git: cf3d446e18bf - stable/13 - OpenSSL: Merge OpenSSL 1.1.1w

From: Jung-uk Kim <jkim_at_FreeBSD.org>
Date: Mon, 11 Sep 2023 17:17:26 UTC
The branch stable/13 has been updated by jkim:

URL: https://cgit.FreeBSD.org/src/commit/?id=cf3d446e18bf2ddb6739fa4495e9f5ad6538aa54

commit cf3d446e18bf2ddb6739fa4495e9f5ad6538aa54
Author:     Jung-uk Kim <jkim@FreeBSD.org>
AuthorDate: 2023-09-11 16:50:12 +0000
Commit:     Jung-uk Kim <jkim@FreeBSD.org>
CommitDate: 2023-09-11 17:14:49 +0000

    OpenSSL: Merge OpenSSL 1.1.1w
    
    (cherry picked from commit a1860b94f62494288804faebb1bf6ea8110ca148)
---
 crypto/openssl/CHANGES                             | 24 +++++++
 crypto/openssl/NEWS                                |  5 ++
 crypto/openssl/README                              |  2 +-
 crypto/openssl/appveyor.yml                        | 78 ----------------------
 crypto/openssl/crypto/asn1/ameth_lib.c             | 11 ++-
 crypto/openssl/crypto/cms/cms_asn1.c               | 17 ++++-
 crypto/openssl/crypto/cms/cms_local.h              |  3 +-
 crypto/openssl/crypto/cms/cms_sd.c                 | 16 ++++-
 crypto/openssl/crypto/cms/cms_smime.c              |  5 +-
 crypto/openssl/crypto/ec/ec_ameth.c                | 19 ++++--
 .../openssl/crypto/poly1305/asm/poly1305-x86_64.pl |  6 +-
 crypto/openssl/crypto/rsa/rsa_ameth.c              |  7 +-
 crypto/openssl/doc/man3/CMS_sign.pod               |  4 +-
 crypto/openssl/include/openssl/opensslv.h          |  4 +-
 crypto/openssl/ssl/ssl_sess.c                      |  7 +-
 15 files changed, 102 insertions(+), 106 deletions(-)

diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES
index 612aaf56f6e6..12d965d47521 100644
--- a/crypto/openssl/CHANGES
+++ b/crypto/openssl/CHANGES
@@ -7,6 +7,30 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1v and 1.1.1w [11 Sep 2023]
+
+ *) Fix POLY1305 MAC implementation corrupting XMM registers on Windows.
+
+    The POLY1305 MAC (message authentication code) implementation in OpenSSL
+    does not save the contents of non-volatile XMM registers on Windows 64
+    platform when calculating the MAC of data larger than 64 bytes. Before
+    returning to the caller all the XMM registers are set to zero rather than
+    restoring their previous content. The vulnerable code is used only on newer
+    x86_64 processors supporting the AVX512-IFMA instructions.
+
+    The consequences of this kind of internal application state corruption can
+    be various - from no consequences, if the calling application does not
+    depend on the contents of non-volatile XMM registers at all, to the worst
+    consequences, where the attacker could get complete control of the
+    application process. However given the contents of the registers are just
+    zeroized so the attacker cannot put arbitrary values inside, the most likely
+    consequence, if any, would be an incorrect result of some application
+    dependent calculations or a crash leading to a denial of service.
+
+    (CVE-2023-4807)
+    [Bernd Edlinger]
+
+
  Changes between 1.1.1u and 1.1.1v [1 Aug 2023]
 
  *) Fix excessive time spent checking DH q parameter value.
diff --git a/crypto/openssl/NEWS b/crypto/openssl/NEWS
index c71c02911db0..1b849cdf7686 100644
--- a/crypto/openssl/NEWS
+++ b/crypto/openssl/NEWS
@@ -5,6 +5,11 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1v and OpenSSL 1.1.1w [11 Sep 2023]
+
+      o Fix POLY1305 MAC implementation corrupting XMM registers on Windows
+        (CVE-2023-4807)
+
   Major changes between OpenSSL 1.1.1u and OpenSSL 1.1.1v [1 Aug 2023]
 
       o Fix excessive time spent checking DH q parameter value (CVE-2023-3817)
diff --git a/crypto/openssl/README b/crypto/openssl/README
index dbe6bf756e94..e924e1529a9c 100644
--- a/crypto/openssl/README
+++ b/crypto/openssl/README
@@ -1,5 +1,5 @@
 
- OpenSSL 1.1.1v 1 Aug 2023
+ OpenSSL 1.1.1w 11 Sep 2023
 
  Copyright (c) 1998-2023 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff --git a/crypto/openssl/appveyor.yml b/crypto/openssl/appveyor.yml
deleted file mode 100644
index 6210391f204a..000000000000
--- a/crypto/openssl/appveyor.yml
+++ /dev/null
@@ -1,78 +0,0 @@
-image:
-  - Visual Studio 2017
-
-platform:
-    - x64
-    - x86
-
-environment:
-    fast_finish: true
-    matrix:
-        - VSVER: 15
-
-configuration:
-    - shared
-    - plain
-    - minimal
-
-before_build:
-    - ps: >-
-        Install-Module VSSetup -Scope CurrentUser
-    - ps: >-
-        Get-VSSetupInstance -All
-    - ps: >-
-        gci env:* | sort-object name
-    - ps: >-
-        If ($env:Platform -Match "x86") {
-            $env:VCVARS_PLATFORM="x86"
-            $env:TARGET="VC-WIN32 no-asm --strict-warnings"
-        } Else {
-            $env:VCVARS_PLATFORM="amd64"
-            $env:TARGET="VC-WIN64A-masm"
-        }
-    - ps: >-
-        If ($env:Configuration -Match "shared") {
-            $env:SHARED="no-makedepend"
-        } ElseIf ($env:Configuration -Match "minimal") {
-            $env:SHARED="no-shared no-dso no-makedepend no-aria no-async no-autoload-config no-blake2 no-bf no-camellia no-cast no-chacha no-cmac no-cms no-comp no-ct no-des no-dgram no-dh no-dsa no-dtls no-ec2m no-engine no-filenames no-gost no-idea no-mdc2 no-md4 no-multiblock no-nextprotoneg no-ocsp no-ocb no-poly1305 no-psk no-rc2 no-rc4 no-rmd160 no-seed no-siphash no-sm2 no-sm3 no-sm4 no-srp no-srtp no-ssl3 no-ssl3-method no-ts no-ui-console no-whirlpool no-asm -DOPENSSL_SMALL_FOOTPRINT"
-        } Else {
-            $env:SHARED="no-shared no-makedepend"
-        }
-    - call "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvarsall.bat" %VCVARS_PLATFORM%
-    - mkdir _build
-    - cd _build
-    - perl ..\Configure %TARGET% %SHARED%
-    - perl configdata.pm --dump
-    - cd ..
-    - ps: >-
-        if (-not $env:APPVEYOR_PULL_REQUEST_NUMBER`
-            -or (&git log -1 $env:APPVEYOR_PULL_REQUEST_HEAD_COMMIT |
-                 Select-String "\[extended tests\]") ) {
-            $env:EXTENDED_TESTS="yes"
-        }
-
-build_script:
-    - cd _build
-    - ps: >-
-        If ($env:Configuration -Match "shared" -or $env:EXTENDED_TESTS) {
-            cmd /c "nmake build_all_generated 2>&1"
-            cmd /c "nmake PERL=no-perl 2>&1"
-        }
-    - cd ..
-
-test_script:
-    - cd _build
-    - ps: >-
-        If ($env:Configuration -Match "shared" -or $env:EXTENDED_TESTS) {
-            if ($env:EXTENDED_TESTS) {
-                cmd /c "nmake test V=1 2>&1"
-            } Else {
-                cmd /c "nmake test V=1 TESTS=-test_fuzz 2>&1"
-            }
-        }
-    - ps: >-
-        if ($env:EXTENDED_TESTS) {
-            mkdir ..\_install
-            cmd /c "nmake install DESTDIR=..\_install 2>&1"
-        }
-    - cd ..
diff --git a/crypto/openssl/crypto/asn1/ameth_lib.c b/crypto/openssl/crypto/asn1/ameth_lib.c
index 5e8c3ed1d5b0..4ab246e98719 100644
--- a/crypto/openssl/crypto/asn1/ameth_lib.c
+++ b/crypto/openssl/crypto/asn1/ameth_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -264,6 +264,7 @@ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
 
     dst->pkey_size = src->pkey_size;
     dst->pkey_bits = src->pkey_bits;
+    dst->pkey_security_bits = src->pkey_security_bits;
 
     dst->param_decode = src->param_decode;
     dst->param_encode = src->param_encode;
@@ -271,6 +272,7 @@ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
     dst->param_copy = src->param_copy;
     dst->param_cmp = src->param_cmp;
     dst->param_print = src->param_print;
+    dst->sig_print = src->sig_print;
 
     dst->pkey_free = src->pkey_free;
     dst->pkey_ctrl = src->pkey_ctrl;
@@ -281,6 +283,13 @@ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
     dst->siginf_set = src->siginf_set;
 
     dst->pkey_check = src->pkey_check;
+    dst->pkey_public_check = src->pkey_public_check;
+    dst->pkey_param_check = src->pkey_param_check;
+
+    dst->set_priv_key = src->set_priv_key;
+    dst->set_pub_key = src->set_pub_key;
+    dst->get_priv_key = src->get_priv_key;
+    dst->get_pub_key = src->get_pub_key;
 
 }
 
diff --git a/crypto/openssl/crypto/cms/cms_asn1.c b/crypto/openssl/crypto/cms/cms_asn1.c
index 08069d72a29e..a62e11ecbd90 100644
--- a/crypto/openssl/crypto/cms/cms_asn1.c
+++ b/crypto/openssl/crypto/cms/cms_asn1.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -51,6 +51,7 @@ static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
         EVP_PKEY_free(si->pkey);
         X509_free(si->signer);
         EVP_MD_CTX_free(si->mctx);
+        EVP_PKEY_CTX_free(si->pctx);
     }
     return 1;
 }
@@ -89,11 +90,21 @@ ASN1_SEQUENCE(CMS_OriginatorInfo) = {
         ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1)
 } static_ASN1_SEQUENCE_END(CMS_OriginatorInfo)
 
-ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = {
+static int cms_ec_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                     void *exarg)
+{
+    CMS_EncryptedContentInfo *ec = (CMS_EncryptedContentInfo *)*pval;
+
+    if (operation == ASN1_OP_FREE_POST)
+        OPENSSL_clear_free(ec->key, ec->keylen);
+    return 1;
+}
+
+ASN1_NDEF_SEQUENCE_cb(CMS_EncryptedContentInfo, cms_ec_cb) = {
         ASN1_SIMPLE(CMS_EncryptedContentInfo, contentType, ASN1_OBJECT),
         ASN1_SIMPLE(CMS_EncryptedContentInfo, contentEncryptionAlgorithm, X509_ALGOR),
         ASN1_IMP_OPT(CMS_EncryptedContentInfo, encryptedContent, ASN1_OCTET_STRING_NDEF, 0)
-} static_ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo)
+} ASN1_NDEF_SEQUENCE_END_cb(CMS_EncryptedContentInfo, CMS_EncryptedContentInfo)
 
 ASN1_SEQUENCE(CMS_KeyTransRecipientInfo) = {
         ASN1_EMBED(CMS_KeyTransRecipientInfo, version, INT32),
diff --git a/crypto/openssl/crypto/cms/cms_local.h b/crypto/openssl/crypto/cms/cms_local.h
index a0ce4448f603..09c0bdfe5a47 100644
--- a/crypto/openssl/crypto/cms/cms_local.h
+++ b/crypto/openssl/crypto/cms/cms_local.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -342,6 +342,7 @@ struct CMS_Receipt_st {
 
 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
 DECLARE_ASN1_ITEM(CMS_SignerInfo)
+DECLARE_ASN1_ITEM(CMS_EncryptedContentInfo)
 DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
 DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
 DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
diff --git a/crypto/openssl/crypto/cms/cms_sd.c b/crypto/openssl/crypto/cms/cms_sd.c
index 3f2a782565a8..9f67f91297ea 100644
--- a/crypto/openssl/crypto/cms/cms_sd.c
+++ b/crypto/openssl/crypto/cms/cms_sd.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -375,6 +375,8 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
         } else if (EVP_DigestSignInit(si->mctx, &si->pctx, md, NULL, pk) <=
                    0)
             goto err;
+        else
+            EVP_MD_CTX_set_flags(si->mctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
     }
 
     if (!sd->signerInfos)
@@ -600,6 +602,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
         unsigned char md[EVP_MAX_MD_SIZE];
         unsigned int mdlen;
         pctx = si->pctx;
+        si->pctx = NULL;
         if (!EVP_DigestFinal_ex(mctx, md, &mdlen))
             goto err;
         siglen = EVP_PKEY_size(si->pkey);
@@ -680,6 +683,7 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
         EVP_MD_CTX_reset(mctx);
         if (EVP_DigestSignInit(mctx, &pctx, md, NULL, si->pkey) <= 0)
             goto err;
+        EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
         si->pctx = pctx;
     }
 
@@ -745,8 +749,13 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
         return -1;
     }
     mctx = si->mctx;
+    if (si->pctx != NULL) {
+        EVP_PKEY_CTX_free(si->pctx);
+        si->pctx = NULL;
+    }
     if (EVP_DigestVerifyInit(mctx, &si->pctx, md, NULL, si->pkey) <= 0)
         goto err;
+    EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
 
     if (!cms_sd_asn1_ctrl(si, 1))
         goto err;
@@ -859,8 +868,11 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
         if (EVP_PKEY_CTX_set_signature_md(pkctx, md) <= 0)
             goto err;
         si->pctx = pkctx;
-        if (!cms_sd_asn1_ctrl(si, 1))
+        if (!cms_sd_asn1_ctrl(si, 1)) {
+            si->pctx = NULL;
             goto err;
+        }
+        si->pctx = NULL;
         r = EVP_PKEY_verify(pkctx, si->signature->data,
                             si->signature->length, mval, mlen);
         if (r <= 0) {
diff --git a/crypto/openssl/crypto/cms/cms_smime.c b/crypto/openssl/crypto/cms/cms_smime.c
index 6e7dbc4da1fa..f6c1c7d17705 100644
--- a/crypto/openssl/crypto/cms/cms_smime.c
+++ b/crypto/openssl/crypto/cms/cms_smime.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -211,7 +211,7 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
     if (cms == NULL)
         return NULL;
     if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
-        return NULL;
+        goto err;
 
     if (!(flags & CMS_DETACHED))
         CMS_set_detached(cms, 0);
@@ -220,6 +220,7 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
         || CMS_final(cms, in, NULL, flags))
         return cms;
 
+ err:
     CMS_ContentInfo_free(cms);
     return NULL;
 }
diff --git a/crypto/openssl/crypto/ec/ec_ameth.c b/crypto/openssl/crypto/ec/ec_ameth.c
index 5098bd7a6602..5a63590a9fbd 100644
--- a/crypto/openssl/crypto/ec/ec_ameth.c
+++ b/crypto/openssl/crypto/ec/ec_ameth.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -38,7 +38,6 @@ static int eckey_param2type(int *pptype, void **ppval, const EC_KEY *ec_key)
         ASN1_OBJECT *asn1obj = OBJ_nid2obj(nid);
 
         if (asn1obj == NULL || OBJ_length(asn1obj) == 0) {
-            ASN1_OBJECT_free(asn1obj);
             ECerr(EC_F_ECKEY_PARAM2TYPE, EC_R_MISSING_OID);
             return 0;
         }
@@ -98,9 +97,7 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
                                ptype, pval, penc, penclen))
         return 1;
  err:
-    if (ptype == V_ASN1_OBJECT)
-        ASN1_OBJECT_free(pval);
-    else
+    if (ptype == V_ASN1_SEQUENCE)
         ASN1_STRING_free(pval);
     OPENSSL_free(penc);
     return 0;
@@ -256,24 +253,32 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
 
     eplen = i2d_ECPrivateKey(&ec_key, NULL);
     if (!eplen) {
+        if (ptype == V_ASN1_SEQUENCE)
+            ASN1_STRING_free(pval);
         ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
         return 0;
     }
     ep = OPENSSL_malloc(eplen);
     if (ep == NULL) {
+        if (ptype == V_ASN1_SEQUENCE)
+            ASN1_STRING_free(pval);
         ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
         return 0;
     }
     p = ep;
     if (!i2d_ECPrivateKey(&ec_key, &p)) {
-        OPENSSL_free(ep);
+        OPENSSL_clear_free(ep, eplen);
+        if (ptype == V_ASN1_SEQUENCE)
+            ASN1_STRING_free(pval);
         ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
         return 0;
     }
 
     if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
                          ptype, pval, ep, eplen)) {
-        OPENSSL_free(ep);
+        OPENSSL_clear_free(ep, eplen);
+        if (ptype == V_ASN1_SEQUENCE)
+            ASN1_STRING_free(pval);
         return 0;
     }
 
diff --git a/crypto/openssl/crypto/poly1305/asm/poly1305-x86_64.pl b/crypto/openssl/crypto/poly1305/asm/poly1305-x86_64.pl
index 5f834d8faf2a..5e2bb18f2bac 100755
--- a/crypto/openssl/crypto/poly1305/asm/poly1305-x86_64.pl
+++ b/crypto/openssl/crypto/poly1305/asm/poly1305-x86_64.pl
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -193,7 +193,7 @@ $code.=<<___	if ($avx>1);
 	bt	\$`5+32`,%r9		# AVX2?
 	cmovc	%rax,%r10
 ___
-$code.=<<___	if ($avx>3);
+$code.=<<___	if ($avx>3 && !$win64);
 	mov	\$`(1<<31|1<<21|1<<16)`,%rax
 	shr	\$32,%r9
 	and	%rax,%r9
@@ -2722,7 +2722,7 @@ $code.=<<___;
 .cfi_endproc
 .size	poly1305_blocks_avx512,.-poly1305_blocks_avx512
 ___
-if ($avx>3) {
+if ($avx>3 && !$win64) {
 ########################################################################
 # VPMADD52 version using 2^44 radix.
 #
diff --git a/crypto/openssl/crypto/rsa/rsa_ameth.c b/crypto/openssl/crypto/rsa/rsa_ameth.c
index 2c9c46ea53c8..00ed9820b0d2 100644
--- a/crypto/openssl/crypto/rsa/rsa_ameth.c
+++ b/crypto/openssl/crypto/rsa/rsa_ameth.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -82,13 +82,16 @@ static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
     if (!rsa_param_encode(pkey, &str, &strtype))
         return 0;
     penclen = i2d_RSAPublicKey(pkey->pkey.rsa, &penc);
-    if (penclen <= 0)
+    if (penclen <= 0) {
+        ASN1_STRING_free(str);
         return 0;
+    }
     if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(pkey->ameth->pkey_id),
                                strtype, str, penc, penclen))
         return 1;
 
     OPENSSL_free(penc);
+    ASN1_STRING_free(str);
     return 0;
 }
 
diff --git a/crypto/openssl/doc/man3/CMS_sign.pod b/crypto/openssl/doc/man3/CMS_sign.pod
index 79446b129889..884be8fdd315 100644
--- a/crypto/openssl/doc/man3/CMS_sign.pod
+++ b/crypto/openssl/doc/man3/CMS_sign.pod
@@ -95,7 +95,7 @@ The function CMS_sign() is a basic CMS signing function whose output will be
 suitable for many purposes. For finer control of the output format the
 B<certs>, B<signcert> and B<pkey> parameters can all be B<NULL> and the
 B<CMS_PARTIAL> flag set. Then one or more signers can be added using the
-function CMS_sign_add1_signer(), non default digests can be used and custom
+function CMS_add1_signer(), non default digests can be used and custom
 attributes added. CMS_final() must then be called to finalize the
 structure if streaming is not enabled.
 
@@ -119,7 +119,7 @@ it is supported for embedded data in OpenSSL 1.0.0 and later.
 
 =head1 COPYRIGHT
 
-Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2008-2023 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/openssl/include/openssl/opensslv.h b/crypto/openssl/include/openssl/opensslv.h
index c1063dc589e4..65209e1f6d77 100644
--- a/crypto/openssl/include/openssl/opensslv.h
+++ b/crypto/openssl/include/openssl/opensslv.h
@@ -39,8 +39,8 @@ extern "C" {
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x1010116fL
-# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1v-freebsd  1 Aug 2023"
+# define OPENSSL_VERSION_NUMBER  0x1010117fL
+# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1w-freebsd  11 Sep 2023"
 
 /*-
  * The macros below are to be used for shared library (.so, .dll, ...)
diff --git a/crypto/openssl/ssl/ssl_sess.c b/crypto/openssl/ssl/ssl_sess.c
index cda6b7cc5bcf..68d1737ac521 100644
--- a/crypto/openssl/ssl/ssl_sess.c
+++ b/crypto/openssl/ssl/ssl_sess.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright 2005 Nokia. All rights reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -139,8 +139,11 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     dest->references = 1;
 
     dest->lock = CRYPTO_THREAD_lock_new();
-    if (dest->lock == NULL)
+    if (dest->lock == NULL) {
+        OPENSSL_free(dest);
+        dest = NULL;
         goto err;
+    }
 
     if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data))
         goto err;