diff --git a/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont.s b/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont.s index ea12bd408cb594..bdeb75d3500b34 100644 --- a/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont.s +++ b/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont.s @@ -31,6 +31,21 @@ bn_mul_mont: movq %r11,8(%rsp,%r9,8) .Lmul_body: + + + + + + + subq %rsp,%r11 + andq $-4096,%r11 +.Lmul_page_walk: + movq (%rsp,%r11,1),%r10 + subq $4096,%r11 +.byte 0x66,0x2e + + jnc .Lmul_page_walk + movq %rdx,%r12 movq (%r8),%r8 movq (%r12),%rbx @@ -228,6 +243,15 @@ bn_mul4x_mont: movq %r11,8(%rsp,%r9,8) .Lmul4x_body: + subq %rsp,%r11 + andq $-4096,%r11 +.Lmul4x_page_walk: + movq (%rsp,%r11,1),%r10 + subq $4096,%r11 +.byte 0x2e + + jnc .Lmul4x_page_walk + movq %rdi,16(%rsp,%r9,8) movq %rdx,%r12 movq (%r8),%r8 @@ -610,6 +634,7 @@ bn_mul4x_mont: .align 16 bn_sqr4x_mont: .Lsqr4x_enter: + movq %rsp,%rax pushq %rbx pushq %rbp pushq %r12 @@ -618,13 +643,25 @@ bn_sqr4x_mont: pushq %r15 shll $3,%r9d - xorq %r10,%r10 movq %rsp,%r11 - subq %r9,%r10 + negq %r9 movq (%r8),%r8 - leaq -72(%rsp,%r10,2),%rsp + leaq -72(%rsp,%r9,2),%rsp andq $-1024,%rsp + subq %rsp,%r11 + andq $-4096,%r11 +.Lsqr4x_page_walk: + movq (%rsp,%r11,1),%r10 + subq $4096,%r11 +.byte 0x2e + + jnc .Lsqr4x_page_walk + + movq %r9,%r10 + negq %r9 + leaq -48(%rax),%r11 + diff --git a/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont5.s b/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont5.s index 0cbcc78dfb6b45..9259a62a57384a 100644 --- a/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont5.s +++ b/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont5.s @@ -32,6 +32,21 @@ bn_mul_mont_gather5: movq %rax,8(%rsp,%r9,8) .Lmul_body: + + + + + + + subq %rsp,%rax + andq $-4096,%rax +.Lmul_page_walk: + movq (%rsp,%rax,1),%r11 + subq $4096,%rax +.byte 0x2e + + jnc .Lmul_page_walk + leaq 128(%rdx),%r12 movdqa 0(%r10),%xmm0 movdqa 16(%r10),%xmm1 @@ -420,6 +435,15 @@ bn_mul4x_mont_gather5: movq %rax,8(%rsp,%r9,8) .Lmul4x_body: + subq %rsp,%rax + andq $-4096,%rax +.Lmul4x_page_walk: + movq (%rsp,%rax,1),%r11 + subq $4096,%rax +.byte 0x2e + + jnc .Lmul4x_page_walk + movq %rdi,16(%rsp,%r9,8) leaq 128(%rdx),%r12 movdqa 0(%r10),%xmm0 diff --git a/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont.s b/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont.s index ece106c49842d7..859e1405d4f296 100644 --- a/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont.s +++ b/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont.s @@ -31,6 +31,21 @@ L$mul_enter: movq %r11,8(%rsp,%r9,8) L$mul_body: + + + + + + + subq %rsp,%r11 + andq $-4096,%r11 +L$mul_page_walk: + movq (%rsp,%r11,1),%r10 + subq $4096,%r11 +.byte 0x66,0x2e + + jnc L$mul_page_walk + movq %rdx,%r12 movq (%r8),%r8 movq (%r12),%rbx @@ -228,6 +243,15 @@ L$mul4x_enter: movq %r11,8(%rsp,%r9,8) L$mul4x_body: + subq %rsp,%r11 + andq $-4096,%r11 +L$mul4x_page_walk: + movq (%rsp,%r11,1),%r10 + subq $4096,%r11 +.byte 0x2e + + jnc L$mul4x_page_walk + movq %rdi,16(%rsp,%r9,8) movq %rdx,%r12 movq (%r8),%r8 @@ -610,6 +634,7 @@ L$mul4x_epilogue: .p2align 4 bn_sqr4x_mont: L$sqr4x_enter: + movq %rsp,%rax pushq %rbx pushq %rbp pushq %r12 @@ -618,13 +643,25 @@ L$sqr4x_enter: pushq %r15 shll $3,%r9d - xorq %r10,%r10 movq %rsp,%r11 - subq %r9,%r10 + negq %r9 movq (%r8),%r8 - leaq -72(%rsp,%r10,2),%rsp + leaq -72(%rsp,%r9,2),%rsp andq $-1024,%rsp + subq %rsp,%r11 + andq $-4096,%r11 +L$sqr4x_page_walk: + movq (%rsp,%r11,1),%r10 + subq $4096,%r11 +.byte 0x2e + + jnc L$sqr4x_page_walk + + movq %r9,%r10 + negq %r9 + leaq -48(%rax),%r11 + diff --git a/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont5.s b/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont5.s index cb4543ea60b134..c91081ac9a3f1d 100644 --- a/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont5.s +++ b/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont5.s @@ -32,6 +32,21 @@ L$mul_alloca: movq %rax,8(%rsp,%r9,8) L$mul_body: + + + + + + + subq %rsp,%rax + andq $-4096,%rax +L$mul_page_walk: + movq (%rsp,%rax,1),%r11 + subq $4096,%rax +.byte 0x2e + + jnc L$mul_page_walk + leaq 128(%rdx),%r12 movdqa 0(%r10),%xmm0 movdqa 16(%r10),%xmm1 @@ -420,6 +435,15 @@ L$mul4x_alloca: movq %rax,8(%rsp,%r9,8) L$mul4x_body: + subq %rsp,%rax + andq $-4096,%rax +L$mul4x_page_walk: + movq (%rsp,%rax,1),%r11 + subq $4096,%rax +.byte 0x2e + + jnc L$mul4x_page_walk + movq %rdi,16(%rsp,%r9,8) leaq 128(%rdx),%r12 movdqa 0(%r10),%xmm0 diff --git a/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont.asm b/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont.asm index f4518aa3bdb04f..c8b8f503718212 100644 --- a/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont.asm +++ b/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont.asm @@ -43,6 +43,21 @@ $L$mul_enter:: mov QWORD PTR[8+r9*8+rsp],r11 $L$mul_body:: + + + + + + + sub r11,rsp + and r11,-4096 +$L$mul_page_walk:: + mov r10,QWORD PTR[r11*1+rsp] + sub r11,4096 +DB 066h,02eh + + jnc $L$mul_page_walk + mov r12,rdx mov r8,QWORD PTR[r8] mov rbx,QWORD PTR[r12] @@ -255,6 +270,15 @@ $L$mul4x_enter:: mov QWORD PTR[8+r9*8+rsp],r11 $L$mul4x_body:: + sub r11,rsp + and r11,-4096 +$L$mul4x_page_walk:: + mov r10,QWORD PTR[r11*1+rsp] + sub r11,4096 +DB 02eh + + jnc $L$mul4x_page_walk + mov QWORD PTR[16+r9*8+rsp],rdi mov r12,rdx mov r8,QWORD PTR[r8] @@ -652,6 +676,7 @@ $L$SEH_begin_bn_sqr4x_mont:: $L$sqr4x_enter:: + mov rax,rsp push rbx push rbp push r12 @@ -660,13 +685,25 @@ $L$sqr4x_enter:: push r15 shl r9d,3 - xor r10,r10 mov r11,rsp - sub r10,r9 + neg r9 mov r8,QWORD PTR[r8] - lea rsp,QWORD PTR[((-72))+r10*2+rsp] + lea rsp,QWORD PTR[((-72))+r9*2+rsp] and rsp,-1024 + sub r11,rsp + and r11,-4096 +$L$sqr4x_page_walk:: + mov r10,QWORD PTR[r11*1+rsp] + sub r11,4096 +DB 02eh + + jnc $L$sqr4x_page_walk + + mov r10,r9 + neg r9 + lea r11,QWORD PTR[((-48))+rax] + diff --git a/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont5.asm b/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont5.asm index 0df45e3403060a..535b31bf431f3a 100644 --- a/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont5.asm +++ b/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont5.asm @@ -44,6 +44,21 @@ $L$mul_alloca:: mov QWORD PTR[8+r9*8+rsp],rax $L$mul_body:: + + + + + + + sub rax,rsp + and rax,-4096 +$L$mul_page_walk:: + mov r11,QWORD PTR[rax*1+rsp] + sub rax,4096 +DB 02eh + + jnc $L$mul_page_walk + lea r12,QWORD PTR[128+rdx] movdqa xmm0,XMMWORD PTR[r10] movdqa xmm1,XMMWORD PTR[16+r10] @@ -447,6 +462,15 @@ $L$mul4x_alloca:: mov QWORD PTR[8+r9*8+rsp],rax $L$mul4x_body:: + sub rax,rsp + and rax,-4096 +$L$mul4x_page_walk:: + mov r11,QWORD PTR[rax*1+rsp] + sub rax,4096 +DB 02eh + + jnc $L$mul4x_page_walk + mov QWORD PTR[16+r9*8+rsp],rdi lea r12,QWORD PTR[128+rdx] movdqa xmm0,XMMWORD PTR[r10] diff --git a/deps/openssl/asm/x86-elf-gas/bn/x86-mont.s b/deps/openssl/asm/x86-elf-gas/bn/x86-mont.s index d71cc6441c422e..40c8016d1408d4 100644 --- a/deps/openssl/asm/x86-elf-gas/bn/x86-mont.s +++ b/deps/openssl/asm/x86-elf-gas/bn/x86-mont.s @@ -29,6 +29,14 @@ bn_mul_mont: xorl $2048,%edx subl %edx,%esp andl $-64,%esp + movl %ebp,%eax + subl %esp,%eax + andl $-4096,%eax +.L001page_walk: + movl (%esp,%eax,1),%edx + subl $4096,%eax +.byte 46 + jnc .L001page_walk movl (%esi),%eax movl 4(%esi),%ebx movl 8(%esi),%ecx @@ -52,12 +60,12 @@ bn_mul_mont: leal 4(%edi,%ebx,4),%eax orl %edx,%ebp movl (%edi),%edi - jz .L001bn_sqr_mont + jz .L002bn_sqr_mont movl %eax,28(%esp) movl (%esi),%eax xorl %edx,%edx .align 16 -.L002mull: +.L003mull: movl %edx,%ebp mull %edi addl %eax,%ebp @@ -66,7 +74,7 @@ bn_mul_mont: movl (%esi,%ecx,4),%eax cmpl %ebx,%ecx movl %ebp,28(%esp,%ecx,4) - jl .L002mull + jl .L003mull movl %edx,%ebp mull %edi movl 20(%esp),%edi @@ -84,9 +92,9 @@ bn_mul_mont: movl 4(%esi),%eax adcl $0,%edx incl %ecx - jmp .L0032ndmadd + jmp .L0042ndmadd .align 16 -.L0041stmadd: +.L0051stmadd: movl %edx,%ebp mull %edi addl 32(%esp,%ecx,4),%ebp @@ -97,7 +105,7 @@ bn_mul_mont: adcl $0,%edx cmpl %ebx,%ecx movl %ebp,28(%esp,%ecx,4) - jl .L0041stmadd + jl .L0051stmadd movl %edx,%ebp mull %edi addl 32(%esp,%ebx,4),%eax @@ -120,7 +128,7 @@ bn_mul_mont: adcl $0,%edx movl $1,%ecx .align 16 -.L0032ndmadd: +.L0042ndmadd: movl %edx,%ebp mull %edi addl 32(%esp,%ecx,4),%ebp @@ -131,7 +139,7 @@ bn_mul_mont: adcl $0,%edx cmpl %ebx,%ecx movl %ebp,24(%esp,%ecx,4) - jl .L0032ndmadd + jl .L0042ndmadd movl %edx,%ebp mull %edi addl 32(%esp,%ebx,4),%ebp @@ -147,16 +155,16 @@ bn_mul_mont: movl %edx,32(%esp,%ebx,4) cmpl 28(%esp),%ecx movl %eax,36(%esp,%ebx,4) - je .L005common_tail + je .L006common_tail movl (%ecx),%edi movl 8(%esp),%esi movl %ecx,12(%esp) xorl %ecx,%ecx xorl %edx,%edx movl (%esi),%eax - jmp .L0041stmadd + jmp .L0051stmadd .align 16 -.L001bn_sqr_mont: +.L002bn_sqr_mont: movl %ebx,(%esp) movl %ecx,12(%esp) movl %edi,%eax @@ -167,7 +175,7 @@ bn_mul_mont: andl $1,%ebx incl %ecx .align 16 -.L006sqr: +.L007sqr: movl (%esi,%ecx,4),%eax movl %edx,%ebp mull %edi @@ -179,7 +187,7 @@ bn_mul_mont: cmpl (%esp),%ecx movl %eax,%ebx movl %ebp,28(%esp,%ecx,4) - jl .L006sqr + jl .L007sqr movl (%esi,%ecx,4),%eax movl %edx,%ebp mull %edi @@ -203,7 +211,7 @@ bn_mul_mont: movl 4(%esi),%eax movl $1,%ecx .align 16 -.L0073rdmadd: +.L0083rdmadd: movl %edx,%ebp mull %edi addl 32(%esp,%ecx,4),%ebp @@ -222,7 +230,7 @@ bn_mul_mont: adcl $0,%edx cmpl %ebx,%ecx movl %ebp,24(%esp,%ecx,4) - jl .L0073rdmadd + jl .L0083rdmadd movl %edx,%ebp mull %edi addl 32(%esp,%ebx,4),%ebp @@ -238,7 +246,7 @@ bn_mul_mont: movl %edx,32(%esp,%ebx,4) cmpl %ebx,%ecx movl %eax,36(%esp,%ebx,4) - je .L005common_tail + je .L006common_tail movl 4(%esi,%ecx,4),%edi leal 1(%ecx),%ecx movl %edi,%eax @@ -250,12 +258,12 @@ bn_mul_mont: xorl %ebp,%ebp cmpl %ebx,%ecx leal 1(%ecx),%ecx - je .L008sqrlast + je .L009sqrlast movl %edx,%ebx shrl $1,%edx andl $1,%ebx .align 16 -.L009sqradd: +.L010sqradd: movl (%esi,%ecx,4),%eax movl %edx,%ebp mull %edi @@ -271,13 +279,13 @@ bn_mul_mont: cmpl (%esp),%ecx movl %ebp,28(%esp,%ecx,4) movl %eax,%ebx - jle .L009sqradd + jle .L010sqradd movl %edx,%ebp addl %edx,%edx shrl $31,%ebp addl %ebx,%edx adcl $0,%ebp -.L008sqrlast: +.L009sqrlast: movl 20(%esp),%edi movl 16(%esp),%esi imull 32(%esp),%edi @@ -292,9 +300,9 @@ bn_mul_mont: adcl $0,%edx movl $1,%ecx movl 4(%esi),%eax - jmp .L0073rdmadd + jmp .L0083rdmadd .align 16 -.L005common_tail: +.L006common_tail: movl 16(%esp),%ebp movl 4(%esp),%edi leal 32(%esp),%esi @@ -302,13 +310,13 @@ bn_mul_mont: movl %ebx,%ecx xorl %edx,%edx .align 16 -.L010sub: +.L011sub: sbbl (%ebp,%edx,4),%eax movl %eax,(%edi,%edx,4) decl %ecx movl 4(%esi,%edx,4),%eax leal 1(%edx),%edx - jge .L010sub + jge .L011sub sbbl $0,%eax andl %eax,%esi notl %eax @@ -316,12 +324,12 @@ bn_mul_mont: andl %eax,%ebp orl %ebp,%esi .align 16 -.L011copy: +.L012copy: movl (%esi,%ebx,4),%eax movl %eax,(%edi,%ebx,4) movl %ecx,32(%esp,%ebx,4) decl %ebx - jge .L011copy + jge .L012copy movl 24(%esp),%esp movl $1,%eax .L000just_leave: diff --git a/deps/openssl/asm/x86-macosx-gas/bn/x86-mont.s b/deps/openssl/asm/x86-macosx-gas/bn/x86-mont.s index 48598cc62dd5d5..bec6bbe824828a 100644 --- a/deps/openssl/asm/x86-macosx-gas/bn/x86-mont.s +++ b/deps/openssl/asm/x86-macosx-gas/bn/x86-mont.s @@ -28,6 +28,14 @@ L_bn_mul_mont_begin: xorl $2048,%edx subl %edx,%esp andl $-64,%esp + movl %ebp,%eax + subl %esp,%eax + andl $-4096,%eax +L001page_walk: + movl (%esp,%eax,1),%edx + subl $4096,%eax +.byte 46 + jnc L001page_walk movl (%esi),%eax movl 4(%esi),%ebx movl 8(%esi),%ecx @@ -51,12 +59,12 @@ L_bn_mul_mont_begin: leal 4(%edi,%ebx,4),%eax orl %edx,%ebp movl (%edi),%edi - jz L001bn_sqr_mont + jz L002bn_sqr_mont movl %eax,28(%esp) movl (%esi),%eax xorl %edx,%edx .align 4,0x90 -L002mull: +L003mull: movl %edx,%ebp mull %edi addl %eax,%ebp @@ -65,7 +73,7 @@ L002mull: movl (%esi,%ecx,4),%eax cmpl %ebx,%ecx movl %ebp,28(%esp,%ecx,4) - jl L002mull + jl L003mull movl %edx,%ebp mull %edi movl 20(%esp),%edi @@ -83,9 +91,9 @@ L002mull: movl 4(%esi),%eax adcl $0,%edx incl %ecx - jmp L0032ndmadd + jmp L0042ndmadd .align 4,0x90 -L0041stmadd: +L0051stmadd: movl %edx,%ebp mull %edi addl 32(%esp,%ecx,4),%ebp @@ -96,7 +104,7 @@ L0041stmadd: adcl $0,%edx cmpl %ebx,%ecx movl %ebp,28(%esp,%ecx,4) - jl L0041stmadd + jl L0051stmadd movl %edx,%ebp mull %edi addl 32(%esp,%ebx,4),%eax @@ -119,7 +127,7 @@ L0041stmadd: adcl $0,%edx movl $1,%ecx .align 4,0x90 -L0032ndmadd: +L0042ndmadd: movl %edx,%ebp mull %edi addl 32(%esp,%ecx,4),%ebp @@ -130,7 +138,7 @@ L0032ndmadd: adcl $0,%edx cmpl %ebx,%ecx movl %ebp,24(%esp,%ecx,4) - jl L0032ndmadd + jl L0042ndmadd movl %edx,%ebp mull %edi addl 32(%esp,%ebx,4),%ebp @@ -146,16 +154,16 @@ L0032ndmadd: movl %edx,32(%esp,%ebx,4) cmpl 28(%esp),%ecx movl %eax,36(%esp,%ebx,4) - je L005common_tail + je L006common_tail movl (%ecx),%edi movl 8(%esp),%esi movl %ecx,12(%esp) xorl %ecx,%ecx xorl %edx,%edx movl (%esi),%eax - jmp L0041stmadd + jmp L0051stmadd .align 4,0x90 -L001bn_sqr_mont: +L002bn_sqr_mont: movl %ebx,(%esp) movl %ecx,12(%esp) movl %edi,%eax @@ -166,7 +174,7 @@ L001bn_sqr_mont: andl $1,%ebx incl %ecx .align 4,0x90 -L006sqr: +L007sqr: movl (%esi,%ecx,4),%eax movl %edx,%ebp mull %edi @@ -178,7 +186,7 @@ L006sqr: cmpl (%esp),%ecx movl %eax,%ebx movl %ebp,28(%esp,%ecx,4) - jl L006sqr + jl L007sqr movl (%esi,%ecx,4),%eax movl %edx,%ebp mull %edi @@ -202,7 +210,7 @@ L006sqr: movl 4(%esi),%eax movl $1,%ecx .align 4,0x90 -L0073rdmadd: +L0083rdmadd: movl %edx,%ebp mull %edi addl 32(%esp,%ecx,4),%ebp @@ -221,7 +229,7 @@ L0073rdmadd: adcl $0,%edx cmpl %ebx,%ecx movl %ebp,24(%esp,%ecx,4) - jl L0073rdmadd + jl L0083rdmadd movl %edx,%ebp mull %edi addl 32(%esp,%ebx,4),%ebp @@ -237,7 +245,7 @@ L0073rdmadd: movl %edx,32(%esp,%ebx,4) cmpl %ebx,%ecx movl %eax,36(%esp,%ebx,4) - je L005common_tail + je L006common_tail movl 4(%esi,%ecx,4),%edi leal 1(%ecx),%ecx movl %edi,%eax @@ -249,12 +257,12 @@ L0073rdmadd: xorl %ebp,%ebp cmpl %ebx,%ecx leal 1(%ecx),%ecx - je L008sqrlast + je L009sqrlast movl %edx,%ebx shrl $1,%edx andl $1,%ebx .align 4,0x90 -L009sqradd: +L010sqradd: movl (%esi,%ecx,4),%eax movl %edx,%ebp mull %edi @@ -270,13 +278,13 @@ L009sqradd: cmpl (%esp),%ecx movl %ebp,28(%esp,%ecx,4) movl %eax,%ebx - jle L009sqradd + jle L010sqradd movl %edx,%ebp addl %edx,%edx shrl $31,%ebp addl %ebx,%edx adcl $0,%ebp -L008sqrlast: +L009sqrlast: movl 20(%esp),%edi movl 16(%esp),%esi imull 32(%esp),%edi @@ -291,9 +299,9 @@ L008sqrlast: adcl $0,%edx movl $1,%ecx movl 4(%esi),%eax - jmp L0073rdmadd + jmp L0083rdmadd .align 4,0x90 -L005common_tail: +L006common_tail: movl 16(%esp),%ebp movl 4(%esp),%edi leal 32(%esp),%esi @@ -301,13 +309,13 @@ L005common_tail: movl %ebx,%ecx xorl %edx,%edx .align 4,0x90 -L010sub: +L011sub: sbbl (%ebp,%edx,4),%eax movl %eax,(%edi,%edx,4) decl %ecx movl 4(%esi,%edx,4),%eax leal 1(%edx),%edx - jge L010sub + jge L011sub sbbl $0,%eax andl %eax,%esi notl %eax @@ -315,12 +323,12 @@ L010sub: andl %eax,%ebp orl %ebp,%esi .align 4,0x90 -L011copy: +L012copy: movl (%esi,%ebx,4),%eax movl %eax,(%edi,%ebx,4) movl %ecx,32(%esp,%ebx,4) decl %ebx - jge L011copy + jge L012copy movl 24(%esp),%esp movl $1,%eax L000just_leave: diff --git a/deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm b/deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm index 031be4e7ea51df..476e96dc5499cb 100644 --- a/deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm +++ b/deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm @@ -37,6 +37,14 @@ $L_bn_mul_mont_begin:: xor edx,2048 sub esp,edx and esp,-64 + mov eax,ebp + sub eax,esp + and eax,-4096 +$L001page_walk: + mov edx,DWORD PTR [eax*1+esp] + sub eax,4096 +DB 46 + jnc $L001page_walk mov eax,DWORD PTR [esi] mov ebx,DWORD PTR 4[esi] mov ecx,DWORD PTR 8[esi] @@ -60,12 +68,12 @@ $L_bn_mul_mont_begin:: lea eax,DWORD PTR 4[ebx*4+edi] or ebp,edx mov edi,DWORD PTR [edi] - jz $L001bn_sqr_mont + jz $L002bn_sqr_mont mov DWORD PTR 28[esp],eax mov eax,DWORD PTR [esi] xor edx,edx ALIGN 16 -$L002mull: +$L003mull: mov ebp,edx mul edi add ebp,eax @@ -74,7 +82,7 @@ $L002mull: mov eax,DWORD PTR [ecx*4+esi] cmp ecx,ebx mov DWORD PTR 28[ecx*4+esp],ebp - jl $L002mull + jl $L003mull mov ebp,edx mul edi mov edi,DWORD PTR 20[esp] @@ -92,9 +100,9 @@ $L002mull: mov eax,DWORD PTR 4[esi] adc edx,0 inc ecx - jmp $L0032ndmadd + jmp $L0042ndmadd ALIGN 16 -$L0041stmadd: +$L0051stmadd: mov ebp,edx mul edi add ebp,DWORD PTR 32[ecx*4+esp] @@ -105,7 +113,7 @@ $L0041stmadd: adc edx,0 cmp ecx,ebx mov DWORD PTR 28[ecx*4+esp],ebp - jl $L0041stmadd + jl $L0051stmadd mov ebp,edx mul edi add eax,DWORD PTR 32[ebx*4+esp] @@ -128,7 +136,7 @@ $L0041stmadd: adc edx,0 mov ecx,1 ALIGN 16 -$L0032ndmadd: +$L0042ndmadd: mov ebp,edx mul edi add ebp,DWORD PTR 32[ecx*4+esp] @@ -139,7 +147,7 @@ $L0032ndmadd: adc edx,0 cmp ecx,ebx mov DWORD PTR 24[ecx*4+esp],ebp - jl $L0032ndmadd + jl $L0042ndmadd mov ebp,edx mul edi add ebp,DWORD PTR 32[ebx*4+esp] @@ -155,16 +163,16 @@ $L0032ndmadd: mov DWORD PTR 32[ebx*4+esp],edx cmp ecx,DWORD PTR 28[esp] mov DWORD PTR 36[ebx*4+esp],eax - je $L005common_tail + je $L006common_tail mov edi,DWORD PTR [ecx] mov esi,DWORD PTR 8[esp] mov DWORD PTR 12[esp],ecx xor ecx,ecx xor edx,edx mov eax,DWORD PTR [esi] - jmp $L0041stmadd + jmp $L0051stmadd ALIGN 16 -$L001bn_sqr_mont: +$L002bn_sqr_mont: mov DWORD PTR [esp],ebx mov DWORD PTR 12[esp],ecx mov eax,edi @@ -175,7 +183,7 @@ $L001bn_sqr_mont: and ebx,1 inc ecx ALIGN 16 -$L006sqr: +$L007sqr: mov eax,DWORD PTR [ecx*4+esi] mov ebp,edx mul edi @@ -187,7 +195,7 @@ $L006sqr: cmp ecx,DWORD PTR [esp] mov ebx,eax mov DWORD PTR 28[ecx*4+esp],ebp - jl $L006sqr + jl $L007sqr mov eax,DWORD PTR [ecx*4+esi] mov ebp,edx mul edi @@ -211,7 +219,7 @@ $L006sqr: mov eax,DWORD PTR 4[esi] mov ecx,1 ALIGN 16 -$L0073rdmadd: +$L0083rdmadd: mov ebp,edx mul edi add ebp,DWORD PTR 32[ecx*4+esp] @@ -230,7 +238,7 @@ $L0073rdmadd: adc edx,0 cmp ecx,ebx mov DWORD PTR 24[ecx*4+esp],ebp - jl $L0073rdmadd + jl $L0083rdmadd mov ebp,edx mul edi add ebp,DWORD PTR 32[ebx*4+esp] @@ -246,7 +254,7 @@ $L0073rdmadd: mov DWORD PTR 32[ebx*4+esp],edx cmp ecx,ebx mov DWORD PTR 36[ebx*4+esp],eax - je $L005common_tail + je $L006common_tail mov edi,DWORD PTR 4[ecx*4+esi] lea ecx,DWORD PTR 1[ecx] mov eax,edi @@ -258,12 +266,12 @@ $L0073rdmadd: xor ebp,ebp cmp ecx,ebx lea ecx,DWORD PTR 1[ecx] - je $L008sqrlast + je $L009sqrlast mov ebx,edx shr edx,1 and ebx,1 ALIGN 16 -$L009sqradd: +$L010sqradd: mov eax,DWORD PTR [ecx*4+esi] mov ebp,edx mul edi @@ -279,13 +287,13 @@ $L009sqradd: cmp ecx,DWORD PTR [esp] mov DWORD PTR 28[ecx*4+esp],ebp mov ebx,eax - jle $L009sqradd + jle $L010sqradd mov ebp,edx add edx,edx shr ebp,31 add edx,ebx adc ebp,0 -$L008sqrlast: +$L009sqrlast: mov edi,DWORD PTR 20[esp] mov esi,DWORD PTR 16[esp] imul edi,DWORD PTR 32[esp] @@ -300,9 +308,9 @@ $L008sqrlast: adc edx,0 mov ecx,1 mov eax,DWORD PTR 4[esi] - jmp $L0073rdmadd + jmp $L0083rdmadd ALIGN 16 -$L005common_tail: +$L006common_tail: mov ebp,DWORD PTR 16[esp] mov edi,DWORD PTR 4[esp] lea esi,DWORD PTR 32[esp] @@ -310,13 +318,13 @@ $L005common_tail: mov ecx,ebx xor edx,edx ALIGN 16 -$L010sub: +$L011sub: sbb eax,DWORD PTR [edx*4+ebp] mov DWORD PTR [edx*4+edi],eax dec ecx mov eax,DWORD PTR 4[edx*4+esi] lea edx,DWORD PTR 1[edx] - jge $L010sub + jge $L011sub sbb eax,0 and esi,eax not eax @@ -324,12 +332,12 @@ $L010sub: and ebp,eax or esi,ebp ALIGN 16 -$L011copy: +$L012copy: mov eax,DWORD PTR [ebx*4+esi] mov DWORD PTR [ebx*4+edi],eax mov DWORD PTR 32[ebx*4+esp],ecx dec ebx - jge $L011copy + jge $L012copy mov esp,DWORD PTR 24[esp] mov eax,1 $L000just_leave: diff --git a/deps/openssl/openssl/CHANGES b/deps/openssl/openssl/CHANGES index 928931738e6ca5..1c7a5edcb42152 100644 --- a/deps/openssl/openssl/CHANGES +++ b/deps/openssl/openssl/CHANGES @@ -2,6 +2,103 @@ OpenSSL CHANGES _______________ + Changes between 1.0.1s and 1.0.1t [3 May 2016] + + *) Prevent padding oracle in AES-NI CBC MAC check + + A MITM attacker can use a padding oracle attack to decrypt traffic + when the connection uses an AES CBC cipher and the server support + AES-NI. + + This issue was introduced as part of the fix for Lucky 13 padding + attack (CVE-2013-0169). The padding check was rewritten to be in + constant time by making sure that always the same bytes are read and + compared against either the MAC or padding bytes. But it no longer + checked that there was enough data to have both the MAC and padding + bytes. + + This issue was reported by Juraj Somorovsky using TLS-Attacker. + (CVE-2016-2107) + [Kurt Roeckx] + + *) Fix EVP_EncodeUpdate overflow + + An overflow can occur in the EVP_EncodeUpdate() function which is used for + Base64 encoding of binary data. If an attacker is able to supply very large + amounts of input data then a length check can overflow resulting in a heap + corruption. + + Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by + the PEM_write_bio* family of functions. These are mainly used within the + OpenSSL command line applications, so any application which processes data + from an untrusted source and outputs it as a PEM file should be considered + vulnerable to this issue. User applications that call these APIs directly + with large amounts of untrusted data may also be vulnerable. + + This issue was reported by Guido Vranken. + (CVE-2016-2105) + [Matt Caswell] + + *) Fix EVP_EncryptUpdate overflow + + An overflow can occur in the EVP_EncryptUpdate() function. If an attacker + is able to supply very large amounts of input data after a previous call to + EVP_EncryptUpdate() with a partial block then a length check can overflow + resulting in a heap corruption. Following an analysis of all OpenSSL + internal usage of the EVP_EncryptUpdate() function all usage is one of two + forms. The first form is where the EVP_EncryptUpdate() call is known to be + the first called function after an EVP_EncryptInit(), and therefore that + specific call must be safe. The second form is where the length passed to + EVP_EncryptUpdate() can be seen from the code to be some small value and + therefore there is no possibility of an overflow. Since all instances are + one of these two forms, it is believed that there can be no overflows in + internal code due to this problem. It should be noted that + EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths. + Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances + of these calls have also been analysed too and it is believed there are no + instances in internal usage where an overflow could occur. + + This issue was reported by Guido Vranken. + (CVE-2016-2106) + [Matt Caswell] + + *) Prevent ASN.1 BIO excessive memory allocation + + When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio() + a short invalid encoding can casuse allocation of large amounts of memory + potentially consuming excessive resources or exhausting memory. + + Any application parsing untrusted data through d2i BIO functions is + affected. The memory based functions such as d2i_X509() are *not* affected. + Since the memory based functions are used by the TLS library, TLS + applications are not affected. + + This issue was reported by Brian Carpenter. + (CVE-2016-2109) + [Stephen Henson] + + *) EBCDIC overread + + ASN1 Strings that are over 1024 bytes can cause an overread in applications + using the X509_NAME_oneline() function on EBCDIC systems. This could result + in arbitrary stack data being returned in the buffer. + + This issue was reported by Guido Vranken. + (CVE-2016-2176) + [Matt Caswell] + + *) Modify behavior of ALPN to invoke callback after SNI/servername + callback, such that updates to the SSL_CTX affect ALPN. + [Todd Short] + + *) Remove LOW from the DEFAULT cipher list. This removes singles DES from the + default. + [Kurt Roeckx] + + *) Only remove the SSLv2 methods with the no-ssl2-method option. When the + methods are enabled and ssl2 is disabled the methods return NULL. + [Kurt Roeckx] + Changes between 1.0.1r and 1.0.1s [1 Mar 2016] * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. @@ -8098,7 +8195,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k *) Source code cleanups: use const where appropriate, eliminate casts, use void * instead of char * in lhash. - [Ulf Möller] + [Ulf Möller] *) Bugfix: ssl3_send_server_key_exchange was not restartable (the state was not changed to SSL3_ST_SW_KEY_EXCH_B, and because of diff --git a/deps/openssl/openssl/Makefile b/deps/openssl/openssl/Makefile index 7945cdec62c130..f2c621d58d7883 100644 --- a/deps/openssl/openssl/Makefile +++ b/deps/openssl/openssl/Makefile @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=1.0.1r +VERSION=1.0.1t MAJOR=1 MINOR=0.1 SHLIB_VERSION_NUMBER=1.0.0 @@ -13,7 +13,7 @@ SHLIB_MAJOR=1 SHLIB_MINOR=0.0 SHLIB_EXT= PLATFORM=dist -OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store no-unit-test no-zlib no-zlib-dynamic static-engine +OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-ssl2 no-store no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic static-engine CONFIGURE_ARGS=dist SHLIB_TARGET= @@ -61,7 +61,7 @@ OPENSSLDIR=/usr/local/ssl CC= cc CFLAG= -O -DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST +DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS PEX_LIBS= EX_LIBS= EXE_EXT= diff --git a/deps/openssl/openssl/Makefile.bak b/deps/openssl/openssl/Makefile.bak index 071deff6d09548..1d95162b399691 100644 --- a/deps/openssl/openssl/Makefile.bak +++ b/deps/openssl/openssl/Makefile.bak @@ -4,18 +4,18 @@ ## Makefile for OpenSSL ## -VERSION=1.0.1r-dev +VERSION=1.0.1t MAJOR=1 MINOR=0.1 SHLIB_VERSION_NUMBER=1.0.0 SHLIB_VERSION_HISTORY= SHLIB_MAJOR=1 SHLIB_MINOR=0.0 -SHLIB_EXT= -PLATFORM=gcc -OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store no-unit-test no-zlib no-zlib-dynamic static-engine -CONFIGURE_ARGS=gcc -SHLIB_TARGET= +SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR) +PLATFORM=linux-x86_64 +OPTIONS=-Wa,--noexecstack no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-ssl2 no-store no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic static-engine +CONFIGURE_ARGS=linux-x86_64 -Wa,--noexecstack +SHLIB_TARGET=linux-shared # HERE indicates where this Makefile lives. This can be used to indicate # where sub-Makefiles are expected to be. Currently has very limited usage, @@ -60,10 +60,10 @@ OPENSSLDIR=/usr/local/ssl # PKCS1_CHECK - pkcs1 tests. CC= gcc -CFLAG= -O3 -DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST +CFLAG= -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM +DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL2 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS PEX_LIBS= -EX_LIBS= +EX_LIBS= -ldl EXE_EXT= ARFLAGS= AR= ar $(ARFLAGS) r @@ -88,22 +88,22 @@ ASFLAG=$(CFLAG) PROCESSOR= # CPUID module collects small commonly used assembler snippets -CPUID_OBJ= mem_clr.o -BN_ASM= bn_asm.o +CPUID_OBJ= x86_64cpuid.o +BN_ASM= x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o DES_ENC= des_enc.o fcrypt_b.o -AES_ENC= aes_core.o aes_cbc.o +AES_ENC= aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o BF_ENC= bf_enc.o CAST_ENC= c_enc.o -RC4_ENC= rc4_enc.o rc4_skey.o +RC4_ENC= rc4-x86_64.o rc4-md5-x86_64.o RC5_ENC= rc5_enc.o -MD5_ASM_OBJ= -SHA1_ASM_OBJ= +MD5_ASM_OBJ= md5-x86_64.o +SHA1_ASM_OBJ= sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o RMD160_ASM_OBJ= -WP_ASM_OBJ= wp_block.o -CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o -MODES_ASM_OBJ= +WP_ASM_OBJ= wp-x86_64.o +CMLL_ENC= cmll-x86_64.o cmll_misc.o +MODES_ASM_OBJ= ghash-x86_64.o ENGINES_ASM_OBJ= -PERLASM_SCHEME= +PERLASM_SCHEME= elf # KRB5 stuff KRB5_INCLUDES= @@ -175,8 +175,8 @@ LIBS= libcrypto.a libssl.a SHARED_CRYPTO=libcrypto$(SHLIB_EXT) SHARED_SSL=libssl$(SHLIB_EXT) SHARED_LIBS= -SHARED_LIBS_LINK_EXTS= -SHARED_LDFLAGS= +SHARED_LIBS_LINK_EXTS=.so.$(SHLIB_MAJOR) .so +SHARED_LDFLAGS=-m64 GENERAL= Makefile BASENAME= openssl diff --git a/deps/openssl/openssl/NEWS b/deps/openssl/openssl/NEWS index 26c7aa5d33412b..0fb2cc391a355f 100644 --- a/deps/openssl/openssl/NEWS +++ b/deps/openssl/openssl/NEWS @@ -5,6 +5,19 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [3 May 2016] + + o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107) + o Fix EVP_EncodeUpdate overflow (CVE-2016-2105) + o Fix EVP_EncryptUpdate overflow (CVE-2016-2106) + o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109) + o EBCDIC overread (CVE-2016-2176) + o Modify behavior of ALPN to invoke callback after SNI/servername + callback, such that updates to the SSL_CTX affect ALPN. + o Remove LOW from the DEFAULT cipher list. This removes singles DES from + the default. + o Only remove the SSLv2 methods with the no-ssl2-method option. + Major changes between OpenSSL 1.0.1r and OpenSSL 1.0.1s [1 Mar 2016] o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. diff --git a/deps/openssl/openssl/README b/deps/openssl/openssl/README index adde4e8d7e4e32..9395f2ba858c28 100644 --- a/deps/openssl/openssl/README +++ b/deps/openssl/openssl/README @@ -1,5 +1,5 @@ - OpenSSL 1.0.1s 1 Mar 2016 + OpenSSL 1.0.1t 3 May 2016 Copyright (c) 1998-2015 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/deps/openssl/openssl/apps/pkcs7.c b/deps/openssl/openssl/apps/pkcs7.c index 643507f216a046..b6776331839760 100644 --- a/deps/openssl/openssl/apps/pkcs7.c +++ b/deps/openssl/openssl/apps/pkcs7.c @@ -235,12 +235,16 @@ int MAIN(int argc, char **argv) i = OBJ_obj2nid(p7->type); switch (i) { case NID_pkcs7_signed: - certs = p7->d.sign->cert; - crls = p7->d.sign->crl; + if (p7->d.sign != NULL) { + certs = p7->d.sign->cert; + crls = p7->d.sign->crl; + } break; case NID_pkcs7_signedAndEnveloped: - certs = p7->d.signed_and_enveloped->cert; - crls = p7->d.signed_and_enveloped->crl; + if (p7->d.signed_and_enveloped != NULL) { + certs = p7->d.signed_and_enveloped->cert; + crls = p7->d.signed_and_enveloped->crl; + } break; default: break; diff --git a/deps/openssl/openssl/crypto/asn1/a_bytes.c b/deps/openssl/openssl/crypto/asn1/a_bytes.c index 12715a72809db6..385b53986a2991 100644 --- a/deps/openssl/openssl/crypto/asn1/a_bytes.c +++ b/deps/openssl/openssl/crypto/asn1/a_bytes.c @@ -200,13 +200,13 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, } else { if (len != 0) { if ((ret->length < len) || (ret->data == NULL)) { - if (ret->data != NULL) - OPENSSL_free(ret->data); s = (unsigned char *)OPENSSL_malloc((int)len + 1); if (s == NULL) { i = ERR_R_MALLOC_FAILURE; goto err; } + if (ret->data != NULL) + OPENSSL_free(ret->data); } else s = ret->data; memcpy(s, p, (int)len); diff --git a/deps/openssl/openssl/crypto/asn1/a_d2i_fp.c b/deps/openssl/openssl/crypto/asn1/a_d2i_fp.c index a1864b42c97788..51b6f245ab10b8 100644 --- a/deps/openssl/openssl/crypto/asn1/a_d2i_fp.c +++ b/deps/openssl/openssl/crypto/asn1/a_d2i_fp.c @@ -141,6 +141,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x) #endif #define HEADER_SIZE 8 +#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024) static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) { BUF_MEM *b; @@ -217,29 +218,44 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) /* suck in c.slen bytes of data */ want = c.slen; if (want > (len - off)) { + size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE; + want -= (len - off); if (want > INT_MAX /* BIO_read takes an int length */ || len + want < len) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG); goto err; } - if (!BUF_MEM_grow_clean(b, len + want)) { - ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE); - goto err; - } while (want > 0) { - i = BIO_read(in, &(b->data[len]), want); - if (i <= 0) { - ASN1err(ASN1_F_ASN1_D2I_READ_BIO, - ASN1_R_NOT_ENOUGH_DATA); + /* + * Read content in chunks of increasing size + * so we can return an error for EOF without + * having to allocate the entire content length + * in one go. + */ + size_t chunk = want > chunk_max ? chunk_max : want; + + if (!BUF_MEM_grow_clean(b, len + chunk)) { + ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE); goto err; } + want -= chunk; + while (chunk > 0) { + i = BIO_read(in, &(b->data[len]), chunk); + if (i <= 0) { + ASN1err(ASN1_F_ASN1_D2I_READ_BIO, + ASN1_R_NOT_ENOUGH_DATA); + goto err; + } /* * This can't overflow because |len+want| didn't * overflow. */ - len += i; - want -= i; + len += i; + chunk -= i; + } + if (chunk_max < INT_MAX/2) + chunk_max *= 2; } } if (off + c.slen < off) { diff --git a/deps/openssl/openssl/crypto/asn1/a_type.c b/deps/openssl/openssl/crypto/asn1/a_type.c index af795306b5bf58..bb166e8568b5b9 100644 --- a/deps/openssl/openssl/crypto/asn1/a_type.c +++ b/deps/openssl/openssl/crypto/asn1/a_type.c @@ -126,9 +126,7 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b) result = 0; /* They do not have content. */ break; case V_ASN1_INTEGER: - case V_ASN1_NEG_INTEGER: case V_ASN1_ENUMERATED: - case V_ASN1_NEG_ENUMERATED: case V_ASN1_BIT_STRING: case V_ASN1_OCTET_STRING: case V_ASN1_SEQUENCE: diff --git a/deps/openssl/openssl/crypto/asn1/asn1_lib.c b/deps/openssl/openssl/crypto/asn1/asn1_lib.c index 0b61fc930967c8..874b1af8b09a41 100644 --- a/deps/openssl/openssl/crypto/asn1/asn1_lib.c +++ b/deps/openssl/openssl/crypto/asn1/asn1_lib.c @@ -63,7 +63,7 @@ #include static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, - int max); + long max); static void asn1_put_length(unsigned char **pp, int length); const char ASN1_version[] = "ASN.1" OPENSSL_VERSION_PTEXT; @@ -131,7 +131,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, } *ptag = tag; *pclass = xclass; - if (!asn1_get_length(&p, &inf, plength, (int)max)) + if (!asn1_get_length(&p, &inf, plength, max)) goto err; if (inf && !(ret & V_ASN1_CONSTRUCTED)) @@ -159,14 +159,14 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, } static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, - int max) + long max) { const unsigned char *p = *pp; unsigned long ret = 0; - unsigned int i; + unsigned long i; if (max-- < 1) - return (0); + return 0; if (*p == 0x80) { *inf = 1; ret = 0; @@ -175,15 +175,11 @@ static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, *inf = 0; i = *p & 0x7f; if (*(p++) & 0x80) { - if (i > sizeof(long)) + if (i > sizeof(ret) || max < (long)i) return 0; - if (max-- == 0) - return (0); while (i-- > 0) { ret <<= 8L; ret |= *(p++); - if (max-- == 0) - return (0); } } else ret = i; @@ -192,7 +188,7 @@ static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, return 0; *pp = p; *rl = (long)ret; - return (1); + return 1; } /* diff --git a/deps/openssl/openssl/crypto/asn1/asn1_par.c b/deps/openssl/openssl/crypto/asn1/asn1_par.c index 0ca985a2be1e70..e85e3398b6bb82 100644 --- a/deps/openssl/openssl/crypto/asn1/asn1_par.c +++ b/deps/openssl/openssl/crypto/asn1/asn1_par.c @@ -173,6 +173,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, if (!asn1_print_info(bp, tag, xclass, j, (indent) ? depth : 0)) goto end; if (j & V_ASN1_CONSTRUCTED) { + const unsigned char *sp; + ep = p + len; if (BIO_write(bp, "\n", 1) <= 0) goto end; @@ -182,6 +184,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, goto end; } if ((j == 0x21) && (len == 0)) { + sp = p; for (;;) { r = asn1_parse2(bp, &p, (long)(tot - p), offset + (p - *pp), depth + 1, @@ -190,19 +193,25 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, ret = 0; goto end; } - if ((r == 2) || (p >= tot)) + if ((r == 2) || (p >= tot)) { + len = p - sp; break; + } } - } else + } else { + long tmp = len; + while (p < ep) { - r = asn1_parse2(bp, &p, (long)len, - offset + (p - *pp), depth + 1, + sp = p; + r = asn1_parse2(bp, &p, tmp, offset + (p - *pp), depth + 1, indent, dump); if (r == 0) { ret = 0; goto end; } + tmp -= p - sp; } + } } else if (xclass != 0) { p += len; if (BIO_write(bp, "\n", 1) <= 0) diff --git a/deps/openssl/openssl/crypto/asn1/t_x509.c b/deps/openssl/openssl/crypto/asn1/t_x509.c index 4e7c45dd5ddc89..4f69b5113f988b 100644 --- a/deps/openssl/openssl/crypto/asn1/t_x509.c +++ b/deps/openssl/openssl/crypto/asn1/t_x509.c @@ -140,7 +140,8 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, goto err; bs = X509_get_serialNumber(x); - if (bs->length <= (int)sizeof(long)) { + if (bs->length < (int)sizeof(long) + || (bs->length == sizeof(long) && (bs->data[0] & 0x80) == 0)) { l = ASN1_INTEGER_get(bs); if (bs->type == V_ASN1_NEG_INTEGER) { l = -l; diff --git a/deps/openssl/openssl/crypto/asn1/tasn_dec.c b/deps/openssl/openssl/crypto/asn1/tasn_dec.c index 9256049d158814..2a13388bfa5de5 100644 --- a/deps/openssl/openssl/crypto/asn1/tasn_dec.c +++ b/deps/openssl/openssl/crypto/asn1/tasn_dec.c @@ -903,9 +903,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, break; case V_ASN1_INTEGER: - case V_ASN1_NEG_INTEGER: case V_ASN1_ENUMERATED: - case V_ASN1_NEG_ENUMERATED: tint = (ASN1_INTEGER **)pval; if (!c2i_ASN1_INTEGER(tint, &cont, len)) goto err; diff --git a/deps/openssl/openssl/crypto/asn1/tasn_enc.c b/deps/openssl/openssl/crypto/asn1/tasn_enc.c index f04a6892a8d9fe..f7f83e56a98140 100644 --- a/deps/openssl/openssl/crypto/asn1/tasn_enc.c +++ b/deps/openssl/openssl/crypto/asn1/tasn_enc.c @@ -611,9 +611,7 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, break; case V_ASN1_INTEGER: - case V_ASN1_NEG_INTEGER: case V_ASN1_ENUMERATED: - case V_ASN1_NEG_ENUMERATED: /* * These are all have the same content format as ASN1_INTEGER */ diff --git a/deps/openssl/openssl/crypto/asn1/x_name.c b/deps/openssl/openssl/crypto/asn1/x_name.c index 737c426f2deacf..a858c2993b90f4 100644 --- a/deps/openssl/openssl/crypto/asn1/x_name.c +++ b/deps/openssl/openssl/crypto/asn1/x_name.c @@ -66,6 +66,13 @@ typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY; DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY) +/* + * Maximum length of X509_NAME: much larger than anything we should + * ever see in practice. + */ + +#define X509_NAME_MAX (1024 * 1024) + static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, @@ -192,6 +199,10 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, int i, j, ret; STACK_OF(X509_NAME_ENTRY) *entries; X509_NAME_ENTRY *entry; + if (len > X509_NAME_MAX) { + ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG); + return 0; + } q = p; /* Get internal representation of Name */ diff --git a/deps/openssl/openssl/crypto/asn1/x_x509.c b/deps/openssl/openssl/crypto/asn1/x_x509.c index bcd9166c35eb67..1500871577d636 100644 --- a/deps/openssl/openssl/crypto/asn1/x_x509.c +++ b/deps/openssl/openssl/crypto/asn1/x_x509.c @@ -201,9 +201,19 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length) int i2d_X509_AUX(X509 *a, unsigned char **pp) { - int length; + int length, tmplen; + unsigned char *start = pp != NULL ? *pp : NULL; length = i2d_X509(a, pp); - if (a) - length += i2d_X509_CERT_AUX(a->aux, pp); + if (length < 0 || a == NULL) + return length; + + tmplen = i2d_X509_CERT_AUX(a->aux, pp); + if (tmplen < 0) { + if (start != NULL) + *pp = start; + return tmplen; + } + length += tmplen; + return length; } diff --git a/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl b/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl index e8f6b050842e36..89f4de61e8964f 100755 --- a/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl +++ b/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl @@ -85,6 +85,21 @@ &and ("esp",-64); # align to cache line + # Some OSes, *cough*-dows, insist on stack being "wired" to + # physical memory in strictly sequential manner, i.e. if stack + # allocation spans two pages, then reference to farmost one can + # be punishable by SEGV. But page walking can do good even on + # other OSes, because it guarantees that villain thread hits + # the guard page before it can make damage to innocent one... + &mov ("eax","ebp"); + &sub ("eax","esp"); + &and ("eax",-4096); +&set_label("page_walk"); + &mov ("edx",&DWP(0,"esp","eax")); + &sub ("eax",4096); + &data_byte(0x2e); + &jnc (&label("page_walk")); + ################################# load argument block... &mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp &mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap diff --git a/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl b/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl index 17fb94c84c9f17..c8ae019da1b903 100755 --- a/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl +++ b/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl @@ -91,6 +91,20 @@ mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp .Lmul_body: + # Some OSes, *cough*-dows, insist on stack being "wired" to + # physical memory in strictly sequential manner, i.e. if stack + # allocation spans two pages, then reference to farmost one can + # be punishable by SEGV. But page walking can do good even on + # other OSes, because it guarantees that villain thread hits + # the guard page before it can make damage to innocent one... + sub %rsp,%r11 + and \$-4096,%r11 +.Lmul_page_walk: + mov (%rsp,%r11),%r10 + sub \$4096,%r11 + .byte 0x66,0x2e # predict non-taken + jnc .Lmul_page_walk + mov $bp,%r12 # reassign $bp ___ $bp="%r12"; @@ -296,6 +310,14 @@ mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp .Lmul4x_body: + sub %rsp,%r11 + and \$-4096,%r11 +.Lmul4x_page_walk: + mov (%rsp,%r11),%r10 + sub \$4096,%r11 + .byte 0x2e # predict non-taken + jnc .Lmul4x_page_walk + mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp mov %rdx,%r12 # reassign $bp ___ @@ -707,6 +729,7 @@ .align 16 bn_sqr4x_mont: .Lsqr4x_enter: + mov %rsp,%rax push %rbx push %rbp push %r12 @@ -715,12 +738,23 @@ push %r15 shl \$3,${num}d # convert $num to bytes - xor %r10,%r10 mov %rsp,%r11 # put aside %rsp - sub $num,%r10 # -$num + neg $num # -$num mov ($n0),$n0 # *n0 - lea -72(%rsp,%r10,2),%rsp # alloca(frame+2*$num) + lea -72(%rsp,$num,2),%rsp # alloca(frame+2*$num) and \$-1024,%rsp # minimize TLB usage + + sub %rsp,%r11 + and \$-4096,%r11 +.Lsqr4x_page_walk: + mov (%rsp,%r11),%r10 + sub \$4096,%r11 + .byte 0x2e # predict non-taken + jnc .Lsqr4x_page_walk + + mov $num,%r10 + neg $num # restore $num + lea -48(%rax),%r11 # restore saved %rsp ############################################################## # Stack layout # diff --git a/deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl b/deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl index 235979181f5452..99243ae3ec2cd4 100755 --- a/deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl +++ b/deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl @@ -84,6 +84,20 @@ mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp .Lmul_body: + # Some OSes, *cough*-dows, insist on stack being "wired" to + # physical memory in strictly sequential manner, i.e. if stack + # allocation spans two pages, then reference to farmost one can + # be punishable by SEGV. But page walking can do good even on + # other OSes, because it guarantees that villain thread hits + # the guard page before it can make damage to innocent one... + sub %rsp,%rax + and \$-4096,%rax +.Lmul_page_walk: + mov (%rsp,%rax),%r11 + sub \$4096,%rax + .byte 0x2e # predict non-taken + jnc .Lmul_page_walk + lea 128($bp),%r12 # reassign $bp (+size optimization) ___ $bp="%r12"; @@ -407,6 +421,14 @@ mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp .Lmul4x_body: + sub %rsp,%rax + and \$-4096,%rax +.Lmul4x_page_walk: + mov (%rsp,%rax),%r11 + sub \$4096,%rax + .byte 0x2e # predict non-taken + jnc .Lmul4x_page_walk + mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp lea 128(%rdx),%r12 # reassign $bp (+size optimization) ___ diff --git a/deps/openssl/openssl/crypto/comp/comp.h b/deps/openssl/openssl/crypto/comp/comp.h index 406c428aaeed7e..60a073404e922f 100644 --- a/deps/openssl/openssl/crypto/comp/comp.h +++ b/deps/openssl/openssl/crypto/comp/comp.h @@ -4,6 +4,10 @@ # include +# ifdef OPENSSL_NO_COMP +# error COMP is disabled. +# endif + #ifdef __cplusplus extern "C" { #endif diff --git a/deps/openssl/openssl/crypto/evp/Makefile b/deps/openssl/openssl/crypto/evp/Makefile index ed1502d3a6946a..c0f834b3ada6c3 100644 --- a/deps/openssl/openssl/crypto/evp/Makefile +++ b/deps/openssl/openssl/crypto/evp/Makefile @@ -199,8 +199,8 @@ e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h -e_aes_cbc_hmac_sha1.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -e_aes_cbc_hmac_sha1.o: ../../include/openssl/bio.h +e_aes_cbc_hmac_sha1.o: ../../e_os.h ../../include/openssl/aes.h +e_aes_cbc_hmac_sha1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h e_aes_cbc_hmac_sha1.o: ../../include/openssl/crypto.h e_aes_cbc_hmac_sha1.o: ../../include/openssl/e_os2.h e_aes_cbc_hmac_sha1.o: ../../include/openssl/evp.h @@ -212,8 +212,8 @@ e_aes_cbc_hmac_sha1.o: ../../include/openssl/ossl_typ.h e_aes_cbc_hmac_sha1.o: ../../include/openssl/safestack.h e_aes_cbc_hmac_sha1.o: ../../include/openssl/sha.h e_aes_cbc_hmac_sha1.o: ../../include/openssl/stack.h -e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h e_aes_cbc_hmac_sha1.c -e_aes_cbc_hmac_sha1.o: evp_locl.h +e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h ../constant_time_locl.h +e_aes_cbc_hmac_sha1.o: e_aes_cbc_hmac_sha1.c evp_locl.h e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h diff --git a/deps/openssl/openssl/crypto/evp/digest.c b/deps/openssl/openssl/crypto/evp/digest.c index 2e202c8fe031a6..32167b294db12d 100644 --- a/deps/openssl/openssl/crypto/evp/digest.c +++ b/deps/openssl/openssl/crypto/evp/digest.c @@ -200,8 +200,10 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) } #endif if (ctx->digest != type) { - if (ctx->digest && ctx->digest->ctx_size) + if (ctx->digest && ctx->digest->ctx_size) { OPENSSL_free(ctx->md_data); + ctx->md_data = NULL; + } ctx->digest = type; if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { ctx->update = type->update; diff --git a/deps/openssl/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c b/deps/openssl/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c index d1f5928f628a26..1d598db3598c05 100644 --- a/deps/openssl/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c +++ b/deps/openssl/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c @@ -59,6 +59,7 @@ # include # include # include "evp_locl.h" +# include "constant_time_locl.h" # ifndef EVP_CIPH_FLAG_AEAD_CIPHER # define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000 @@ -286,6 +287,8 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8); maxpad &= 255; + ret &= constant_time_ge(maxpad, pad); + inp_len = len - (SHA_DIGEST_LENGTH + pad + 1); mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1))); inp_len &= mask; diff --git a/deps/openssl/openssl/crypto/evp/encode.c b/deps/openssl/openssl/crypto/evp/encode.c index c6abc4ae8e47b0..c6c775e0a0cd14 100644 --- a/deps/openssl/openssl/crypto/evp/encode.c +++ b/deps/openssl/openssl/crypto/evp/encode.c @@ -57,6 +57,7 @@ */ #include +#include #include "cryptlib.h" #include @@ -151,13 +152,13 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) { int i, j; - unsigned int total = 0; + size_t total = 0; *outl = 0; if (inl <= 0) return; OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data)); - if ((ctx->num + inl) < ctx->length) { + if (ctx->length - ctx->num > inl) { memcpy(&(ctx->enc_data[ctx->num]), in, inl); ctx->num += inl; return; @@ -174,7 +175,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, *out = '\0'; total = j + 1; } - while (inl >= ctx->length) { + while (inl >= ctx->length && total <= INT_MAX) { j = EVP_EncodeBlock(out, in, ctx->length); in += ctx->length; inl -= ctx->length; @@ -183,6 +184,11 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, *out = '\0'; total += j + 1; } + if (total > INT_MAX) { + /* Too much output data! */ + *outl = 0; + return; + } if (inl != 0) memcpy(&(ctx->enc_data[0]), in, inl); ctx->num = inl; diff --git a/deps/openssl/openssl/crypto/evp/evp_enc.c b/deps/openssl/openssl/crypto/evp/evp_enc.c index 4e983c4bda2379..1831572d6f3b5f 100644 --- a/deps/openssl/openssl/crypto/evp/evp_enc.c +++ b/deps/openssl/openssl/crypto/evp/evp_enc.c @@ -334,7 +334,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, bl = ctx->cipher->block_size; OPENSSL_assert(bl <= (int)sizeof(ctx->buf)); if (i != 0) { - if (i + inl < bl) { + if (bl - i > inl) { memcpy(&(ctx->buf[i]), in, inl); ctx->buf_len += inl; *outl = 0; diff --git a/deps/openssl/openssl/crypto/opensslv.h b/deps/openssl/openssl/crypto/opensslv.h index 4ec6ff955246a6..2f293232f44c47 100644 --- a/deps/openssl/openssl/crypto/opensslv.h +++ b/deps/openssl/openssl/crypto/opensslv.h @@ -30,11 +30,11 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x1000113fL +# define OPENSSL_VERSION_NUMBER 0x1000114fL # ifdef OPENSSL_FIPS -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1s-fips 1 Mar 2016" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1t-fips 3 May 2016" # else -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1s 1 Mar 2016" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1t 3 May 2016" # endif # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/deps/openssl/openssl/crypto/pem/pem_lib.c b/deps/openssl/openssl/crypto/pem/pem_lib.c index 55071616e203bb..ab45a84fa26596 100644 --- a/deps/openssl/openssl/crypto/pem/pem_lib.c +++ b/deps/openssl/openssl/crypto/pem/pem_lib.c @@ -344,7 +344,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, if (enc != NULL) { objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc)); - if (objstr == NULL) { + if (objstr == NULL || EVP_CIPHER_iv_length(enc) == 0) { PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER); goto err; } diff --git a/deps/openssl/openssl/crypto/pem/pvkfmt.c b/deps/openssl/openssl/crypto/pem/pvkfmt.c index 82d45273ed16e8..61864468f6d490 100644 --- a/deps/openssl/openssl/crypto/pem/pvkfmt.c +++ b/deps/openssl/openssl/crypto/pem/pvkfmt.c @@ -131,6 +131,10 @@ static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r) # define MS_PVKMAGIC 0xb0b5f11eL /* Salt length for PVK files */ # define PVK_SALTLEN 0x10 +/* Maximum length in PVK header */ +# define PVK_MAX_KEYLEN 102400 +/* Maximum salt length */ +# define PVK_MAX_SALTLEN 10240 static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length, unsigned int bitlen, int ispub); @@ -644,6 +648,9 @@ static int do_PVK_header(const unsigned char **in, unsigned int length, *psaltlen = read_ledword(&p); *pkeylen = read_ledword(&p); + if (*pkeylen > PVK_MAX_KEYLEN || *psaltlen > PVK_MAX_SALTLEN) + return 0; + if (is_encrypted && !*psaltlen) { PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER); return 0; diff --git a/deps/openssl/openssl/crypto/x509/x509.h b/deps/openssl/openssl/crypto/x509/x509.h index a4911741005e55..bd600de43107ed 100644 --- a/deps/openssl/openssl/crypto/x509/x509.h +++ b/deps/openssl/openssl/crypto/x509/x509.h @@ -1281,6 +1281,7 @@ void ERR_load_X509_strings(void); # define X509_R_LOADING_CERT_DIR 103 # define X509_R_LOADING_DEFAULTS 104 # define X509_R_METHOD_NOT_SUPPORTED 124 +# define X509_R_NAME_TOO_LONG 134 # define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 # define X509_R_PUBLIC_KEY_DECODE_ERROR 125 # define X509_R_PUBLIC_KEY_ENCODE_ERROR 126 diff --git a/deps/openssl/openssl/crypto/x509/x509_err.c b/deps/openssl/openssl/crypto/x509/x509_err.c index 61a19f74109b0d..a2b8b7fc358fe0 100644 --- a/deps/openssl/openssl/crypto/x509/x509_err.c +++ b/deps/openssl/openssl/crypto/x509/x509_err.c @@ -145,6 +145,7 @@ static ERR_STRING_DATA X509_str_reasons[] = { {ERR_REASON(X509_R_LOADING_CERT_DIR), "loading cert dir"}, {ERR_REASON(X509_R_LOADING_DEFAULTS), "loading defaults"}, {ERR_REASON(X509_R_METHOD_NOT_SUPPORTED), "method not supported"}, + {ERR_REASON(X509_R_NAME_TOO_LONG), "name too long"}, {ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY), "no cert set for us to verify"}, {ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR), "public key decode error"}, diff --git a/deps/openssl/openssl/crypto/x509/x509_obj.c b/deps/openssl/openssl/crypto/x509/x509_obj.c index d317f3af25c0bd..3de3ac720411f0 100644 --- a/deps/openssl/openssl/crypto/x509/x509_obj.c +++ b/deps/openssl/openssl/crypto/x509/x509_obj.c @@ -63,6 +63,13 @@ #include #include +/* + * Limit to ensure we don't overflow: much greater than + * anything enountered in practice. + */ + +#define NAME_ONELINE_MAX (1024 * 1024) + char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) { X509_NAME_ENTRY *ne; @@ -86,6 +93,8 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) goto err; b->data[0] = '\0'; len = 200; + } else if (len == 0) { + return NULL; } if (a == NULL) { if (b) { @@ -110,6 +119,10 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) type = ne->value->type; num = ne->value->length; + if (num > NAME_ONELINE_MAX) { + X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG); + goto end; + } q = ne->value->data; #ifdef CHARSET_EBCDIC if (type == V_ASN1_GENERALSTRING || @@ -117,8 +130,9 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) type == V_ASN1_PRINTABLESTRING || type == V_ASN1_TELETEXSTRING || type == V_ASN1_VISIBLESTRING || type == V_ASN1_IA5STRING) { - ascii2ebcdic(ebcdic_buf, q, (num > sizeof ebcdic_buf) - ? sizeof ebcdic_buf : num); + if (num > (int)sizeof(ebcdic_buf)) + num = sizeof(ebcdic_buf); + ascii2ebcdic(ebcdic_buf, q, num); q = ebcdic_buf; } #endif @@ -154,6 +168,10 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) lold = l; l += 1 + l1 + 1 + l2; + if (l > NAME_ONELINE_MAX) { + X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG); + goto end; + } if (b != NULL) { if (!BUF_MEM_grow(b, l + 1)) goto err; @@ -206,7 +224,7 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) return (p); err: X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE); - if (b != NULL) - BUF_MEM_free(b); + end: + BUF_MEM_free(b); return (NULL); } diff --git a/deps/openssl/openssl/doc/apps/ciphers.pod b/deps/openssl/openssl/doc/apps/ciphers.pod index 888b8ed9434b61..34bb816f396818 100644 --- a/deps/openssl/openssl/doc/apps/ciphers.pod +++ b/deps/openssl/openssl/doc/apps/ciphers.pod @@ -107,7 +107,7 @@ The following is a list of all permitted cipher strings and their meanings. The default cipher list. This is determined at compile time and is normally -B. +B. When used, this must be the first cipherstring specified. =item B diff --git a/deps/openssl/openssl/doc/crypto/EVP_EncodeInit.pod b/deps/openssl/openssl/doc/crypto/EVP_EncodeInit.pod new file mode 100644 index 00000000000000..c6f12674f632e9 --- /dev/null +++ b/deps/openssl/openssl/doc/crypto/EVP_EncodeInit.pod @@ -0,0 +1,127 @@ +=pod + +=head1 NAME + +EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, +EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 +encode/decode routines + +=head1 SYNOPSIS + + #include + + void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); + void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, + const unsigned char *in, int inl); + void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl); + int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n); + + void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); + int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, + const unsigned char *in, int inl); + int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned + char *out, int *outl); + int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); + +=head1 DESCRIPTION + +The EVP encode routines provide a high level interface to base 64 encoding and +decoding. Base 64 encoding converts binary data into a printable form that uses +the characters A-Z, a-z, 0-9, "+" and "/" to represent the data. For every 3 +bytes of binary data provided 4 bytes of base 64 encoded data will be produced +plus some occasional newlines (see below). If the input data length is not a +multiple of 3 then the output data will be padded at the end using the "=" +character. + +Encoding of binary data is performed in blocks of 48 input bytes (or less for +the final block). For each 48 byte input block encoded 64 bytes of base 64 data +is output plus an additional newline character (i.e. 65 bytes in total). The +final block (which may be less than 48 bytes) will output 4 bytes for every 3 +bytes of input. If the data length is not divisible by 3 then a full 4 bytes is +still output for the final 1 or 2 bytes of input. Similarly a newline character +will also be output. + +EVP_EncodeInit() initialises B for the start of a new encoding operation. + +EVP_EncodeUpdate() encode B bytes of data found in the buffer pointed to by +B. The output is stored in the buffer B and the number of bytes output +is stored in B<*outl>. It is the caller's responsibility to ensure that the +buffer at B is sufficiently large to accommodate the output data. Only full +blocks of data (48 bytes) will be immediately processed and output by this +function. Any remainder is held in the B object and will be processed by a +subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the +required size of the output buffer add together the value of B with the +amount of unprocessed data held in B and divide the result by 48 (ignore +any remainder). This gives the number of blocks of data that will be processed. +Ensure the output buffer contains 65 bytes of storage for each block, plus an +additional byte for a NUL terminator. EVP_EncodeUpdate() may be called +repeatedly to process large amounts of input data. In the event of an error +EVP_EncodeUpdate() will set B<*outl> to 0. + +EVP_EncodeFinal() must be called at the end of an encoding operation. It will +process any partial block of data remaining in the B object. The output +data will be stored in B and the length of the data written will be stored +in B<*outl>. It is the caller's responsibility to ensure that B is +sufficiently large to accommodate the output data which will never be more than +65 bytes plus an additional NUL terminator (i.e. 66 bytes in total). + +EVP_EncodeBlock() encodes a full block of input data in B and of length +B and stores it in B. For every 3 bytes of input provided 4 bytes of +output data will be produced. If B is not divisible by 3 then the block is +encoded as a final block of data and the output is padded such that it is always +divisible by 4. Additionally a NUL terminator character will be added. For +example if 16 bytes of input data is provided then 24 bytes of encoded data is +created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of +the data generated I the NUL terminator is returned from the function. + +EVP_DecodeInit() initialises B for the start of a new decoding operation. + +EVP_DecodeUpdate() decodes B characters of data found in the buffer pointed +to by B. The output is stored in the buffer B and the number of bytes +output is stored in B<*outl>. It is the caller's responsibility to ensure that +the buffer at B is sufficiently large to accommodate the output data. This +function will attempt to decode as much data as possible in 4 byte chunks. Any +whitespace, newline or carriage return characters are ignored. Any partial chunk +of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in +the B object and processed by a subsequent call to EVP_DecodeUpdate(). If +any illegal base 64 characters are encountered or if the base 64 padding +character "=" is encountered in the middle of the data then the function returns +-1 to indicate an error. A return value of 0 or 1 indicates successful +processing of the data. A return value of 0 additionally indicates that the last +input data characters processed included the base 64 padding character "=" and +therefore no more non-padding character data is expected to be processed. For +every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and +line feeds), 3 bytes of binary output data will be produced (or less at the end +of the data where the padding character "=" has been used). + +EVP_DecodeFinal() must be called at the end of a decoding operation. If there +is any unprocessed data still in B then the input data must not have been +a multiple of 4 and therefore an error has occurred. The function will return -1 +in this case. Otherwise the function returns 1 on success. + +EVP_DecodeBlock() will decode the block of B characters of base 64 data +contained in B and store the result in B. Any leading whitespace will be +trimmed as will any trailing whitespace, newlines, carriage returns or EOF +characters. After such trimming the length of the data in B must be divisbile +by 4. For every 4 input bytes exactly 3 output bytes will be produced. The +output will be padded with 0 bits if necessary to ensure that the output is +always 3 bytes for every 4 input bytes. This function will return the length of +the data decoded or -1 on error. + +=head1 RETURN VALUES + +EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL +terminator. + +EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned +then no more non-padding base 64 characters are expected. + +EVP_DecodeFinal() returns -1 on error or 1 on success. + +EVP_DecodeBlock() returns the length of the data decoded or -1 on error. + +=head1 SEE ALSO + +L + +=cut diff --git a/deps/openssl/openssl/doc/crypto/evp.pod b/deps/openssl/openssl/doc/crypto/evp.pod index 9faa349243af46..83fefe511a7545 100644 --- a/deps/openssl/openssl/doc/crypto/evp.pod +++ b/deps/openssl/openssl/doc/crypto/evp.pod @@ -25,6 +25,10 @@ functions. The BI<...> functions provide message digests. The BI<...> functions provide a high level interface to asymmetric algorithms. +The LI<...>|EVP_EncodeInit(3)> and +LI<...>|EVP_EncodeInit(3)> functions implement base 64 encoding +and decoding. + Algorithms are loaded with OpenSSL_add_all_algorithms(3). All the symmetric algorithms (ciphers), digests and asymmetric algorithms @@ -49,6 +53,7 @@ L, L, L, L, +L, L, L diff --git a/deps/openssl/openssl/include/openssl/comp.h b/deps/openssl/openssl/include/openssl/comp.h index 406c428aaeed7e..60a073404e922f 100644 --- a/deps/openssl/openssl/include/openssl/comp.h +++ b/deps/openssl/openssl/include/openssl/comp.h @@ -4,6 +4,10 @@ # include +# ifdef OPENSSL_NO_COMP +# error COMP is disabled. +# endif + #ifdef __cplusplus extern "C" { #endif diff --git a/deps/openssl/openssl/include/openssl/opensslv.h b/deps/openssl/openssl/include/openssl/opensslv.h index 4ec6ff955246a6..2f293232f44c47 100644 --- a/deps/openssl/openssl/include/openssl/opensslv.h +++ b/deps/openssl/openssl/include/openssl/opensslv.h @@ -30,11 +30,11 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x1000113fL +# define OPENSSL_VERSION_NUMBER 0x1000114fL # ifdef OPENSSL_FIPS -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1s-fips 1 Mar 2016" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1t-fips 3 May 2016" # else -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1s 1 Mar 2016" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1t 3 May 2016" # endif # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/deps/openssl/openssl/include/openssl/ssl.h b/deps/openssl/openssl/include/openssl/ssl.h index 105047ee4d5e7e..d6c475c27c08e1 100644 --- a/deps/openssl/openssl/include/openssl/ssl.h +++ b/deps/openssl/openssl/include/openssl/ssl.h @@ -334,7 +334,7 @@ extern "C" { * The following cipher list is used by default. It also is substituted when * an application-defined cipher list string starts with 'DEFAULT'. */ -# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2" +# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2" /* * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always * starts with a reasonable order, and all we have to do for DEFAULT is @@ -2017,7 +2017,7 @@ const char *SSL_get_version(const SSL *s); /* This sets the 'default' SSL version that SSL_new() will create */ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); -# ifndef OPENSSL_NO_SSL2 +# ifndef OPENSSL_NO_SSL2_METHOD const SSL_METHOD *SSLv2_method(void); /* SSLv2 */ const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */ const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */ diff --git a/deps/openssl/openssl/include/openssl/x509.h b/deps/openssl/openssl/include/openssl/x509.h index a4911741005e55..bd600de43107ed 100644 --- a/deps/openssl/openssl/include/openssl/x509.h +++ b/deps/openssl/openssl/include/openssl/x509.h @@ -1281,6 +1281,7 @@ void ERR_load_X509_strings(void); # define X509_R_LOADING_CERT_DIR 103 # define X509_R_LOADING_DEFAULTS 104 # define X509_R_METHOD_NOT_SUPPORTED 124 +# define X509_R_NAME_TOO_LONG 134 # define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 # define X509_R_PUBLIC_KEY_DECODE_ERROR 125 # define X509_R_PUBLIC_KEY_ENCODE_ERROR 126 diff --git a/deps/openssl/openssl/openssl.spec b/deps/openssl/openssl/openssl.spec index 67a2a339c2db50..77b98b044a0ad4 100644 --- a/deps/openssl/openssl/openssl.spec +++ b/deps/openssl/openssl/openssl.spec @@ -7,7 +7,7 @@ Release: 1 Summary: Secure Sockets Layer and cryptography libraries and tools Name: openssl #Version: %{libmaj}.%{libmin}.%{librel} -Version: 1.0.1s +Version: 1.0.1t Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz License: OpenSSL Group: System Environment/Libraries diff --git a/deps/openssl/openssl/ssl/d1_both.c b/deps/openssl/openssl/ssl/d1_both.c index aaa18677ceef0c..19c3da61612233 100644 --- a/deps/openssl/openssl/ssl/d1_both.c +++ b/deps/openssl/openssl/ssl/d1_both.c @@ -1579,6 +1579,8 @@ int dtls1_process_heartbeat(SSL *s) * plus 2 bytes payload length, plus payload, plus padding */ buffer = OPENSSL_malloc(write_length); + if (buffer == NULL) + return -1; bp = buffer; /* Enter response type, length and copy payload */ diff --git a/deps/openssl/openssl/ssl/s2_lib.c b/deps/openssl/openssl/ssl/s2_lib.c index 82c17315498053..7bcb81a11e2c24 100644 --- a/deps/openssl/openssl/ssl/s2_lib.c +++ b/deps/openssl/openssl/ssl/s2_lib.c @@ -150,7 +150,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { SSL_RC4, SSL_MD5, SSL_SSLV2, - SSL_NOT_EXP | SSL_MEDIUM, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 0, 128, 128, @@ -167,7 +167,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { SSL_RC4, SSL_MD5, SSL_SSLV2, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL2_CF_5_BYTE_ENC, 40, 128, @@ -184,7 +184,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { SSL_RC2, SSL_MD5, SSL_SSLV2, - SSL_NOT_EXP | SSL_MEDIUM, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 0, 128, 128, @@ -201,7 +201,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { SSL_RC2, SSL_MD5, SSL_SSLV2, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL2_CF_5_BYTE_ENC, 40, 128, @@ -219,7 +219,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { SSL_IDEA, SSL_MD5, SSL_SSLV2, - SSL_NOT_EXP | SSL_MEDIUM, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 0, 128, 128, @@ -237,7 +237,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { SSL_DES, SSL_MD5, SSL_SSLV2, - SSL_NOT_EXP | SSL_LOW, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 0, 56, 56, @@ -254,7 +254,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { SSL_3DES, SSL_MD5, SSL_SSLV2, - SSL_NOT_EXP | SSL_HIGH, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH, 0, 112, 168, @@ -271,7 +271,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { SSL_RC4, SSL_MD5, SSL_SSLV2, - SSL_NOT_EXP | SSL_LOW, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, SSL2_CF_8_BYTE_ENC, 64, 64, diff --git a/deps/openssl/openssl/ssl/s2_meth.c b/deps/openssl/openssl/ssl/s2_meth.c index b312f17266129c..73885b7ecff8e7 100644 --- a/deps/openssl/openssl/ssl/s2_meth.c +++ b/deps/openssl/openssl/ssl/s2_meth.c @@ -57,7 +57,8 @@ */ #include "ssl_locl.h" -#ifndef OPENSSL_NO_SSL2 +#ifndef OPENSSL_NO_SSL2_METHOD +# ifndef OPENSSL_NO_SSL2 # include # include @@ -72,7 +73,16 @@ static const SSL_METHOD *ssl2_get_method(int ver) IMPLEMENT_ssl2_meth_func(SSLv2_method, ssl2_accept, ssl2_connect, ssl2_get_method) -#else /* !OPENSSL_NO_SSL2 */ + +# else /* !OPENSSL_NO_SSL2 */ + +const SSL_METHOD *SSLv2_method(void) { return NULL; } +const SSL_METHOD *SSLv2_client_method(void) { return NULL; } +const SSL_METHOD *SSLv2_server_method(void) { return NULL; } + +# endif + +#else /* !OPENSSL_NO_SSL2_METHOD */ # if PEDANTIC static void *dummy = &dummy; diff --git a/deps/openssl/openssl/ssl/s3_clnt.c b/deps/openssl/openssl/ssl/s3_clnt.c index cfa5080e6b77e7..9e5875f1f9ba8b 100644 --- a/deps/openssl/openssl/ssl/s3_clnt.c +++ b/deps/openssl/openssl/ssl/s3_clnt.c @@ -2104,6 +2104,7 @@ int ssl3_get_certificate_request(SSL *s) SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE); goto err; } + xn = NULL; p += l; nc += l + 2; @@ -2127,6 +2128,7 @@ int ssl3_get_certificate_request(SSL *s) err: s->state = SSL_ST_ERR; done: + X509_NAME_free(xn); if (ca_sk != NULL) sk_X509_NAME_pop_free(ca_sk, X509_NAME_free); return (ret); diff --git a/deps/openssl/openssl/ssl/s3_lib.c b/deps/openssl/openssl/ssl/s3_lib.c index a48f2b652a151c..35d6587da9515e 100644 --- a/deps/openssl/openssl/ssl/s3_lib.c +++ b/deps/openssl/openssl/ssl/s3_lib.c @@ -213,7 +213,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC4, SSL_MD5, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 128, @@ -263,7 +263,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC2, SSL_MD5, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 128, @@ -299,7 +299,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 56, @@ -317,7 +317,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_NOT_EXP | SSL_LOW, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 56, @@ -352,7 +352,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 56, @@ -370,7 +370,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_NOT_EXP | SSL_LOW, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 56, @@ -404,7 +404,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 56, @@ -422,7 +422,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_NOT_EXP | SSL_LOW, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 56, @@ -457,7 +457,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 56, @@ -475,7 +475,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_NOT_EXP | SSL_LOW, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 56, @@ -509,7 +509,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 56, @@ -527,7 +527,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_NOT_EXP | SSL_LOW, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 56, @@ -561,7 +561,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC4, SSL_MD5, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 128, @@ -578,7 +578,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC4, SSL_MD5, SSL_SSLV3, - SSL_NOT_EXP | SSL_MEDIUM, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, 128, @@ -595,7 +595,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 128, @@ -613,7 +613,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_NOT_EXP | SSL_LOW, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 56, @@ -630,7 +630,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_3DES, SSL_SHA1, SSL_SSLV3, - SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, 168, @@ -700,7 +700,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_NOT_EXP | SSL_LOW, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 56, @@ -766,7 +766,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_MD5, SSL_SSLV3, - SSL_NOT_EXP | SSL_LOW, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 56, @@ -832,7 +832,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 56, @@ -850,7 +850,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC2, SSL_SHA1, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 128, @@ -868,7 +868,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC4, SSL_SHA1, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 128, @@ -886,7 +886,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_MD5, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 56, @@ -904,7 +904,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC2, SSL_MD5, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 128, @@ -922,7 +922,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC4, SSL_MD5, SSL_SSLV3, - SSL_EXPORT | SSL_EXP40, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 40, 128, @@ -1016,7 +1016,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_AES128, SSL_SHA1, SSL_TLSV1, - SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, 128, @@ -1111,7 +1111,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_AES256, SSL_SHA1, SSL_TLSV1, - SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, 256, @@ -1307,7 +1307,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_CAMELLIA128, SSL_SHA1, SSL_TLSV1, - SSL_NOT_EXP | SSL_HIGH, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, 128, @@ -1327,7 +1327,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC4, SSL_MD5, SSL_TLSV1, - SSL_EXPORT | SSL_EXP56, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 128, @@ -1343,7 +1343,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC2, SSL_MD5, SSL_TLSV1, - SSL_EXPORT | SSL_EXP56, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 128, @@ -1361,7 +1361,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_TLSV1, - SSL_EXPORT | SSL_EXP56, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 56, @@ -1379,7 +1379,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_DES, SSL_SHA1, SSL_TLSV1, - SSL_EXPORT | SSL_EXP56, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 56, @@ -1397,7 +1397,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC4, SSL_SHA1, SSL_TLSV1, - SSL_EXPORT | SSL_EXP56, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 128, @@ -1415,7 +1415,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC4, SSL_SHA1, SSL_TLSV1, - SSL_EXPORT | SSL_EXP56, + SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 56, 128, @@ -1530,7 +1530,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_AES128, SSL_SHA256, SSL_TLSV1_2, - SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, 128, @@ -1546,7 +1546,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_AES256, SSL_SHA256, SSL_TLSV1_2, - SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, 256, @@ -1699,7 +1699,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_CAMELLIA256, SSL_SHA1, SSL_TLSV1, - SSL_NOT_EXP | SSL_HIGH, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, 256, @@ -1865,7 +1865,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_SEED, SSL_SHA1, SSL_TLSV1, - SSL_NOT_EXP | SSL_MEDIUM, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, 128, @@ -2045,7 +2045,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, - SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, 128, @@ -2061,7 +2061,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, - SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, 256, @@ -2414,7 +2414,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_RC4, SSL_SHA1, SSL_TLSV1, - SSL_NOT_EXP | SSL_MEDIUM, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, 128, @@ -2430,7 +2430,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_3DES, SSL_SHA1, SSL_TLSV1, - SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, 168, @@ -2446,7 +2446,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_AES128, SSL_SHA1, SSL_TLSV1, - SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, 128, @@ -2462,7 +2462,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { SSL_AES256, SSL_SHA1, SSL_TLSV1, - SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, + SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, 256, diff --git a/deps/openssl/openssl/ssl/ssl.h b/deps/openssl/openssl/ssl/ssl.h index 105047ee4d5e7e..d6c475c27c08e1 100644 --- a/deps/openssl/openssl/ssl/ssl.h +++ b/deps/openssl/openssl/ssl/ssl.h @@ -334,7 +334,7 @@ extern "C" { * The following cipher list is used by default. It also is substituted when * an application-defined cipher list string starts with 'DEFAULT'. */ -# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2" +# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2" /* * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always * starts with a reasonable order, and all we have to do for DEFAULT is @@ -2017,7 +2017,7 @@ const char *SSL_get_version(const SSL *s); /* This sets the 'default' SSL version that SSL_new() will create */ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); -# ifndef OPENSSL_NO_SSL2 +# ifndef OPENSSL_NO_SSL2_METHOD const SSL_METHOD *SSLv2_method(void); /* SSLv2 */ const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */ const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */ diff --git a/deps/openssl/openssl/ssl/ssl_ciph.c b/deps/openssl/openssl/ssl/ssl_ciph.c index cb559d987f60fc..56dd43721e1074 100644 --- a/deps/openssl/openssl/ssl/ssl_ciph.c +++ b/deps/openssl/openssl/ssl/ssl_ciph.c @@ -235,8 +235,7 @@ static const SSL_CIPHER cipher_aliases[] = { * "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in * ALL!) */ - {0, SSL_TXT_CMPDEF, 0, 0, SSL_aNULL, ~SSL_eNULL, 0, ~SSL_SSLV2, - SSL_EXP_MASK, 0, 0, 0}, + {0, SSL_TXT_CMPDEF, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0}, /* * key exchange aliases (some of those using only a single bit here @@ -1000,10 +999,6 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id, cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl, cp->algo_strength); #endif - if (algo_strength == SSL_EXP_MASK && SSL_C_IS_EXPORT(cp)) - goto ok; - if (alg_ssl == ~SSL_SSLV2 && cp->algorithm_ssl == SSL_SSLV2) - goto ok; if (alg_mkey && !(alg_mkey & cp->algorithm_mkey)) continue; if (alg_auth && !(alg_auth & cp->algorithm_auth)) @@ -1020,10 +1015,11 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id, if ((algo_strength & SSL_STRONG_MASK) && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength)) continue; + if ((algo_strength & SSL_NOT_DEFAULT) + && !(cp->algo_strength & SSL_NOT_DEFAULT)) + continue; } - ok: - #ifdef CIPHER_DEBUG fprintf(stderr, "Action = %d\n", rule); #endif @@ -1307,6 +1303,10 @@ static int ssl_cipher_process_rulestr(const char *rule_str, ca_list[j]->algo_strength & SSL_STRONG_MASK; } + if (ca_list[j]->algo_strength & SSL_NOT_DEFAULT) { + algo_strength |= SSL_NOT_DEFAULT; + } + if (ca_list[j]->valid) { /* * explicit ciphersuite found; its protocol version does not diff --git a/deps/openssl/openssl/ssl/ssl_locl.h b/deps/openssl/openssl/ssl/ssl_locl.h index f5d9df6bc0e6d4..d57b902fabbf04 100644 --- a/deps/openssl/openssl/ssl/ssl_locl.h +++ b/deps/openssl/openssl/ssl/ssl_locl.h @@ -435,8 +435,9 @@ # define SSL_MEDIUM 0x00000040L # define SSL_HIGH 0x00000080L # define SSL_FIPS 0x00000100L +# define SSL_NOT_DEFAULT 0x00000200L -/* we have used 000001ff - 23 bits left to go */ +/* we have used 000003ff - 22 bits left to go */ /*- * Macros to check the export status and cipher strength for export ciphers. diff --git a/deps/openssl/openssl/ssl/t1_lib.c b/deps/openssl/openssl/ssl/t1_lib.c index 2e9b65b3fdcecc..0bdb77d49fc311 100644 --- a/deps/openssl/openssl/ssl/t1_lib.c +++ b/deps/openssl/openssl/ssl/t1_lib.c @@ -2321,8 +2321,10 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx); eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx); sdec = OPENSSL_malloc(eticklen); - if (!sdec || EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) { + if (sdec == NULL + || EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) { EVP_CIPHER_CTX_cleanup(&ctx); + OPENSSL_free(sdec); return -1; } if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) { @@ -2579,6 +2581,8 @@ int tls1_process_heartbeat(SSL *s) * plus 2 bytes payload length, plus payload, plus padding */ buffer = OPENSSL_malloc(1 + 2 + payload + padding); + if (buffer == NULL) + return -1; bp = buffer; /* Enter response type, length and copy payload */ diff --git a/deps/openssl/openssl/test/testfipsssl b/deps/openssl/openssl/test/testfipsssl index c4836edc259ae0..b8bbb259365dde 100644 --- a/deps/openssl/openssl/test/testfipsssl +++ b/deps/openssl/openssl/test/testfipsssl @@ -38,8 +38,12 @@ fi echo test ssl3 is forbidden in FIPS mode $ssltest -ssl3 $extra && exit 1 -echo test ssl2 is forbidden in FIPS mode -$ssltest -ssl2 $extra && exit 1 +if ../util/shlib_wrap.sh ../apps/openssl ciphers SSLv2 >/dev/null 2>&1; then + echo test ssl2 is forbidden in FIPS mode + $ssltest -ssl2 $extra && exit 1 +else + echo ssl2 disabled: skipping test +fi echo test tls1 $ssltest -tls1 $extra || exit 1 diff --git a/deps/openssl/openssl/util/libeay.num b/deps/openssl/openssl/util/libeay.num index a83c3bedac3c98..e71ca919f1c146 100755 --- a/deps/openssl/openssl/util/libeay.num +++ b/deps/openssl/openssl/util/libeay.num @@ -1065,8 +1065,8 @@ d2i_ASN1_BMPSTRING 1092 EXIST::FUNCTION: i2d_ASN1_BMPSTRING 1093 EXIST::FUNCTION: BIO_f_ber 1094 NOEXIST::FUNCTION: BN_init 1095 EXIST::FUNCTION: -COMP_CTX_new 1096 EXIST::FUNCTION: -COMP_CTX_free 1097 EXIST::FUNCTION: +COMP_CTX_new 1096 EXIST::FUNCTION:COMP +COMP_CTX_free 1097 EXIST::FUNCTION:COMP COMP_CTX_compress_block 1098 NOEXIST::FUNCTION: COMP_CTX_expand_block 1099 NOEXIST::FUNCTION: X509_STORE_CTX_get_ex_new_index 1100 EXIST::FUNCTION: @@ -1113,10 +1113,10 @@ PKCS7_digest_from_attributes 1140 EXIST::FUNCTION: PKCS7_get_attribute 1141 EXIST::FUNCTION: PKCS7_get_issuer_and_serial 1142 EXIST::FUNCTION: PKCS7_get_signed_attribute 1143 EXIST::FUNCTION: -COMP_compress_block 1144 EXIST::FUNCTION: -COMP_expand_block 1145 EXIST::FUNCTION: -COMP_rle 1146 EXIST::FUNCTION: -COMP_zlib 1147 EXIST::FUNCTION: +COMP_compress_block 1144 EXIST::FUNCTION:COMP +COMP_expand_block 1145 EXIST::FUNCTION:COMP +COMP_rle 1146 EXIST::FUNCTION:COMP +COMP_zlib 1147 EXIST::FUNCTION:COMP ms_time_diff 1148 NOEXIST::FUNCTION: ms_time_new 1149 NOEXIST::FUNCTION: ms_time_free 1150 NOEXIST::FUNCTION: @@ -1945,7 +1945,7 @@ ENGINE_get_ctrl_function 2521 EXIST::FUNCTION:ENGINE ENGINE_set_ctrl_function 2522 EXIST::FUNCTION:ENGINE BN_pseudo_rand_range 2523 EXIST::FUNCTION: X509_STORE_CTX_set_verify_cb 2524 EXIST::FUNCTION: -ERR_load_COMP_strings 2525 EXIST::FUNCTION: +ERR_load_COMP_strings 2525 EXIST::FUNCTION:COMP PKCS12_item_decrypt_d2i 2526 EXIST::FUNCTION: ASN1_UTF8STRING_it 2527 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: @@ -3545,8 +3545,8 @@ X509at_get0_data_by_OBJ 3931 EXIST::FUNCTION: ASN1_TYPE_set1 3932 EXIST::FUNCTION: ASN1_STRING_set0 3933 EXIST::FUNCTION: i2d_X509_ALGORS 3934 EXIST::FUNCTION: -BIO_f_zlib 3935 EXIST:ZLIB:FUNCTION: -COMP_zlib_cleanup 3936 EXIST::FUNCTION: +BIO_f_zlib 3935 EXIST:ZLIB:FUNCTION:COMP +COMP_zlib_cleanup 3936 EXIST::FUNCTION:COMP d2i_X509_ALGORS 3937 EXIST::FUNCTION: CMS_ReceiptRequest_free 3938 EXIST::FUNCTION:CMS PEM_write_CMS 3939 EXIST:!WIN16:FUNCTION:CMS diff --git a/deps/openssl/openssl/util/mk1mf.pl b/deps/openssl/openssl/util/mk1mf.pl index e5fe37c426f61b..8c7780a1bd7c3e 100755 --- a/deps/openssl/openssl/util/mk1mf.pl +++ b/deps/openssl/openssl/util/mk1mf.pl @@ -282,8 +282,9 @@ $cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake; $cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m; $cflags.=" -DOPENSSL_NO_WEAK_SSL_CIPHERS" if $no_weak_ssl; -$cflags.= " -DZLIB" if $zlib_opt; -$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2; +$cflags.=" -DZLIB" if $zlib_opt; +$cflags.=" -DZLIB_SHARED" if $zlib_opt == 2; +$cflags.=" -DOPENSSL_NO_COMP" if $no_comp; if ($no_static_engine) { @@ -780,6 +781,7 @@ sub var_add return("") if $no_gost && $dir =~ /\/ccgost/; return("") if $no_cms && $dir =~ /\/cms/; return("") if $no_jpake && $dir =~ /\/jpake/; + return("") if $no_comp && $dir =~ /\/comp/; if ($no_des && $dir =~ /\/des/) { if ($val =~ /read_pwd/) @@ -1115,6 +1117,7 @@ sub read_options "nw-mwasm" => \$nw_mwasm, "gaswin" => \$gaswin, "no-ssl2" => \$no_ssl2, + "no-ssl2-method" => 0, "no-ssl3" => \$no_ssl3, "no-ssl3-method" => 0, "no-tlsext" => \$no_tlsext, @@ -1156,6 +1159,7 @@ sub read_options "no-unit-test" => 0, "no-zlib" => 0, "no-zlib-dynamic" => 0, + "no-comp" => \$no_comp, "fips" => \$fips ); @@ -1173,7 +1177,6 @@ sub read_options } } } - elsif (/^no-comp$/) { $xcflags = "-DOPENSSL_NO_COMP $xcflags"; } elsif (/^enable-zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 } elsif (/^enable-zlib-dynamic$/) { diff --git a/deps/openssl/openssl/util/mkdef.pl b/deps/openssl/openssl/util/mkdef.pl index 894f0529fc475e..0b97aa4dbe9457 100755 --- a/deps/openssl/openssl/util/mkdef.pl +++ b/deps/openssl/openssl/util/mkdef.pl @@ -107,6 +107,8 @@ "CAPIENG", # SSL v2 "SSL2", + # SSL v2 method + "SSL2_METHOD", # SSL v3 method "SSL3_METHOD", # JPAKE @@ -143,7 +145,7 @@ my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng; my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc; my $no_nextprotoneg; my $no_sctp; my $no_srtp; -my $no_unit_test; my $no_ssl3_method; +my $no_unit_test; my $no_ssl3_method; my $no_ssl2_method; my $fips; @@ -238,6 +240,7 @@ elsif (/^no-ec_nistp_64_gcc_128$/) { $no_nistp_gcc=1; } elsif (/^no-nextprotoneg$/) { $no_nextprotoneg=1; } elsif (/^no-ssl2$/) { $no_ssl2=1; } + elsif (/^no-ssl2-method$/) { $no_ssl2_method=1; } elsif (/^no-ssl3-method$/) { $no_ssl3_method=1; } elsif (/^no-capieng$/) { $no_capieng=1; } elsif (/^no-jpake$/) { $no_jpake=1; } @@ -1211,6 +1214,7 @@ sub is_valid if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc) { return 0; } if ($keyword eq "SSL2" && $no_ssl2) { return 0; } + if ($keyword eq "SSL2_METHOD" && $no_ssl2_method) { return 0; } if ($keyword eq "SSL3_METHOD" && $no_ssl3_method) { return 0; } if ($keyword eq "CAPIENG" && $no_capieng) { return 0; } if ($keyword eq "JPAKE" && $no_jpake) { return 0; } diff --git a/deps/openssl/openssl/util/ssleay.num b/deps/openssl/openssl/util/ssleay.num index dd1c5e88239e3a..dd5811a905df0e 100755 --- a/deps/openssl/openssl/util/ssleay.num +++ b/deps/openssl/openssl/util/ssleay.num @@ -98,9 +98,9 @@ SSLeay_add_ssl_algorithms 109 NOEXIST::FUNCTION: SSLv23_client_method 110 EXIST::FUNCTION:RSA SSLv23_method 111 EXIST::FUNCTION:RSA SSLv23_server_method 112 EXIST::FUNCTION:RSA -SSLv2_client_method 113 EXIST::FUNCTION:RSA,SSL2 -SSLv2_method 114 EXIST::FUNCTION:RSA,SSL2 -SSLv2_server_method 115 EXIST::FUNCTION:RSA,SSL2 +SSLv2_client_method 113 EXIST::FUNCTION:RSA,SSL2_METHOD +SSLv2_method 114 EXIST::FUNCTION:RSA,SSL2_METHOD +SSLv2_server_method 115 EXIST::FUNCTION:RSA,SSL2_METHOD SSLv3_client_method 116 EXIST::FUNCTION:SSL3_METHOD SSLv3_method 117 EXIST::FUNCTION:SSL3_METHOD SSLv3_server_method 118 EXIST::FUNCTION:SSL3_METHOD