3,0xc3 +.cfi_endproc .size aesni_encrypt,.-aesni_encrypt .globl aesni_decrypt .type aesni_decrypt,@function .align 16 aesni_decrypt: +.cfi_startproc movups (%rdi),%xmm2 movl 240(%rdx),%eax movups (%rdx),%xmm0 @@ -47,10 +50,12 @@ aesni_decrypt: movups %xmm2,(%rsi) pxor %xmm2,%xmm2 .byte 0xf3,0xc3 +.cfi_endproc .size aesni_decrypt, .-aesni_decrypt .type _aesni_encrypt2,@function .align 16 _aesni_encrypt2: +.cfi_startproc movups (%rcx),%xmm0 shll $4,%eax movups 16(%rcx),%xmm1 @@ -76,10 +81,12 @@ _aesni_encrypt2: .byte 102,15,56,221,208 .byte 102,15,56,221,216 .byte 0xf3,0xc3 +.cfi_endproc .size _aesni_encrypt2,.-_aesni_encrypt2 .type _aesni_decrypt2,@function .align 16 _aesni_decrypt2: +.cfi_startproc movups (%rcx),%xmm0 shll $4,%eax movups 16(%rcx),%xmm1 @@ -105,10 +112,12 @@ _aesni_decrypt2: .byte 102,15,56,223,208 .byte 102,15,56,223,216 .byte 0xf3,0xc3 +.cfi_endproc .size _aesni_decrypt2,.-_aesni_decrypt2 .type _aesni_encrypt3,@function .align 16 _aesni_encrypt3: +.cfi_startproc movups (%rcx),%xmm0 shll $4,%eax movups 16(%rcx),%xmm1 @@ -139,10 +148,12 @@ _aesni_encrypt3: .byte 102,15,56,221,216 .byte 102,15,56,221,224 .byte 0xf3,0xc3 +.cfi_endproc .size _aesni_encrypt3,.-_aesni_encrypt3 .type _aesni_decrypt3,@function .align 16 _aesni_decrypt3: +.cfi_startproc movups (%rcx),%xmm0 shll $4,%eax movups 16(%rcx),%xmm1 @@ -173,10 +184,12 @@ _aesni_decrypt3: .byte 102,15,56,223,216 .byte 102,15,56,223,224 .byte 0xf3,0xc3 +.cfi_endproc .size _aesni_decrypt3,.-_aesni_decrypt3 .type _aesni_encrypt4,@function .align 16 _aesni_encrypt4: +.cfi_startproc movups (%rcx),%xmm0 shll $4,%eax movups 16(%rcx),%xmm1 @@ -213,10 +226,12 @@ _aesni_encrypt4: .byte 102,15,56,221,224 .byte 102,15,56,221,232 .byte 0xf3,0xc3 +.cfi_endproc .size _aesni_encrypt4,.-_aesni_encrypt4 .type _aesni_decrypt4,@function .align 16 _aesni_decrypt4: +.cfi_startproc movups (%rcx),%xmm0 shll $4,%eax movups 16(%rcx),%xmm1 @@ -253,10 +268,12 @@ _aesni_decrypt4: .byte 102,15,56,223,224 .byte 102,15,56,223,232 .byte 0xf3,0xc3 +.cfi_endproc .size _aesni_decrypt4,.-_aesni_decrypt4 .type _aesni_encrypt6,@function .align 16 _aesni_encrypt6: +.cfi_startproc movups (%rcx),%xmm0 shll $4,%eax movups 16(%rcx),%xmm1 @@ -307,10 +324,12 @@ _aesni_encrypt6: .byte 102,15,56,221,240 .byte 102,15,56,221,248 .byte 0xf3,0xc3 +.cfi_endproc .size _aesni_encrypt6,.-_aesni_encrypt6 .type _aesni_decrypt6,@function .align 16 _aesni_decrypt6: +.cfi_startproc movups (%rcx),%xmm0 shll $4,%eax movups 16(%rcx),%xmm1 @@ -361,10 +380,12 @@ _aesni_decrypt6: .byte 102,15,56,223,240 .byte 102,15,56,223,248 .byte 0xf3,0xc3 +.cfi_endproc .size _aesni_decrypt6,.-_aesni_decrypt6 .type _aesni_encrypt8,@function .align 16 _aesni_encrypt8: +.cfi_startproc movups (%rcx),%xmm0 shll $4,%eax movups 16(%rcx),%xmm1 @@ -425,10 +446,12 @@ _aesni_encrypt8: .byte 102,68,15,56,221,192 .byte 102,68,15,56,221,200 .byte 0xf3,0xc3 +.cfi_endproc .size _aesni_encrypt8,.-_aesni_encrypt8 .type _aesni_decrypt8,@function .align 16 _aesni_decrypt8: +.cfi_startproc movups
CVS commit: src/crypto/external/bsd/openssl/lib/libcrypto
Module Name:src Committed By: mlelstv Date: Thu Jan 23 12:55:09 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto: crypto.map Log Message: Add the EC_GFp_nistp*_methods again To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map diff -u src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.6 src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.7 --- src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map:1.6 Thu Jan 23 02:54:56 2020 +++ src/crypto/external/bsd/openssl/lib/libcrypto/crypto.map Thu Jan 23 12:55:09 2020 @@ -1078,6 +1078,10 @@ OPENSSL_1_1_0 { ECPKParameters_print_fp; ECParameters_print; ECParameters_print_fp; +EC_GFp_nistp224_method; +EC_GFp_nistp256_method; +EC_GFp_nistp521_method; +EC_GFp_nistz256_method; EC_GF2m_simple_method; EC_GFp_mont_method; EC_GFp_nist_method;
CVS commit: src/crypto/external/bsd/openssl/lib/libcryptotest
Module Name:src Committed By: mrg Date: Thu Jan 23 07:27:00 UTC 2020 Modified Files: src/crypto/external/bsd/openssl/lib/libcryptotest: Makefile Log Message: add new random.c. builds for me. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssl/lib/libcryptotest/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/lib/libcryptotest/Makefile diff -u src/crypto/external/bsd/openssl/lib/libcryptotest/Makefile:1.1 src/crypto/external/bsd/openssl/lib/libcryptotest/Makefile:1.2 --- src/crypto/external/bsd/openssl/lib/libcryptotest/Makefile:1.1 Sun Sep 23 13:33:09 2018 +++ src/crypto/external/bsd/openssl/lib/libcryptotest/Makefile Thu Jan 23 07:27:00 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.1 2018/09/23 13:33:09 christos Exp $ +# $NetBSD: Makefile,v 1.2 2020/01/23 07:27:00 mrg Exp $ LIBISPRIVATE= yes LIB= cryptotest @@ -13,6 +13,6 @@ CRYPTODIST= ${NETBSDSRCDIR}/crypto CPPFLAGS+= -I${OPENSSLSRC}/include SRCS+= tests.c format_output.c output_helpers.c basic_output.c stanza.c -SRCS+= main.c tap_bio.c driver.c init.c test_cleanup.c cb.c +SRCS+= main.c tap_bio.c driver.c init.c test_cleanup.c cb.c random.c .include
CVS commit: src/crypto/external/bsd/heimdal
Module Name:src Committed By: christos Date: Tue Dec 17 00:17:00 UTC 2019 Modified Files: src/crypto/external/bsd/heimdal: Makefile.inc Log Message: Find and set a version to a make(1) variable. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/heimdal/Makefile.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/heimdal/Makefile.inc diff -u src/crypto/external/bsd/heimdal/Makefile.inc:1.4 src/crypto/external/bsd/heimdal/Makefile.inc:1.5 --- src/crypto/external/bsd/heimdal/Makefile.inc:1.4 Sat Feb 3 22:19:51 2018 +++ src/crypto/external/bsd/heimdal/Makefile.inc Mon Dec 16 19:17:00 2019 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.inc,v 1.4 2018/02/04 03:19:51 christos Exp $ +# $NetBSD: Makefile.inc,v 1.5 2019/12/17 00:17:00 christos Exp $ HEIMBASE?= ${NETBSDSRCDIR}/crypto/external/bsd/heimdal HEIMDIST= ${HEIMBASE}/dist @@ -16,6 +16,8 @@ LIBIPC_PIC= ${LIBIPCDIR}/libipc.a LIBIPC_PIC= ${LIBIPCDIR}/libipc_pic.a .endif +VERSION!= ${TOOL_SED} -ne 's/.*PACKAGE_VERSION[ ]*"\([0-9.]*\)"/\1/p' ${.PARSEDIR}/include/config.h + .if ${USETOOLS} != "yes" COMPILEETOBJ!= cd ${HEIMBASE}/lib/libcom_err/compile_et && ${PRINTOBJDIR} TOOL_COMPILE_ET= ${COMPILEETOBJ}/compile_et
CVS commit: src/crypto/external/bsd/heimdal/bin/krb5-config
Module Name:src Committed By: christos Date: Tue Dec 17 00:16:26 UTC 2019 Modified Files: src/crypto/external/bsd/heimdal/bin/krb5-config: Makefile Log Message: PR/54773: David Shao: krb5-config.in needs to be evaluated by the shell now in order to work. Perhaps it is better to keep a local modified copy that does not need this treatment... To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile diff -u src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile:1.3 src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile:1.4 --- src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile:1.3 Thu Apr 24 09:50:53 2014 +++ src/crypto/external/bsd/heimdal/bin/krb5-config/Makefile Mon Dec 16 19:16:26 2019 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.3 2014/04/24 13:50:53 pettai Exp $ +# $NetBSD: Makefile,v 1.4 2019/12/17 00:16:26 christos Exp $ .include .include <${.CURDIR}/../../Makefile.inc> @@ -11,8 +11,9 @@ MAN= krb5-config.1 CLEANFILES+= krb5-config krb5-config: krb5-config.in - ${TOOL_SED} -e "s!@PACKAGE\@!heimdal!g" \ - -e "s!@VERSION\@!1.5.3!g" \ + ${TOOL_SED} \ + -e "s!@PACKAGE\@!heimdal!g" \ + -e "s!@VERSION\@!${VERSION}!g" \ -e "s!@prefix\@!/!g" \ -e "s!@exec_prefix\@!/!g" \ -e "s!@libdir\@!/usr/lib!g" \ @@ -26,7 +27,7 @@ krb5-config: krb5-config.in -e "s!@LIB_pkinit\@!-lhx509!g" \ -e "s!@PTHREAD_LIBADD\@!!g" \ -e "s!@LIBS\@!!g" \ - ${HEIMDIST}/tools/krb5-config.in > $@ + ${HEIMDIST}/tools/krb5-config.in | sh > $@ chmod +x $@ .include
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Dec 7 16:38:42 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: monitor.c Log Message: need pfilter.h To generate a diff of this commit: cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/dist/monitor.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/monitor.c diff -u src/crypto/external/bsd/openssh/dist/monitor.c:1.31 src/crypto/external/bsd/openssh/dist/monitor.c:1.32 --- src/crypto/external/bsd/openssh/dist/monitor.c:1.31 Sat Dec 7 11:32:22 2019 +++ src/crypto/external/bsd/openssh/dist/monitor.c Sat Dec 7 11:38:42 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor.c,v 1.31 2019/12/07 16:32:22 christos Exp $ */ +/* $NetBSD: monitor.c,v 1.32 2019/12/07 16:38:42 christos Exp $ */ /* $OpenBSD: monitor.c,v 1.199 2019/10/07 23:10:38 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -27,7 +27,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: monitor.c,v 1.31 2019/12/07 16:32:22 christos Exp $"); +__RCSID("$NetBSD: monitor.c,v 1.32 2019/12/07 16:38:42 christos Exp $"); #include #include #include @@ -85,6 +85,8 @@ __RCSID("$NetBSD: monitor.c,v 1.31 2019/ #include "match.h" #include "ssherr.h" +#include "pfilter.h" + #ifdef GSSAPI static Gssctxt *gsscontext = NULL; #endif
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Dec 7 16:32:22 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: auth2.c monitor.c Log Message: Add some more pfilter_notify() calls where authentication attempts fail. To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/auth2.c cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/monitor.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth2.c diff -u src/crypto/external/bsd/openssh/dist/auth2.c:1.20 src/crypto/external/bsd/openssh/dist/auth2.c:1.21 --- src/crypto/external/bsd/openssh/dist/auth2.c:1.20 Sat Oct 12 14:32:22 2019 +++ src/crypto/external/bsd/openssh/dist/auth2.c Sat Dec 7 11:32:22 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: auth2.c,v 1.20 2019/10/12 18:32:22 christos Exp $ */ +/* $NetBSD: auth2.c,v 1.21 2019/12/07 16:32:22 christos Exp $ */ /* $OpenBSD: auth2.c,v 1.157 2019/09/06 04:53:27 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth2.c,v 1.20 2019/10/12 18:32:22 christos Exp $"); +__RCSID("$NetBSD: auth2.c,v 1.21 2019/12/07 16:32:22 christos Exp $"); #include #include @@ -440,8 +440,10 @@ userauth_finish(struct ssh *ssh, int aut } else { /* Allow initial try of "none" auth without failure penalty */ if (!partial && !authctxt->server_caused_failure && - (authctxt->attempt > 1 || strcmp(method, "none") != 0)) + (authctxt->attempt > 1 || strcmp(method, "none") != 0)) { authctxt->failures++; + pfilter_notify(1); + } if (authctxt->failures >= options.max_authtries) auth_maxtries_exceeded(ssh); methods = authmethods_get(authctxt); Index: src/crypto/external/bsd/openssh/dist/monitor.c diff -u src/crypto/external/bsd/openssh/dist/monitor.c:1.30 src/crypto/external/bsd/openssh/dist/monitor.c:1.31 --- src/crypto/external/bsd/openssh/dist/monitor.c:1.30 Sat Oct 12 14:32:22 2019 +++ src/crypto/external/bsd/openssh/dist/monitor.c Sat Dec 7 11:32:22 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor.c,v 1.30 2019/10/12 18:32:22 christos Exp $ */ +/* $NetBSD: monitor.c,v 1.31 2019/12/07 16:32:22 christos Exp $ */ /* $OpenBSD: monitor.c,v 1.199 2019/10/07 23:10:38 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -27,7 +27,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: monitor.c,v 1.30 2019/10/12 18:32:22 christos Exp $"); +__RCSID("$NetBSD: monitor.c,v 1.31 2019/12/07 16:32:22 christos Exp $"); #include #include #include @@ -320,8 +320,10 @@ monitor_child_preauth(struct ssh *ssh, s if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { auth_log(ssh, authenticated, partial, auth_method, auth_submethod); - if (!partial && !authenticated) + if (!partial && !authenticated) { +pfilter_notify(1); authctxt->failures++; + } if (authenticated || partial) { auth2_update_session_info(authctxt, auth_method, auth_submethod); @@ -1223,6 +1225,7 @@ mm_answer_keyallowed(struct ssh *ssh, in } else { /* Log failed attempt */ auth_log(ssh, 0, 0, auth_method, NULL); + pfilter_notify(1); free(cuser); free(chost); }
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Dec 7 16:25:36 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: auth.c Log Message: don't call pfilter_notify() from authz_log(). Logging should not have side effects (kim@) To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/auth.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth.c diff -u src/crypto/external/bsd/openssh/dist/auth.c:1.25 src/crypto/external/bsd/openssh/dist/auth.c:1.26 --- src/crypto/external/bsd/openssh/dist/auth.c:1.25 Sat Oct 12 14:32:22 2019 +++ src/crypto/external/bsd/openssh/dist/auth.c Sat Dec 7 11:25:36 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: auth.c,v 1.25 2019/10/12 18:32:22 christos Exp $ */ +/* $NetBSD: auth.c,v 1.26 2019/12/07 16:25:36 christos Exp $ */ /* $OpenBSD: auth.c,v 1.141 2019/10/02 00:42:30 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth.c,v 1.25 2019/10/12 18:32:22 christos Exp $"); +__RCSID("$NetBSD: auth.c,v 1.26 2019/12/07 16:25:36 christos Exp $"); #include #include #include @@ -408,8 +408,6 @@ auth_log(struct ssh *ssh, int authentica extra != NULL ? extra : ""); free(extra); - if (!authctxt->postponed) - pfilter_notify(!authenticated); } void
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Dec 7 16:25:05 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: sshd.c Log Message: don't call pfilter_notify() twice in grace_alarm_handler(). (kim@) To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/sshd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshd.c diff -u src/crypto/external/bsd/openssh/dist/sshd.c:1.36 src/crypto/external/bsd/openssh/dist/sshd.c:1.37 --- src/crypto/external/bsd/openssh/dist/sshd.c:1.36 Sat Oct 12 14:32:22 2019 +++ src/crypto/external/bsd/openssh/dist/sshd.c Sat Dec 7 11:25:05 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sshd.c,v 1.36 2019/10/12 18:32:22 christos Exp $ */ +/* $NetBSD: sshd.c,v 1.37 2019/12/07 16:25:05 christos Exp $ */ /* $OpenBSD: sshd.c,v 1.537 2019/06/28 13:35:04 deraadt Exp $ */ /* * Author: Tatu Ylonen @@ -44,7 +44,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshd.c,v 1.36 2019/10/12 18:32:22 christos Exp $"); +__RCSID("$NetBSD: sshd.c,v 1.37 2019/12/07 16:25:05 christos Exp $"); #include #include #include @@ -370,7 +370,6 @@ grace_alarm_handler(int sig) /* XXX pre-format ipaddr/port so we don't need to access active_state */ /* Log error and exit. */ - pfilter_notify(1); sigdie("Timeout before authentication for %s port %d", ssh_remote_ipaddr(the_active_state), ssh_remote_port(the_active_state));