Module Name: src
Committed By: martin
Date: Mon Jan 26 11:02:37 UTC 2015
Modified Files:
src/crypto/dist/openssl/apps [netbsd-5-2]: s_client.c s_server.c
speed.c
src/crypto/dist/openssl/crypto [netbsd-5-2]: Makefile
constant_time_locl.h cversion.c
src/crypto/dist/openssl/crypto/asn1 [netbsd-5-2]: a_bitstr.c a_type.c
a_verify.c asn1.h asn1_err.c tasn_dec.c x_algor.c
src/crypto/dist/openssl/crypto/bio [netbsd-5-2]: bio.h bss_dgram.c
src/crypto/dist/openssl/crypto/bn [netbsd-5-2]: bn_asm.c bntest.c
src/crypto/dist/openssl/crypto/bn/asm [netbsd-5-2]: mips3.s
x86_64-gcc.c
src/crypto/dist/openssl/crypto/dsa [netbsd-5-2]: dsa_vrf.c
src/crypto/dist/openssl/crypto/ec [netbsd-5-2]: ec_mult.c ec_pmeth.c
src/crypto/dist/openssl/crypto/ecdsa [netbsd-5-2]: ecs_vrf.c
src/crypto/dist/openssl/crypto/evp [netbsd-5-2]: Makefile evp_enc.c
src/crypto/dist/openssl/crypto/objects [netbsd-5-2]: obj_xref.h
objxref.pl
src/crypto/dist/openssl/crypto/ts [netbsd-5-2]: ts_rsp_sign.c
src/crypto/dist/openssl/crypto/x509 [netbsd-5-2]: x509.h x509_vpm.c
x_all.c
src/crypto/dist/openssl/ssl [netbsd-5-2]: d1_both.c d1_clnt.c d1_enc.c
d1_lib.c d1_pkt.c d1_srvr.c dtls1.h s23_srvr.c s2_enc.c s2_pkt.c
s2_srvr.c s3_both.c s3_clnt.c s3_enc.c s3_lib.c s3_pkt.c s3_srvr.c
ssl.h ssl_cert.c ssl_lib.c ssl_locl.h
src/crypto/dist/openssl/util [netbsd-5-2]: libeay.num mk1mf.pl
src/distrib/sets/lists/base [netbsd-5-2]: md.amd64 md.sparc64 shl.mi
src/lib/libcrypto [netbsd-5-2]: shlib_version
src/lib/libssl [netbsd-5-2]: shlib_version
Log Message:
Change the following, requested by spz in ticket #1945:
crypto/dist/openssl/apps/s_client.c patch
crypto/dist/openssl/apps/s_server.c patch
crypto/dist/openssl/apps/speed.c patch
crypto/dist/openssl/crypto/Makefile patch
crypto/dist/openssl/crypto/constant_time_locl.h patch
crypto/dist/openssl/crypto/cversion.c patch
crypto/dist/openssl/crypto/asn1/a_bitstr.c patch
crypto/dist/openssl/crypto/asn1/a_type.c patch
crypto/dist/openssl/crypto/asn1/a_verify.c patch
crypto/dist/openssl/crypto/asn1/asn1.h patch
crypto/dist/openssl/crypto/asn1/asn1_err.c patch
crypto/dist/openssl/crypto/asn1/tasn_dec.c patch
crypto/dist/openssl/crypto/asn1/x_algor.c patch
crypto/dist/openssl/crypto/bio/bio.h patch
crypto/dist/openssl/crypto/bio/bss_dgram.c patch
crypto/dist/openssl/crypto/bn/bn_asm.c patch
crypto/dist/openssl/crypto/bn/bntest.c patch
crypto/dist/openssl/crypto/bn/asm/mips3.s patch
crypto/dist/openssl/crypto/bn/asm/x86_64-gcc.c patch
crypto/dist/openssl/crypto/dsa/dsa_vrf.c patch
crypto/dist/openssl/crypto/ec/ec_mult.c patch
crypto/dist/openssl/crypto/ec/ec_pmeth.c patch
crypto/dist/openssl/crypto/ecdsa/ecs_vrf.c patch
crypto/dist/openssl/crypto/evp/Makefile patch
crypto/dist/openssl/crypto/evp/evp_enc.c patch
crypto/dist/openssl/crypto/objects/obj_xref.h patch
crypto/dist/openssl/crypto/objects/objxref.pl patch
crypto/dist/openssl/crypto/ts/ts_rsp_sign.c patch
crypto/dist/openssl/crypto/x509/x509.h patch
crypto/dist/openssl/crypto/x509/x509_vpm.c patch
crypto/dist/openssl/crypto/x509/x_all.c patch
crypto/dist/openssl/ssl/d1_both.c patch
crypto/dist/openssl/ssl/d1_clnt.c patch
crypto/dist/openssl/ssl/d1_enc.c patch
crypto/dist/openssl/ssl/d1_lib.c patch
crypto/dist/openssl/ssl/d1_pkt.c patch
crypto/dist/openssl/ssl/d1_srvr.c patch
crypto/dist/openssl/ssl/dtls1.h patch
crypto/dist/openssl/ssl/s23_srvr.c patch
crypto/dist/openssl/ssl/s2_enc.c patch
crypto/dist/openssl/ssl/s2_pkt.c patch
crypto/dist/openssl/ssl/s2_srvr.c patch
crypto/dist/openssl/ssl/s3_both.c patch
crypto/dist/openssl/ssl/s3_clnt.c patch
crypto/dist/openssl/ssl/s3_enc.c patch
crypto/dist/openssl/ssl/s3_lib.c patch
crypto/dist/openssl/ssl/s3_pkt.c patch
crypto/dist/openssl/ssl/s3_srvr.c patch
crypto/dist/openssl/ssl/ssl.h patch
crypto/dist/openssl/ssl/ssl_cert.c patch
crypto/dist/openssl/ssl/ssl_lib.c patch
crypto/dist/openssl/ssl/ssl_locl.h patch
crypto/dist/openssl/util/libeay.num patch
crypto/dist/openssl/util/mk1mf.pl patch
distrib/sets/lists/base/md.amd64 patch
distrib/sets/lists/base/md.sparc64 patch
distrib/sets/lists/base/shl.mi patch
lib/libcrypto/shlib_version patch
lib/libssl/shlib_version patch
Apply fixes for the following OpenSSL vulnerabilities:
DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)
DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
no-ssl3 configuration sets method to NULL (CVE-2014-3569)
ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)
RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
DH client certificates accepted without verification [Server] (CVE-2015-0205)
Certificate fingerprints can be modified (CVE-2014-8275)
Bignum squaring may produce incorrect results (CVE-2014-3570)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.11.2.1 -r1.1.1.11.2.2 \
src/crypto/dist/openssl/apps/s_client.c
cvs rdiff -u -r1.1.1.8 -r1.1.1.8.2.1 src/crypto/dist/openssl/apps/s_server.c
cvs rdiff -u -r1.8.4.1 -r1.8.4.1.10.1 src/crypto/dist/openssl/apps/speed.c
cvs rdiff -u -r1.1.1.4.2.1 -r1.1.1.4.2.2 \
src/crypto/dist/openssl/crypto/Makefile
cvs rdiff -u -r1.1.6.2 -r1.1.6.3 \
src/crypto/dist/openssl/crypto/constant_time_locl.h
cvs rdiff -u -r1.5 -r1.5.38.1 src/crypto/dist/openssl/crypto/cversion.c
cvs rdiff -u -r1.1.1.9 -r1.1.1.9.2.1 \
src/crypto/dist/openssl/crypto/asn1/a_bitstr.c
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \
src/crypto/dist/openssl/crypto/asn1/a_type.c \
src/crypto/dist/openssl/crypto/asn1/a_verify.c
cvs rdiff -u -r1.9.4.1.10.1 -r1.9.4.1.10.2 \
src/crypto/dist/openssl/crypto/asn1/asn1.h
cvs rdiff -u -r1.1.1.8.4.1.10.1 -r1.1.1.8.4.1.10.2 \
src/crypto/dist/openssl/crypto/asn1/asn1_err.c
cvs rdiff -u -r1.8.4.1 -r1.8.4.1.10.1 \
src/crypto/dist/openssl/crypto/asn1/tasn_dec.c
cvs rdiff -u -r1.1.1.5 -r1.1.1.5.2.1 \
src/crypto/dist/openssl/crypto/asn1/x_algor.c
cvs rdiff -u -r1.11 -r1.11.2.1 src/crypto/dist/openssl/crypto/bio/bio.h
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.2.1 \
src/crypto/dist/openssl/crypto/bio/bss_dgram.c
cvs rdiff -u -r1.1.1.6 -r1.1.1.6.2.1 \
src/crypto/dist/openssl/crypto/bn/bn_asm.c
cvs rdiff -u -r1.6 -r1.6.2.1 src/crypto/dist/openssl/crypto/bn/bntest.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.52.1 \
src/crypto/dist/openssl/crypto/bn/asm/mips3.s
cvs rdiff -u -r1.1.1.4.36.1 -r1.1.1.4.36.2 \
src/crypto/dist/openssl/crypto/bn/asm/x86_64-gcc.c
cvs rdiff -u -r1.1.1.6 -r1.1.1.6.2.1 \
src/crypto/dist/openssl/crypto/dsa/dsa_vrf.c
cvs rdiff -u -r1.1.1.5 -r1.1.1.5.2.1 \
src/crypto/dist/openssl/crypto/ec/ec_mult.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
src/crypto/dist/openssl/crypto/ec/ec_pmeth.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.38.1 \
src/crypto/dist/openssl/crypto/ecdsa/ecs_vrf.c
cvs rdiff -u -r1.1.1.5.2.1 -r1.1.1.5.2.2 \
src/crypto/dist/openssl/crypto/evp/Makefile
cvs rdiff -u -r1.1.1.8.30.1 -r1.1.1.8.30.2 \
src/crypto/dist/openssl/crypto/evp/evp_enc.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
src/crypto/dist/openssl/crypto/objects/obj_xref.h \
src/crypto/dist/openssl/crypto/objects/objxref.pl
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
src/crypto/dist/openssl/crypto/ts/ts_rsp_sign.c
cvs rdiff -u -r1.12 -r1.12.2.1 src/crypto/dist/openssl/crypto/x509/x509.h
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.2.1 \
src/crypto/dist/openssl/crypto/x509/x509_vpm.c
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \
src/crypto/dist/openssl/crypto/x509/x_all.c
cvs rdiff -u -r1.3.4.2.6.2 -r1.3.4.2.6.3 \
src/crypto/dist/openssl/ssl/d1_both.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.2.1 src/crypto/dist/openssl/ssl/d1_clnt.c \
src/crypto/dist/openssl/ssl/d1_lib.c \
src/crypto/dist/openssl/ssl/d1_srvr.c
cvs rdiff -u -r1.1.1.3.4.1 -r1.1.1.3.4.1.2.1 \
src/crypto/dist/openssl/ssl/d1_enc.c
cvs rdiff -u -r1.1.1.5.4.2 -r1.1.1.5.4.2.2.1 \
src/crypto/dist/openssl/ssl/d1_pkt.c
cvs rdiff -u -r1.3 -r1.3.2.1 src/crypto/dist/openssl/ssl/dtls1.h
cvs rdiff -u -r1.6.2.2 -r1.6.2.3 src/crypto/dist/openssl/ssl/s23_srvr.c
cvs rdiff -u -r1.1.1.10 -r1.1.1.10.2.1 src/crypto/dist/openssl/ssl/s2_enc.c
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 src/crypto/dist/openssl/ssl/s2_pkt.c \
src/crypto/dist/openssl/ssl/s3_both.c
cvs rdiff -u -r1.9.4.1 -r1.9.4.1.10.1 src/crypto/dist/openssl/ssl/s2_srvr.c
cvs rdiff -u -r1.12.4.3.4.3 -r1.12.4.3.4.4 \
src/crypto/dist/openssl/ssl/s3_clnt.c
cvs rdiff -u -r1.1.1.12.4.2.2.1 -r1.1.1.12.4.2.2.2 \
src/crypto/dist/openssl/ssl/s3_enc.c
cvs rdiff -u -r1.14.4.1.6.1 -r1.14.4.1.6.2 \
src/crypto/dist/openssl/ssl/s3_lib.c
cvs rdiff -u -r1.9.4.3.6.2 -r1.9.4.3.6.3 src/crypto/dist/openssl/ssl/s3_pkt.c
cvs rdiff -u -r1.15.4.4.4.2 -r1.15.4.4.4.3 \
src/crypto/dist/openssl/ssl/s3_srvr.c
cvs rdiff -u -r1.18.4.1.6.1 -r1.18.4.1.6.2 src/crypto/dist/openssl/ssl/ssl.h
cvs rdiff -u -r1.13 -r1.13.2.1 src/crypto/dist/openssl/ssl/ssl_cert.c
cvs rdiff -u -r1.5.2.1 -r1.5.2.2 src/crypto/dist/openssl/ssl/ssl_lib.c
cvs rdiff -u -r1.13.4.1 -r1.13.4.1.6.1 src/crypto/dist/openssl/ssl/ssl_locl.h
cvs rdiff -u -r1.1.1.13 -r1.1.1.13.2.1 \
src/crypto/dist/openssl/util/libeay.num
cvs rdiff -u -r1.1.1.12 -r1.1.1.12.2.1 src/crypto/dist/openssl/util/mk1mf.pl
cvs rdiff -u -r1.25.2.12 -r1.25.2.12.2.1 src/distrib/sets/lists/base/md.amd64
cvs rdiff -u -r1.23.2.11 -r1.23.2.11.2.1 \
src/distrib/sets/lists/base/md.sparc64
cvs rdiff -u -r1.450.2.9 -r1.450.2.9.2.1 src/distrib/sets/lists/base/shl.mi
cvs rdiff -u -r1.14.4.1 -r1.14.4.1.6.1 src/lib/libcrypto/shlib_version
cvs rdiff -u -r1.8 -r1.8.2.1 src/lib/libssl/shlib_version
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
