FFFTPのソースコードです。
| Revisão | b2ca3cbfefb9f644d74e81b6dbb28c759def7249 (tree) |
|---|---|
| Hora | 2017-11-04 21:00:12 |
| Autor | s_kawamoto <s_kawamoto@user...> |
| Commiter | s_kawamoto |
Update OpenSSL to 1.1.0g.
FFFTP_Eng_Release/FFFTP.exe (diff) FFFTP_Eng_Release_64/FFFTP.exe (diff) Package/make_update.bat (diff) Release/FFFTP.exe (diff) Release_64/FFFTP.exe (diff)
Resource/FFFTP.rc (diff) Resource_eng/ffftp.rc (diff)
common.h (diff) contrib/openssl/CHANGES (diff) contrib/openssl/NEWS (diff) contrib/openssl/README (diff) contrib/openssl/include/openssl/bio.h (diff) contrib/openssl/include/openssl/bn.h (diff) contrib/openssl/include/openssl/buffer.h (diff) contrib/openssl/include/openssl/crypto.h (diff) contrib/openssl/include/openssl/ec.h (diff) contrib/openssl/include/openssl/evp.h (diff) contrib/openssl/include/openssl/opensslv.h (diff) contrib/openssl/include/openssl/seed.h (diff) contrib/openssl/include/openssl/srtp.h (diff) contrib/openssl/include/openssl/ssl.h (diff) contrib/openssl/include/openssl/tls1.h (diff) dist/amd64/libeay32.dll (diff) dist/amd64/ssleay32.dll (diff) dist/libeay32.dll (diff) dist/ssleay32.dll (diff) filehash.h (diff)| @@ -11,8 +11,8 @@ set PREFIX_JPN=update.jpn.file. | ||
| 11 | 11 | set PREFIX_ENG=update.eng.file. |
| 12 | 12 | set PREFIX_AMD64_JPN=update.amd64.jpn.file. |
| 13 | 13 | set PREFIX_AMD64_ENG=update.amd64.eng.file. |
| 14 | -set DESC_JPN="同時接続数が1より大きいホストから切断した直後に別のホストで転送に失敗するバグを修正しました。" | |
| 15 | -set DESC_ENG="Fixed bugs that transfer fails at a host right after disconnection from another host whose number of simultaneous connections is more than 1." | |
| 14 | +set DESC_JPN="OpenSSLを更新しました。" | |
| 15 | +set DESC_ENG="Updated OpenSSL." | |
| 16 | 16 | set DESC_AMD64_JPN=%DESC_JPN% |
| 17 | 17 | set DESC_AMD64_ENG=%DESC_ENG% |
| 18 | 18 |
| @@ -242,7 +242,7 @@ FONT 9, "MS Shell Dlg", 0, 0, 0x0 | ||
| 242 | 242 | BEGIN |
| 243 | 243 | DEFPUSHBUTTON "OK",IDOK,133,294,50,14 |
| 244 | 244 | ICON ffftp,-1,7,4,20,20 |
| 245 | - CTEXT "FFFTP Ver 1.99a-20171029",-1,113,11,90,8 | |
| 245 | + CTEXT "FFFTP Ver 1.99a-20171104",-1,113,11,90,8 | |
| 246 | 246 | CTEXT "FFFTPはfreewareです",-1,7,279,305,8 |
| 247 | 247 | CTEXT "Copyright(C) 1997-2010 Sota & ご協力いただいた方々\nCopyright (C) 2011-2017 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, うなー, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, ふうせん)",-1,7,25,305,44,SS_NOPREFIX |
| 248 | 248 | CTEXT "",ABOUT_JRE,7,96,305,8 |
| @@ -2213,8 +2213,8 @@ nodrop_csr CURSOR "nodrop_c.cur" | ||
| 2213 | 2213 | // |
| 2214 | 2214 | |
| 2215 | 2215 | VS_VERSION_INFO VERSIONINFO |
| 2216 | - FILEVERSION 1,99,1,18 | |
| 2217 | - PRODUCTVERSION 1,99,1,18 | |
| 2216 | + FILEVERSION 1,99,1,19 | |
| 2217 | + PRODUCTVERSION 1,99,1,19 | |
| 2218 | 2218 | FILEFLAGSMASK 0x3fL |
| 2219 | 2219 | #ifdef _DEBUG |
| 2220 | 2220 | FILEFLAGS 0x1L |
| @@ -2232,12 +2232,12 @@ BEGIN | ||
| 2232 | 2232 | VALUE "Comments", "これはフリーソフトウエアです。" |
| 2233 | 2233 | VALUE "CompanyName", "Sota, FFFTP Project" |
| 2234 | 2234 | VALUE "FileDescription", "FFFTP" |
| 2235 | - VALUE "FileVersion", "1, 99, 1, 18" | |
| 2235 | + VALUE "FileVersion", "1, 99, 1, 19" | |
| 2236 | 2236 | VALUE "InternalName", "FFFTP" |
| 2237 | 2237 | VALUE "LegalCopyright", "Copyright (C) 1997-2010 Sota & ご協力いただいた方々\nCopyright (C) 2011-2017 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, うなー, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, ふうせん)." |
| 2238 | 2238 | VALUE "OriginalFilename", "FFFTP.exe" |
| 2239 | 2239 | VALUE "ProductName", "FFFTP" |
| 2240 | - VALUE "ProductVersion", "1, 99, 1, 18" | |
| 2240 | + VALUE "ProductVersion", "1, 99, 1, 19" | |
| 2241 | 2241 | END |
| 2242 | 2242 | END |
| 2243 | 2243 | BLOCK "VarFileInfo" |
| @@ -242,7 +242,7 @@ FONT 9, "MS Shell Dlg", 0, 0, 0x0 | ||
| 242 | 242 | BEGIN |
| 243 | 243 | DEFPUSHBUTTON "OK",IDOK,132,296,50,14 |
| 244 | 244 | ICON ffftp,-1,7,4,20,20 |
| 245 | - CTEXT "FFFTP Ver 1.99a-20171029",-1,110,11,90,8 | |
| 245 | + CTEXT "FFFTP Ver 1.99a-20171104",-1,110,11,90,8 | |
| 246 | 246 | CTEXT "FFFTP is freeware",-1,7,281,301,8 |
| 247 | 247 | CTEXT "Copyright(C) 1997-2010 Sota && cooperators\nCopyright (C) 2011-2017 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, unarist, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, Fu-sen)",-1,7,25,301,44 |
| 248 | 248 | CTEXT "",ABOUT_JRE,7,93,301,8 |
| @@ -2253,8 +2253,8 @@ nodrop_csr CURSOR "nodrop_c.cur" | ||
| 2253 | 2253 | // |
| 2254 | 2254 | |
| 2255 | 2255 | VS_VERSION_INFO VERSIONINFO |
| 2256 | - FILEVERSION 1,99,1,18 | |
| 2257 | - PRODUCTVERSION 1,99,1,18 | |
| 2256 | + FILEVERSION 1,99,1,19 | |
| 2257 | + PRODUCTVERSION 1,99,1,19 | |
| 2258 | 2258 | FILEFLAGSMASK 0x3fL |
| 2259 | 2259 | #ifdef _DEBUG |
| 2260 | 2260 | FILEFLAGS 0x1L |
| @@ -2272,12 +2272,12 @@ BEGIN | ||
| 2272 | 2272 | VALUE "Comments", "This software is Free Software" |
| 2273 | 2273 | VALUE "CompanyName", "Sota, FFFTP Project" |
| 2274 | 2274 | VALUE "FileDescription", "FFFTP" |
| 2275 | - VALUE "FileVersion", "1, 99, 1, 18" | |
| 2275 | + VALUE "FileVersion", "1, 99, 1, 19" | |
| 2276 | 2276 | VALUE "InternalName", "FFFTP" |
| 2277 | 2277 | VALUE "LegalCopyright", "Copyright (C) 1997-2010 Sota & cooperators\nCopyright (C) 2011-2017 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, unarist, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, Fu-sen)." |
| 2278 | 2278 | VALUE "OriginalFilename", "FFFTP.exe" |
| 2279 | 2279 | VALUE "ProductName", "FFFTP" |
| 2280 | - VALUE "ProductVersion", "1, 99, 1, 18" | |
| 2280 | + VALUE "ProductVersion", "1, 99, 1, 19" | |
| 2281 | 2281 | END |
| 2282 | 2282 | END |
| 2283 | 2283 | BLOCK "VarFileInfo" |
| @@ -72,16 +72,16 @@ | ||
| 72 | 72 | //#define PROGRAM_VERSION_NUM 1972 /* バージョン */ |
| 73 | 73 | // 64ビット対応 |
| 74 | 74 | #ifdef _WIN64 |
| 75 | -#define VER_STR "1.99a-20171029 64bit" | |
| 75 | +#define VER_STR "1.99a-20171104 64bit" | |
| 76 | 76 | #else |
| 77 | -#define VER_STR "1.99a-20171029" | |
| 77 | +#define VER_STR "1.99a-20171104" | |
| 78 | 78 | #endif |
| 79 | 79 | #define VER_NUM 1990 /* 設定バージョン */ |
| 80 | 80 | #define PROGRAM_VERSION_NUM 1990 /* バージョン */ |
| 81 | 81 | // ソフトウェア自動更新 |
| 82 | 82 | // リリースバージョンはリリース予定年(10進数4桁)+月(2桁)+日(2桁)+通し番号(0スタート2桁)とする |
| 83 | 83 | // 2014年7月31日中の30個目のリリースは2014073129 |
| 84 | -#define RELEASE_VERSION_NUM 2017102900 /* リリースバージョン */ | |
| 84 | +#define RELEASE_VERSION_NUM 2017110400 /* リリースバージョン */ | |
| 85 | 85 | |
| 86 | 86 | |
| 87 | 87 | // SourceForge.JPによるフォーク |
| @@ -2,6 +2,51 @@ | ||
| 2 | 2 | OpenSSL CHANGES |
| 3 | 3 | _______________ |
| 4 | 4 | |
| 5 | + This is a high-level summary of the most important changes. | |
| 6 | + For a full list of changes, see the git commit log; for example, | |
| 7 | + https://github.com/openssl/openssl/commits/ and pick the appropriate | |
| 8 | + release branch. | |
| 9 | + | |
| 10 | + Changes between 1.1.0f and 1.1.0g [2 Nov 2017] | |
| 11 | + | |
| 12 | + *) bn_sqrx8x_internal carry bug on x86_64 | |
| 13 | + | |
| 14 | + There is a carry propagating bug in the x86_64 Montgomery squaring | |
| 15 | + procedure. No EC algorithms are affected. Analysis suggests that attacks | |
| 16 | + against RSA and DSA as a result of this defect would be very difficult to | |
| 17 | + perform and are not believed likely. Attacks against DH are considered just | |
| 18 | + feasible (although very difficult) because most of the work necessary to | |
| 19 | + deduce information about a private key may be performed offline. The amount | |
| 20 | + of resources required for such an attack would be very significant and | |
| 21 | + likely only accessible to a limited number of attackers. An attacker would | |
| 22 | + additionally need online access to an unpatched system using the target | |
| 23 | + private key in a scenario with persistent DH parameters and a private | |
| 24 | + key that is shared between multiple clients. | |
| 25 | + | |
| 26 | + This only affects processors that support the BMI1, BMI2 and ADX extensions | |
| 27 | + like Intel Broadwell (5th generation) and later or AMD Ryzen. | |
| 28 | + | |
| 29 | + This issue was reported to OpenSSL by the OSS-Fuzz project. | |
| 30 | + (CVE-2017-3736) | |
| 31 | + [Andy Polyakov] | |
| 32 | + | |
| 33 | + *) Malformed X.509 IPAddressFamily could cause OOB read | |
| 34 | + | |
| 35 | + If an X.509 certificate has a malformed IPAddressFamily extension, | |
| 36 | + OpenSSL could do a one-byte buffer overread. The most likely result | |
| 37 | + would be an erroneous display of the certificate in text format. | |
| 38 | + | |
| 39 | + This issue was reported to OpenSSL by the OSS-Fuzz project. | |
| 40 | + (CVE-2017-3735) | |
| 41 | + [Rich Salz] | |
| 42 | + | |
| 43 | + *) Ignore the '-named_curve auto' value for compatibility of applications | |
| 44 | + with OpenSSL 1.0.2. | |
| 45 | + [Tomas Mraz <tmraz@fedoraproject.org>] | |
| 46 | + | |
| 47 | + *) Support for SSL_OP_NO_ENCRYPT_THEN_MAC in SSL_CONF_cmd. | |
| 48 | + [Emilia Käsper] | |
| 49 | + | |
| 5 | 50 | Changes between 1.1.0e and 1.1.0f [25 May 2017] |
| 6 | 51 | |
| 7 | 52 | *) Have 'config' recognise 64-bit mingw and choose 'mingw64' as the target |
| @@ -5,6 +5,11 @@ | ||
| 5 | 5 | This file gives a brief overview of the major changes between each OpenSSL |
| 6 | 6 | release. For more details please read the CHANGES file. |
| 7 | 7 | |
| 8 | + Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017] | |
| 9 | + | |
| 10 | + o bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736) | |
| 11 | + o Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735) | |
| 12 | + | |
| 8 | 13 | Major changes between OpenSSL 1.1.0e and OpenSSL 1.1.0f [25 May 2017] |
| 9 | 14 | |
| 10 | 15 | o config now recognises 64-bit mingw and chooses mingw64 instead of mingw |
| @@ -1,5 +1,5 @@ | ||
| 1 | 1 | |
| 2 | - OpenSSL 1.1.0f 25 May 2017 | |
| 2 | + OpenSSL 1.1.0g 2 Nov 2017 | |
| 3 | 3 | |
| 4 | 4 | Copyright (c) 1998-2016 The OpenSSL Project |
| 5 | 5 | Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson |
| @@ -125,11 +125,10 @@ extern "C" { | ||
| 125 | 125 | |
| 126 | 126 | # define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49 |
| 127 | 127 | |
| 128 | -# define BIO_CTRL_DGRAM_SET_PEEK_MODE 50 | |
| 129 | - | |
| 128 | +/* Deliberately outside of OPENSSL_NO_SCTP - used in bss_dgram.c */ | |
| 129 | +# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50 | |
| 130 | 130 | # ifndef OPENSSL_NO_SCTP |
| 131 | 131 | /* SCTP stuff */ |
| 132 | -# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50 | |
| 133 | 132 | # define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51 |
| 134 | 133 | # define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52 |
| 135 | 134 | # define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53 |
| @@ -142,6 +141,8 @@ extern "C" { | ||
| 142 | 141 | # define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70 |
| 143 | 142 | # endif |
| 144 | 143 | |
| 144 | +# define BIO_CTRL_DGRAM_SET_PEEK_MODE 71 | |
| 145 | + | |
| 145 | 146 | /* modifiers */ |
| 146 | 147 | # define BIO_FP_READ 0x02 |
| 147 | 148 | # define BIO_FP_WRITE 0x04 |
| @@ -196,7 +196,7 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx); | ||
| 196 | 196 | */ |
| 197 | 197 | void BN_set_negative(BIGNUM *b, int n); |
| 198 | 198 | /** BN_is_negative returns 1 if the BIGNUM is negative |
| 199 | - * \param a pointer to the BIGNUM object | |
| 199 | + * \param b pointer to the BIGNUM object | |
| 200 | 200 | * \return 1 if a < 0 and 0 otherwise |
| 201 | 201 | */ |
| 202 | 202 | int BN_is_negative(const BIGNUM *b); |
| @@ -21,10 +21,7 @@ extern "C" { | ||
| 21 | 21 | #endif |
| 22 | 22 | |
| 23 | 23 | # include <stddef.h> |
| 24 | - | |
| 25 | -# if !defined(NO_SYS_TYPES_H) | |
| 26 | -# include <sys/types.h> | |
| 27 | -# endif | |
| 24 | +# include <sys/types.h> | |
| 28 | 25 | |
| 29 | 26 | /* |
| 30 | 27 | * These names are outdated as of OpenSSL 1.1; a future release |
| @@ -146,6 +146,8 @@ int CRYPTO_mem_ctrl(int mode); | ||
| 146 | 146 | CRYPTO_secure_zalloc(num, OPENSSL_FILE, OPENSSL_LINE) |
| 147 | 147 | # define OPENSSL_secure_free(addr) \ |
| 148 | 148 | CRYPTO_secure_free(addr, OPENSSL_FILE, OPENSSL_LINE) |
| 149 | +# define OPENSSL_secure_clear_free(addr, num) \ | |
| 150 | + CRYPTO_secure_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE) | |
| 149 | 151 | # define OPENSSL_secure_actual_size(ptr) \ |
| 150 | 152 | CRYPTO_secure_actual_size(ptr) |
| 151 | 153 |
| @@ -285,6 +287,8 @@ int CRYPTO_secure_malloc_done(void); | ||
| 285 | 287 | void *CRYPTO_secure_malloc(size_t num, const char *file, int line); |
| 286 | 288 | void *CRYPTO_secure_zalloc(size_t num, const char *file, int line); |
| 287 | 289 | void CRYPTO_secure_free(void *ptr, const char *file, int line); |
| 290 | +void CRYPTO_secure_clear_free(void *ptr, size_t num, | |
| 291 | + const char *file, int line); | |
| 288 | 292 | int CRYPTO_secure_allocated(const void *ptr); |
| 289 | 293 | int CRYPTO_secure_malloc_initialized(void); |
| 290 | 294 | size_t CRYPTO_secure_actual_size(void *ptr); |
| @@ -1223,7 +1223,7 @@ void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth, | ||
| 1223 | 1223 | const ECDSA_SIG *sig, |
| 1224 | 1224 | EC_KEY *eckey)); |
| 1225 | 1225 | |
| 1226 | -void EC_KEY_METHOD_get_init(EC_KEY_METHOD *meth, | |
| 1226 | +void EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth, | |
| 1227 | 1227 | int (**pinit)(EC_KEY *key), |
| 1228 | 1228 | void (**pfinish)(EC_KEY *key), |
| 1229 | 1229 | int (**pcopy)(EC_KEY *dest, const EC_KEY *src), |
| @@ -1234,16 +1234,16 @@ void EC_KEY_METHOD_get_init(EC_KEY_METHOD *meth, | ||
| 1234 | 1234 | int (**pset_public)(EC_KEY *key, |
| 1235 | 1235 | const EC_POINT *pub_key)); |
| 1236 | 1236 | |
| 1237 | -void EC_KEY_METHOD_get_keygen(EC_KEY_METHOD *meth, | |
| 1237 | +void EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth, | |
| 1238 | 1238 | int (**pkeygen)(EC_KEY *key)); |
| 1239 | 1239 | |
| 1240 | -void EC_KEY_METHOD_get_compute_key(EC_KEY_METHOD *meth, | |
| 1240 | +void EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth, | |
| 1241 | 1241 | int (**pck)(unsigned char **psec, |
| 1242 | 1242 | size_t *pseclen, |
| 1243 | 1243 | const EC_POINT *pub_key, |
| 1244 | 1244 | const EC_KEY *ecdh)); |
| 1245 | 1245 | |
| 1246 | -void EC_KEY_METHOD_get_sign(EC_KEY_METHOD *meth, | |
| 1246 | +void EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth, | |
| 1247 | 1247 | int (**psign)(int type, const unsigned char *dgst, |
| 1248 | 1248 | int dlen, unsigned char *sig, |
| 1249 | 1249 | unsigned int *siglen, |
| @@ -1257,7 +1257,7 @@ void EC_KEY_METHOD_get_sign(EC_KEY_METHOD *meth, | ||
| 1257 | 1257 | const BIGNUM *in_r, |
| 1258 | 1258 | EC_KEY *eckey)); |
| 1259 | 1259 | |
| 1260 | -void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth, | |
| 1260 | +void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth, | |
| 1261 | 1261 | int (**pverify)(int type, const unsigned |
| 1262 | 1262 | char *dgst, int dgst_len, |
| 1263 | 1263 | const unsigned char *sigbuf, |
| @@ -900,6 +900,9 @@ int EVP_PKEY_security_bits(const EVP_PKEY *pkey); | ||
| 900 | 900 | int EVP_PKEY_size(EVP_PKEY *pkey); |
| 901 | 901 | int EVP_PKEY_set_type(EVP_PKEY *pkey, int type); |
| 902 | 902 | int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len); |
| 903 | +# ifndef OPENSSL_NO_ENGINE | |
| 904 | +int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *e); | |
| 905 | +# endif | |
| 903 | 906 | int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key); |
| 904 | 907 | void *EVP_PKEY_get0(const EVP_PKEY *pkey); |
| 905 | 908 | const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len); |
| @@ -1482,6 +1485,7 @@ int ERR_load_EVP_strings(void); | ||
| 1482 | 1485 | # define EVP_F_EVP_PBE_SCRYPT 181 |
| 1483 | 1486 | # define EVP_F_EVP_PKCS82PKEY 111 |
| 1484 | 1487 | # define EVP_F_EVP_PKEY2PKCS8 113 |
| 1488 | +# define EVP_F_EVP_PKEY_ASN1_ADD0 168 | |
| 1485 | 1489 | # define EVP_F_EVP_PKEY_COPY_PARAMETERS 103 |
| 1486 | 1490 | # define EVP_F_EVP_PKEY_CTX_CTRL 137 |
| 1487 | 1491 | # define EVP_F_EVP_PKEY_CTX_CTRL_STR 150 |
| @@ -1505,6 +1509,7 @@ int ERR_load_EVP_strings(void); | ||
| 1505 | 1509 | # define EVP_F_EVP_PKEY_NEW 106 |
| 1506 | 1510 | # define EVP_F_EVP_PKEY_PARAMGEN 148 |
| 1507 | 1511 | # define EVP_F_EVP_PKEY_PARAMGEN_INIT 149 |
| 1512 | +# define EVP_F_EVP_PKEY_SET1_ENGINE 187 | |
| 1508 | 1513 | # define EVP_F_EVP_PKEY_SIGN 140 |
| 1509 | 1514 | # define EVP_F_EVP_PKEY_SIGN_INIT 141 |
| 1510 | 1515 | # define EVP_F_EVP_PKEY_VERIFY 142 |
| @@ -1565,6 +1570,7 @@ int ERR_load_EVP_strings(void); | ||
| 1565 | 1570 | # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 |
| 1566 | 1571 | # define EVP_R_OPERATON_NOT_INITIALIZED 151 |
| 1567 | 1572 | # define EVP_R_PARTIALLY_OVERLAPPING 162 |
| 1573 | +# define EVP_R_PKEY_ASN1_METHOD_ALREADY_REGISTERED 164 | |
| 1568 | 1574 | # define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 |
| 1569 | 1575 | # define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 |
| 1570 | 1576 | # define EVP_R_PUBLIC_KEY_NOT_RSA 106 |
| @@ -39,11 +39,11 @@ extern "C" { | ||
| 39 | 39 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for |
| 40 | 40 | * major minor fix final patch/beta) |
| 41 | 41 | */ |
| 42 | -# define OPENSSL_VERSION_NUMBER 0x1010006fL | |
| 42 | +# define OPENSSL_VERSION_NUMBER 0x1010007fL | |
| 43 | 43 | # ifdef OPENSSL_FIPS |
| 44 | -# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0f-fips 25 May 2017" | |
| 44 | +# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0g-fips 2 Nov 2017" | |
| 45 | 45 | # else |
| 46 | -# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0f 25 May 2017" | |
| 46 | +# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0g 2 Nov 2017" | |
| 47 | 47 | # endif |
| 48 | 48 | |
| 49 | 49 | /*- |
| @@ -52,9 +52,7 @@ extern "C" { | ||
| 52 | 52 | # endif |
| 53 | 53 | # endif |
| 54 | 54 | |
| 55 | -# if !defined(NO_SYS_TYPES_H) | |
| 56 | -# include <sys/types.h> | |
| 57 | -# endif | |
| 55 | +# include <sys/types.h> | |
| 58 | 56 | |
| 59 | 57 | # define SEED_BLOCK_SIZE 16 |
| 60 | 58 | # define SEED_KEY_LENGTH 16 |
| @@ -36,7 +36,7 @@ extern "C" { | ||
| 36 | 36 | # ifndef OPENSSL_NO_SRTP |
| 37 | 37 | |
| 38 | 38 | __owur int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles); |
| 39 | -__owur int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles); | |
| 39 | +__owur int SSL_set_tlsext_use_srtp(SSL *ssl, const char *profiles); | |
| 40 | 40 | |
| 41 | 41 | __owur STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl); |
| 42 | 42 | __owur SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); |
| @@ -297,6 +297,8 @@ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx); | ||
| 297 | 297 | # define SSL_OP_NO_COMPRESSION 0x00020000U |
| 298 | 298 | /* Permit unsafe legacy renegotiation */ |
| 299 | 299 | # define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000U |
| 300 | +/* Disable encrypt-then-mac */ | |
| 301 | +# define SSL_OP_NO_ENCRYPT_THEN_MAC 0x00080000U | |
| 300 | 302 | /* |
| 301 | 303 | * Set on servers to choose the cipher according to the server's preferences |
| 302 | 304 | */ |
| @@ -1158,6 +1160,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) | ||
| 1158 | 1160 | # define SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE 127 |
| 1159 | 1161 | # define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128 |
| 1160 | 1162 | # define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG 129 |
| 1163 | +# define SSL_CTRL_GET_MIN_PROTO_VERSION 130 | |
| 1164 | +# define SSL_CTRL_GET_MAX_PROTO_VERSION 131 | |
| 1161 | 1165 | # define SSL_CERT_SET_FIRST 1 |
| 1162 | 1166 | # define SSL_CERT_SET_NEXT 2 |
| 1163 | 1167 | # define SSL_CERT_SET_SERVER 3 |
| @@ -1289,10 +1293,18 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) | ||
| 1289 | 1293 | SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL) |
| 1290 | 1294 | #define SSL_CTX_set_max_proto_version(ctx, version) \ |
| 1291 | 1295 | SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL) |
| 1296 | +#define SSL_CTX_get_min_proto_version(ctx) \ | |
| 1297 | + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, NULL, NULL) | |
| 1298 | +#define SSL_CTX_get_max_proto_version(ctx) \ | |
| 1299 | + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, NULL, NULL) | |
| 1292 | 1300 | #define SSL_set_min_proto_version(s, version) \ |
| 1293 | 1301 | SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL) |
| 1294 | 1302 | #define SSL_set_max_proto_version(s, version) \ |
| 1295 | 1303 | SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL) |
| 1304 | +#define SSL_get_min_proto_version(s) \ | |
| 1305 | + SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, NULL, NULL) | |
| 1306 | +#define SSL_get_max_proto_version(s) \ | |
| 1307 | + SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, NULL, NULL) | |
| 1296 | 1308 | |
| 1297 | 1309 | #if OPENSSL_API_COMPAT < 0x10100000L |
| 1298 | 1310 | /* Provide some compatibility macros for removed functionality. */ |
| @@ -1444,7 +1456,7 @@ int SSL_SESSION_up_ref(SSL_SESSION *ses); | ||
| 1444 | 1456 | void SSL_SESSION_free(SSL_SESSION *ses); |
| 1445 | 1457 | __owur int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); |
| 1446 | 1458 | __owur int SSL_set_session(SSL *to, SSL_SESSION *session); |
| 1447 | -__owur int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); | |
| 1459 | +int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); | |
| 1448 | 1460 | int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c); |
| 1449 | 1461 | __owur int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB); |
| 1450 | 1462 | __owur int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB); |
| @@ -226,12 +226,12 @@ __owur int SSL_get_servername_type(const SSL *s); | ||
| 226 | 226 | * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and |
| 227 | 227 | * optional context. (Since a zero length context is allowed, the |use_context| |
| 228 | 228 | * flag controls whether a context is included.) It returns 1 on success and |
| 229 | - * zero otherwise. | |
| 229 | + * 0 or -1 otherwise. | |
| 230 | 230 | */ |
| 231 | 231 | __owur int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, |
| 232 | - const char *label, size_t llen, | |
| 233 | - const unsigned char *p, size_t plen, | |
| 234 | - int use_context); | |
| 232 | + const char *label, size_t llen, | |
| 233 | + const unsigned char *context, | |
| 234 | + size_t contextlen, int use_context); | |
| 235 | 235 | |
| 236 | 236 | int SSL_get_sigalgs(SSL *s, int idx, |
| 237 | 237 | int *psign, int *phash, int *psignandhash, |
| @@ -298,9 +298,9 @@ SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0, (void (**)(void))cb) | ||
| 298 | 298 | SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb) |
| 299 | 299 | |
| 300 | 300 | # define SSL_CTX_get_tlsext_status_arg(ssl, arg) \ |
| 301 | -SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg | |
| 301 | + SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg) | |
| 302 | 302 | # define SSL_CTX_set_tlsext_status_arg(ssl, arg) \ |
| 303 | -SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg) | |
| 303 | + SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg) | |
| 304 | 304 | |
| 305 | 305 | #define SSL_CTX_set_tlsext_status_type(ssl, type) \ |
| 306 | 306 | SSL_CTX_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE, type, NULL) |
| @@ -5,13 +5,13 @@ | ||
| 5 | 5 | #define FILEHASH_SSL_PEM_SHA1 "\xB5\x0E\xE9\xDC\x25\x9D\xAC\x83\x09\xB3\x42\xA3\xB9\x7C\xF2\x1A\xAD\xA8\x27\xA6" |
| 6 | 6 | #if defined(_M_IX86) |
| 7 | 7 | // libeay32.dll |
| 8 | -#define FILEHASH_LIBEAY32_DLL_SHA1 "\x8A\xA1\x22\x87\x9D\x06\xCE\x61\x2A\x0D\x12\xCE\xCD\x05\x6F\x44\x04\xEB\x08\x8F" | |
| 8 | +#define FILEHASH_LIBEAY32_DLL_SHA1 "\xE4\xA5\x2E\xB0\x80\xB5\x07\x4B\x40\xB0\x15\x71\xC5\xAA\x6F\xF8\xF3\xC4\x97\xFC" | |
| 9 | 9 | // ssleay32.dll |
| 10 | -#define FILEHASH_SSLEAY32_DLL_SHA1 "\x83\x84\x23\x50\xDB\x61\xA3\xBC\xCA\xA0\xF0\xA7\xE4\x33\x87\xBB\x47\xCC\xE0\x05" | |
| 10 | +#define FILEHASH_SSLEAY32_DLL_SHA1 "\x93\x4D\xF4\xDA\x2C\x4A\x65\x53\x56\xA7\xB3\xD3\x2F\x9C\x86\xBA\xB4\xF8\xDD\x48" | |
| 11 | 11 | #elif defined(_M_AMD64) |
| 12 | 12 | // libeay32.dll |
| 13 | -#define FILEHASH_LIBEAY32_DLL_SHA1 "\xDA\x6A\xF5\x14\x91\xE1\x6C\x23\xB8\xB9\xA9\x2D\x55\x84\xF5\x9E\xE3\x1B\xE9\x78" | |
| 13 | +#define FILEHASH_LIBEAY32_DLL_SHA1 "\x70\xA9\xCC\x67\x1B\xE5\x18\xF4\x29\x20\xD6\x3F\xBD\xAA\x57\xA6\x12\x43\xE5\xFB" | |
| 14 | 14 | // ssleay32.dll |
| 15 | -#define FILEHASH_SSLEAY32_DLL_SHA1 "\x8C\x6E\x78\x40\x04\x46\x10\x9B\x02\x95\xE1\xAC\xA2\x02\x47\x37\xF9\xDE\x32\x6A" | |
| 15 | +#define FILEHASH_SSLEAY32_DLL_SHA1 "\xF8\xF1\xF0\x1E\x7E\x20\xC6\xBF\x01\x84\xF6\x86\x90\x72\x5F\x8C\xF4\xF3\x2F\x57" | |
| 16 | 16 | #endif |
| 17 | 17 |
Fork