svn commit: r285330 - in stable/10: crypto/openssl crypto/openssl/crypto crypto/openssl/crypto/bio crypto/openssl/crypto/evp crypto/openssl/crypto/pkcs12 crypto/openssl/crypto/threads crypto/openss...
Jung-uk Kim
jkim at FreeBSD.org
Thu Jul 9 17:17:29 UTC 2015
Author: jkim
Date: Thu Jul 9 17:17:22 2015
New Revision: 285330
URL: https://svnweb.freebsd.org/changeset/base/285330
Log:
MFC: r285329
Merge OpenSSL 1.0.1p.
Approved by: re (gjb)
Relnotes: yes
Added:
stable/10/crypto/openssl/crypto/x509/verify_extra_test.c
- copied unchanged from r285329, head/crypto/openssl/crypto/x509/verify_extra_test.c
Modified:
stable/10/crypto/openssl/CHANGES
stable/10/crypto/openssl/Makefile
stable/10/crypto/openssl/Makefile.org
stable/10/crypto/openssl/NEWS
stable/10/crypto/openssl/README
stable/10/crypto/openssl/crypto/bio/bio.h
stable/10/crypto/openssl/crypto/evp/e_aes.c
stable/10/crypto/openssl/crypto/opensslconf.h
stable/10/crypto/openssl/crypto/opensslconf.h.in
stable/10/crypto/openssl/crypto/opensslv.h
stable/10/crypto/openssl/crypto/pkcs12/p12_kiss.c
stable/10/crypto/openssl/crypto/threads/mttest.c
stable/10/crypto/openssl/crypto/threads/pthread2.sh
stable/10/crypto/openssl/crypto/x509/Makefile
stable/10/crypto/openssl/crypto/x509/x509_vfy.c
stable/10/crypto/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod
stable/10/crypto/openssl/doc/crypto/X509_STORE_CTX_new.pod
stable/10/crypto/openssl/doc/crypto/X509_verify_cert.pod
stable/10/crypto/openssl/ssl/s3_clnt.c
stable/10/crypto/openssl/ssl/s3_srvr.c
stable/10/secure/lib/libcrypto/Makefile.inc
stable/10/secure/lib/libcrypto/man/ASN1_OBJECT_new.3
stable/10/secure/lib/libcrypto/man/ASN1_STRING_length.3
stable/10/secure/lib/libcrypto/man/ASN1_STRING_new.3
stable/10/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3
stable/10/secure/lib/libcrypto/man/ASN1_generate_nconf.3
stable/10/secure/lib/libcrypto/man/BIO_ctrl.3
stable/10/secure/lib/libcrypto/man/BIO_f_base64.3
stable/10/secure/lib/libcrypto/man/BIO_f_buffer.3
stable/10/secure/lib/libcrypto/man/BIO_f_cipher.3
stable/10/secure/lib/libcrypto/man/BIO_f_md.3
stable/10/secure/lib/libcrypto/man/BIO_f_null.3
stable/10/secure/lib/libcrypto/man/BIO_f_ssl.3
stable/10/secure/lib/libcrypto/man/BIO_find_type.3
stable/10/secure/lib/libcrypto/man/BIO_new.3
stable/10/secure/lib/libcrypto/man/BIO_new_CMS.3
stable/10/secure/lib/libcrypto/man/BIO_push.3
stable/10/secure/lib/libcrypto/man/BIO_read.3
stable/10/secure/lib/libcrypto/man/BIO_s_accept.3
stable/10/secure/lib/libcrypto/man/BIO_s_bio.3
stable/10/secure/lib/libcrypto/man/BIO_s_connect.3
stable/10/secure/lib/libcrypto/man/BIO_s_fd.3
stable/10/secure/lib/libcrypto/man/BIO_s_file.3
stable/10/secure/lib/libcrypto/man/BIO_s_mem.3
stable/10/secure/lib/libcrypto/man/BIO_s_null.3
stable/10/secure/lib/libcrypto/man/BIO_s_socket.3
stable/10/secure/lib/libcrypto/man/BIO_set_callback.3
stable/10/secure/lib/libcrypto/man/BIO_should_retry.3
stable/10/secure/lib/libcrypto/man/BN_BLINDING_new.3
stable/10/secure/lib/libcrypto/man/BN_CTX_new.3
stable/10/secure/lib/libcrypto/man/BN_CTX_start.3
stable/10/secure/lib/libcrypto/man/BN_add.3
stable/10/secure/lib/libcrypto/man/BN_add_word.3
stable/10/secure/lib/libcrypto/man/BN_bn2bin.3
stable/10/secure/lib/libcrypto/man/BN_cmp.3
stable/10/secure/lib/libcrypto/man/BN_copy.3
stable/10/secure/lib/libcrypto/man/BN_generate_prime.3
stable/10/secure/lib/libcrypto/man/BN_mod_inverse.3
stable/10/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3
stable/10/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3
stable/10/secure/lib/libcrypto/man/BN_new.3
stable/10/secure/lib/libcrypto/man/BN_num_bytes.3
stable/10/secure/lib/libcrypto/man/BN_rand.3
stable/10/secure/lib/libcrypto/man/BN_set_bit.3
stable/10/secure/lib/libcrypto/man/BN_swap.3
stable/10/secure/lib/libcrypto/man/BN_zero.3
stable/10/secure/lib/libcrypto/man/CMS_add0_cert.3
stable/10/secure/lib/libcrypto/man/CMS_add1_recipient_cert.3
stable/10/secure/lib/libcrypto/man/CMS_add1_signer.3
stable/10/secure/lib/libcrypto/man/CMS_compress.3
stable/10/secure/lib/libcrypto/man/CMS_decrypt.3
stable/10/secure/lib/libcrypto/man/CMS_encrypt.3
stable/10/secure/lib/libcrypto/man/CMS_final.3
stable/10/secure/lib/libcrypto/man/CMS_get0_RecipientInfos.3
stable/10/secure/lib/libcrypto/man/CMS_get0_SignerInfos.3
stable/10/secure/lib/libcrypto/man/CMS_get0_type.3
stable/10/secure/lib/libcrypto/man/CMS_get1_ReceiptRequest.3
stable/10/secure/lib/libcrypto/man/CMS_sign.3
stable/10/secure/lib/libcrypto/man/CMS_sign_receipt.3
stable/10/secure/lib/libcrypto/man/CMS_uncompress.3
stable/10/secure/lib/libcrypto/man/CMS_verify.3
stable/10/secure/lib/libcrypto/man/CMS_verify_receipt.3
stable/10/secure/lib/libcrypto/man/CONF_modules_free.3
stable/10/secure/lib/libcrypto/man/CONF_modules_load_file.3
stable/10/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3
stable/10/secure/lib/libcrypto/man/DH_generate_key.3
stable/10/secure/lib/libcrypto/man/DH_generate_parameters.3
stable/10/secure/lib/libcrypto/man/DH_get_ex_new_index.3
stable/10/secure/lib/libcrypto/man/DH_new.3
stable/10/secure/lib/libcrypto/man/DH_set_method.3
stable/10/secure/lib/libcrypto/man/DH_size.3
stable/10/secure/lib/libcrypto/man/DSA_SIG_new.3
stable/10/secure/lib/libcrypto/man/DSA_do_sign.3
stable/10/secure/lib/libcrypto/man/DSA_dup_DH.3
stable/10/secure/lib/libcrypto/man/DSA_generate_key.3
stable/10/secure/lib/libcrypto/man/DSA_generate_parameters.3
stable/10/secure/lib/libcrypto/man/DSA_get_ex_new_index.3
stable/10/secure/lib/libcrypto/man/DSA_new.3
stable/10/secure/lib/libcrypto/man/DSA_set_method.3
stable/10/secure/lib/libcrypto/man/DSA_sign.3
stable/10/secure/lib/libcrypto/man/DSA_size.3
stable/10/secure/lib/libcrypto/man/ERR_GET_LIB.3
stable/10/secure/lib/libcrypto/man/ERR_clear_error.3
stable/10/secure/lib/libcrypto/man/ERR_error_string.3
stable/10/secure/lib/libcrypto/man/ERR_get_error.3
stable/10/secure/lib/libcrypto/man/ERR_load_crypto_strings.3
stable/10/secure/lib/libcrypto/man/ERR_load_strings.3
stable/10/secure/lib/libcrypto/man/ERR_print_errors.3
stable/10/secure/lib/libcrypto/man/ERR_put_error.3
stable/10/secure/lib/libcrypto/man/ERR_remove_state.3
stable/10/secure/lib/libcrypto/man/ERR_set_mark.3
stable/10/secure/lib/libcrypto/man/EVP_BytesToKey.3
stable/10/secure/lib/libcrypto/man/EVP_DigestInit.3
stable/10/secure/lib/libcrypto/man/EVP_DigestSignInit.3
stable/10/secure/lib/libcrypto/man/EVP_DigestVerifyInit.3
stable/10/secure/lib/libcrypto/man/EVP_EncryptInit.3
stable/10/secure/lib/libcrypto/man/EVP_OpenInit.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_CTX_new.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_cmp.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_decrypt.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_derive.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_encrypt.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_get_default_digest.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_keygen.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_new.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_print_private.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_sign.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_verify.3
stable/10/secure/lib/libcrypto/man/EVP_PKEY_verify_recover.3
stable/10/secure/lib/libcrypto/man/EVP_SealInit.3
stable/10/secure/lib/libcrypto/man/EVP_SignInit.3
stable/10/secure/lib/libcrypto/man/EVP_VerifyInit.3
stable/10/secure/lib/libcrypto/man/OBJ_nid2obj.3
stable/10/secure/lib/libcrypto/man/OPENSSL_Applink.3
stable/10/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
stable/10/secure/lib/libcrypto/man/OPENSSL_config.3
stable/10/secure/lib/libcrypto/man/OPENSSL_ia32cap.3
stable/10/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
stable/10/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
stable/10/secure/lib/libcrypto/man/PEM_write_bio_CMS_stream.3
stable/10/secure/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3
stable/10/secure/lib/libcrypto/man/PKCS12_create.3
stable/10/secure/lib/libcrypto/man/PKCS12_parse.3
stable/10/secure/lib/libcrypto/man/PKCS7_decrypt.3
stable/10/secure/lib/libcrypto/man/PKCS7_encrypt.3
stable/10/secure/lib/libcrypto/man/PKCS7_sign.3
stable/10/secure/lib/libcrypto/man/PKCS7_sign_add_signer.3
stable/10/secure/lib/libcrypto/man/PKCS7_verify.3
stable/10/secure/lib/libcrypto/man/RAND_add.3
stable/10/secure/lib/libcrypto/man/RAND_bytes.3
stable/10/secure/lib/libcrypto/man/RAND_cleanup.3
stable/10/secure/lib/libcrypto/man/RAND_egd.3
stable/10/secure/lib/libcrypto/man/RAND_load_file.3
stable/10/secure/lib/libcrypto/man/RAND_set_rand_method.3
stable/10/secure/lib/libcrypto/man/RSA_blinding_on.3
stable/10/secure/lib/libcrypto/man/RSA_check_key.3
stable/10/secure/lib/libcrypto/man/RSA_generate_key.3
stable/10/secure/lib/libcrypto/man/RSA_get_ex_new_index.3
stable/10/secure/lib/libcrypto/man/RSA_new.3
stable/10/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3
stable/10/secure/lib/libcrypto/man/RSA_print.3
stable/10/secure/lib/libcrypto/man/RSA_private_encrypt.3
stable/10/secure/lib/libcrypto/man/RSA_public_encrypt.3
stable/10/secure/lib/libcrypto/man/RSA_set_method.3
stable/10/secure/lib/libcrypto/man/RSA_sign.3
stable/10/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3
stable/10/secure/lib/libcrypto/man/RSA_size.3
stable/10/secure/lib/libcrypto/man/SMIME_read_CMS.3
stable/10/secure/lib/libcrypto/man/SMIME_read_PKCS7.3
stable/10/secure/lib/libcrypto/man/SMIME_write_CMS.3
stable/10/secure/lib/libcrypto/man/SMIME_write_PKCS7.3
stable/10/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3
stable/10/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3
stable/10/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
stable/10/secure/lib/libcrypto/man/X509_NAME_print_ex.3
stable/10/secure/lib/libcrypto/man/X509_STORE_CTX_get_error.3
stable/10/secure/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3
stable/10/secure/lib/libcrypto/man/X509_STORE_CTX_new.3
stable/10/secure/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3
stable/10/secure/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3
stable/10/secure/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3
stable/10/secure/lib/libcrypto/man/X509_new.3
stable/10/secure/lib/libcrypto/man/X509_verify_cert.3
stable/10/secure/lib/libcrypto/man/bio.3
stable/10/secure/lib/libcrypto/man/blowfish.3
stable/10/secure/lib/libcrypto/man/bn.3
stable/10/secure/lib/libcrypto/man/bn_internal.3
stable/10/secure/lib/libcrypto/man/buffer.3
stable/10/secure/lib/libcrypto/man/crypto.3
stable/10/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3
stable/10/secure/lib/libcrypto/man/d2i_CMS_ContentInfo.3
stable/10/secure/lib/libcrypto/man/d2i_DHparams.3
stable/10/secure/lib/libcrypto/man/d2i_DSAPublicKey.3
stable/10/secure/lib/libcrypto/man/d2i_ECPrivateKey.3
stable/10/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3
stable/10/secure/lib/libcrypto/man/d2i_RSAPublicKey.3
stable/10/secure/lib/libcrypto/man/d2i_X509.3
stable/10/secure/lib/libcrypto/man/d2i_X509_ALGOR.3
stable/10/secure/lib/libcrypto/man/d2i_X509_CRL.3
stable/10/secure/lib/libcrypto/man/d2i_X509_NAME.3
stable/10/secure/lib/libcrypto/man/d2i_X509_REQ.3
stable/10/secure/lib/libcrypto/man/d2i_X509_SIG.3
stable/10/secure/lib/libcrypto/man/des.3
stable/10/secure/lib/libcrypto/man/dh.3
stable/10/secure/lib/libcrypto/man/dsa.3
stable/10/secure/lib/libcrypto/man/ecdsa.3
stable/10/secure/lib/libcrypto/man/engine.3
stable/10/secure/lib/libcrypto/man/err.3
stable/10/secure/lib/libcrypto/man/evp.3
stable/10/secure/lib/libcrypto/man/hmac.3
stable/10/secure/lib/libcrypto/man/i2d_CMS_bio_stream.3
stable/10/secure/lib/libcrypto/man/i2d_PKCS7_bio_stream.3
stable/10/secure/lib/libcrypto/man/lh_stats.3
stable/10/secure/lib/libcrypto/man/lhash.3
stable/10/secure/lib/libcrypto/man/md5.3
stable/10/secure/lib/libcrypto/man/mdc2.3
stable/10/secure/lib/libcrypto/man/pem.3
stable/10/secure/lib/libcrypto/man/rand.3
stable/10/secure/lib/libcrypto/man/rc4.3
stable/10/secure/lib/libcrypto/man/ripemd.3
stable/10/secure/lib/libcrypto/man/rsa.3
stable/10/secure/lib/libcrypto/man/sha.3
stable/10/secure/lib/libcrypto/man/threads.3
stable/10/secure/lib/libcrypto/man/ui.3
stable/10/secure/lib/libcrypto/man/ui_compat.3
stable/10/secure/lib/libcrypto/man/x509.3
stable/10/secure/lib/libssl/man/SSL_CIPHER_get_name.3
stable/10/secure/lib/libssl/man/SSL_COMP_add_compression_method.3
stable/10/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3
stable/10/secure/lib/libssl/man/SSL_CTX_add_session.3
stable/10/secure/lib/libssl/man/SSL_CTX_ctrl.3
stable/10/secure/lib/libssl/man/SSL_CTX_flush_sessions.3
stable/10/secure/lib/libssl/man/SSL_CTX_free.3
stable/10/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3
stable/10/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3
stable/10/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3
stable/10/secure/lib/libssl/man/SSL_CTX_new.3
stable/10/secure/lib/libssl/man/SSL_CTX_sess_number.3
stable/10/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3
stable/10/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3
stable/10/secure/lib/libssl/man/SSL_CTX_sessions.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_cert_store.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_info_callback.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_mode.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_options.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_psk_client_callback.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_read_ahead.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_timeout.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3
stable/10/secure/lib/libssl/man/SSL_CTX_set_verify.3
stable/10/secure/lib/libssl/man/SSL_CTX_use_certificate.3
stable/10/secure/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3
stable/10/secure/lib/libssl/man/SSL_SESSION_free.3
stable/10/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3
stable/10/secure/lib/libssl/man/SSL_SESSION_get_time.3
stable/10/secure/lib/libssl/man/SSL_accept.3
stable/10/secure/lib/libssl/man/SSL_alert_type_string.3
stable/10/secure/lib/libssl/man/SSL_clear.3
stable/10/secure/lib/libssl/man/SSL_connect.3
stable/10/secure/lib/libssl/man/SSL_do_handshake.3
stable/10/secure/lib/libssl/man/SSL_free.3
stable/10/secure/lib/libssl/man/SSL_get_SSL_CTX.3
stable/10/secure/lib/libssl/man/SSL_get_ciphers.3
stable/10/secure/lib/libssl/man/SSL_get_client_CA_list.3
stable/10/secure/lib/libssl/man/SSL_get_current_cipher.3
stable/10/secure/lib/libssl/man/SSL_get_default_timeout.3
stable/10/secure/lib/libssl/man/SSL_get_error.3
stable/10/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3
stable/10/secure/lib/libssl/man/SSL_get_ex_new_index.3
stable/10/secure/lib/libssl/man/SSL_get_fd.3
stable/10/secure/lib/libssl/man/SSL_get_peer_cert_chain.3
stable/10/secure/lib/libssl/man/SSL_get_peer_certificate.3
stable/10/secure/lib/libssl/man/SSL_get_psk_identity.3
stable/10/secure/lib/libssl/man/SSL_get_rbio.3
stable/10/secure/lib/libssl/man/SSL_get_session.3
stable/10/secure/lib/libssl/man/SSL_get_verify_result.3
stable/10/secure/lib/libssl/man/SSL_get_version.3
stable/10/secure/lib/libssl/man/SSL_library_init.3
stable/10/secure/lib/libssl/man/SSL_load_client_CA_file.3
stable/10/secure/lib/libssl/man/SSL_new.3
stable/10/secure/lib/libssl/man/SSL_pending.3
stable/10/secure/lib/libssl/man/SSL_read.3
stable/10/secure/lib/libssl/man/SSL_rstate_string.3
stable/10/secure/lib/libssl/man/SSL_session_reused.3
stable/10/secure/lib/libssl/man/SSL_set_bio.3
stable/10/secure/lib/libssl/man/SSL_set_connect_state.3
stable/10/secure/lib/libssl/man/SSL_set_fd.3
stable/10/secure/lib/libssl/man/SSL_set_session.3
stable/10/secure/lib/libssl/man/SSL_set_shutdown.3
stable/10/secure/lib/libssl/man/SSL_set_verify_result.3
stable/10/secure/lib/libssl/man/SSL_shutdown.3
stable/10/secure/lib/libssl/man/SSL_state_string.3
stable/10/secure/lib/libssl/man/SSL_want.3
stable/10/secure/lib/libssl/man/SSL_write.3
stable/10/secure/lib/libssl/man/d2i_SSL_SESSION.3
stable/10/secure/lib/libssl/man/ssl.3
stable/10/secure/usr.bin/openssl/man/CA.pl.1
stable/10/secure/usr.bin/openssl/man/asn1parse.1
stable/10/secure/usr.bin/openssl/man/c_rehash.1
stable/10/secure/usr.bin/openssl/man/ca.1
stable/10/secure/usr.bin/openssl/man/ciphers.1
stable/10/secure/usr.bin/openssl/man/cms.1
stable/10/secure/usr.bin/openssl/man/crl.1
stable/10/secure/usr.bin/openssl/man/crl2pkcs7.1
stable/10/secure/usr.bin/openssl/man/dgst.1
stable/10/secure/usr.bin/openssl/man/dhparam.1
stable/10/secure/usr.bin/openssl/man/dsa.1
stable/10/secure/usr.bin/openssl/man/dsaparam.1
stable/10/secure/usr.bin/openssl/man/ec.1
stable/10/secure/usr.bin/openssl/man/ecparam.1
stable/10/secure/usr.bin/openssl/man/enc.1
stable/10/secure/usr.bin/openssl/man/errstr.1
stable/10/secure/usr.bin/openssl/man/gendsa.1
stable/10/secure/usr.bin/openssl/man/genpkey.1
stable/10/secure/usr.bin/openssl/man/genrsa.1
stable/10/secure/usr.bin/openssl/man/nseq.1
stable/10/secure/usr.bin/openssl/man/ocsp.1
stable/10/secure/usr.bin/openssl/man/openssl.1
stable/10/secure/usr.bin/openssl/man/passwd.1
stable/10/secure/usr.bin/openssl/man/pkcs12.1
stable/10/secure/usr.bin/openssl/man/pkcs7.1
stable/10/secure/usr.bin/openssl/man/pkcs8.1
stable/10/secure/usr.bin/openssl/man/pkey.1
stable/10/secure/usr.bin/openssl/man/pkeyparam.1
stable/10/secure/usr.bin/openssl/man/pkeyutl.1
stable/10/secure/usr.bin/openssl/man/rand.1
stable/10/secure/usr.bin/openssl/man/req.1
stable/10/secure/usr.bin/openssl/man/rsa.1
stable/10/secure/usr.bin/openssl/man/rsautl.1
stable/10/secure/usr.bin/openssl/man/s_client.1
stable/10/secure/usr.bin/openssl/man/s_server.1
stable/10/secure/usr.bin/openssl/man/s_time.1
stable/10/secure/usr.bin/openssl/man/sess_id.1
stable/10/secure/usr.bin/openssl/man/smime.1
stable/10/secure/usr.bin/openssl/man/speed.1
stable/10/secure/usr.bin/openssl/man/spkac.1
stable/10/secure/usr.bin/openssl/man/ts.1
stable/10/secure/usr.bin/openssl/man/tsget.1
stable/10/secure/usr.bin/openssl/man/verify.1
stable/10/secure/usr.bin/openssl/man/version.1
stable/10/secure/usr.bin/openssl/man/x509.1
stable/10/secure/usr.bin/openssl/man/x509v3_config.1
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/crypto/openssl/CHANGES
==============================================================================
--- stable/10/crypto/openssl/CHANGES Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/CHANGES Thu Jul 9 17:17:22 2015 (r285330)
@@ -2,6 +2,21 @@
OpenSSL CHANGES
_______________
+ Changes between 1.0.1o and 1.0.1p [9 Jul 2015]
+
+ *) Alternate chains certificate forgery
+
+ During certificate verfification, OpenSSL will attempt to find an
+ alternative certificate chain if the first attempt to build such a chain
+ fails. An error in the implementation of this logic can mean that an
+ attacker could cause certain checks on untrusted certificates to be
+ bypassed, such as the CA flag, enabling them to use a valid leaf
+ certificate to act as a CA and "issue" an invalid certificate.
+
+ This issue was reported to OpenSSL by Adam Langley/David Benjamin
+ (Google/BoringSSL).
+ [Matt Caswell]
+
Changes between 1.0.1n and 1.0.1o [12 Jun 2015]
*) Fix HMAC ABI incompatibility. The previous version introduced an ABI
Modified: stable/10/crypto/openssl/Makefile
==============================================================================
--- stable/10/crypto/openssl/Makefile Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/Makefile Thu Jul 9 17:17:22 2015 (r285330)
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=1.0.1o
+VERSION=1.0.1p
MAJOR=1
MINOR=0.1
SHLIB_VERSION_NUMBER=1.0.0
@@ -270,6 +270,7 @@ reflect:
@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
sub_all: build_all
+
build_all: build_libs build_apps build_tests build_tools
build_libs: build_libcrypto build_libssl openssl.pc
@@ -279,15 +280,15 @@ build_libssl: build_ssl libssl.pc
build_crypto:
@dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_ssl:
+build_ssl: build_crypto
@dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines:
+build_engines: build_crypto
@dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps:
+build_apps: build_libs
@dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests:
+build_tests: build_libs
@dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools:
+build_tools: build_libs
@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
Modified: stable/10/crypto/openssl/Makefile.org
==============================================================================
--- stable/10/crypto/openssl/Makefile.org Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/Makefile.org Thu Jul 9 17:17:22 2015 (r285330)
@@ -268,6 +268,7 @@ reflect:
@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
sub_all: build_all
+
build_all: build_libs build_apps build_tests build_tools
build_libs: build_libcrypto build_libssl openssl.pc
@@ -277,15 +278,15 @@ build_libssl: build_ssl libssl.pc
build_crypto:
@dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_ssl:
+build_ssl: build_crypto
@dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines:
+build_engines: build_crypto
@dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps:
+build_apps: build_libs
@dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests:
+build_tests: build_libs
@dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools:
+build_tools: build_libs
@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
Modified: stable/10/crypto/openssl/NEWS
==============================================================================
--- stable/10/crypto/openssl/NEWS Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/NEWS Thu Jul 9 17:17:22 2015 (r285330)
@@ -5,6 +5,10 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015]
+
+ o Alternate chains certificate forgery (CVE-2015-1793)
+
Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015]
o Fix HMAC ABI incompatibility
Modified: stable/10/crypto/openssl/README
==============================================================================
--- stable/10/crypto/openssl/README Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/README Thu Jul 9 17:17:22 2015 (r285330)
@@ -1,5 +1,5 @@
- OpenSSL 1.0.1o 12 Jun 2015
+ OpenSSL 1.0.1p 9 Jul 2015
Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Modified: stable/10/crypto/openssl/crypto/bio/bio.h
==============================================================================
--- stable/10/crypto/openssl/crypto/bio/bio.h Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/crypto/bio/bio.h Thu Jul 9 17:17:22 2015 (r285330)
@@ -290,7 +290,7 @@ void BIO_clear_flags(BIO *b, int flags);
* BIO_CB_RETURN flag indicates if it is after the call
*/
# define BIO_CB_RETURN 0x80
-# define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
+# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
Modified: stable/10/crypto/openssl/crypto/evp/e_aes.c
==============================================================================
--- stable/10/crypto/openssl/crypto/evp/e_aes.c Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/crypto/evp/e_aes.c Thu Jul 9 17:17:22 2015 (r285330)
@@ -1146,7 +1146,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *
case EVP_CTRL_CCM_SET_TAG:
if ((arg & 1) || arg < 4 || arg > 16)
return 0;
- if ((c->encrypt && ptr) || (!c->encrypt && !ptr))
+ if (c->encrypt && ptr)
return 0;
if (ptr) {
cctx->tag_set = 1;
Modified: stable/10/crypto/openssl/crypto/opensslconf.h
==============================================================================
--- stable/10/crypto/openssl/crypto/opensslconf.h Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/crypto/opensslconf.h Thu Jul 9 17:17:22 2015 (r285330)
@@ -185,7 +185,7 @@ extern "C" {
#endif
#if defined(DES_RISC1) && defined(DES_RISC2)
-YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
#endif
/* Unroll the inner loop, this sometimes helps, sometimes hinders.
Modified: stable/10/crypto/openssl/crypto/opensslconf.h.in
==============================================================================
--- stable/10/crypto/openssl/crypto/opensslconf.h.in Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/crypto/opensslconf.h.in Thu Jul 9 17:17:22 2015 (r285330)
@@ -101,7 +101,7 @@
#endif
#if defined(DES_RISC1) && defined(DES_RISC2)
-YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
#endif
/* Unroll the inner loop, this sometimes helps, sometimes hinders.
Modified: stable/10/crypto/openssl/crypto/opensslv.h
==============================================================================
--- stable/10/crypto/openssl/crypto/opensslv.h Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/crypto/opensslv.h Thu Jul 9 17:17:22 2015 (r285330)
@@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x100010ffL
+# define OPENSSL_VERSION_NUMBER 0x1000110fL
# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1o-fips 12 Jun 2015"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1p-fips 9 Jul 2015"
# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1o-freebsd 12 Jun 2015"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1p-freebsd 9 Jul 2015"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
Modified: stable/10/crypto/openssl/crypto/pkcs12/p12_kiss.c
==============================================================================
--- stable/10/crypto/openssl/crypto/pkcs12/p12_kiss.c Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/crypto/pkcs12/p12_kiss.c Thu Jul 9 17:17:22 2015 (r285330)
@@ -135,10 +135,12 @@ int PKCS12_parse(PKCS12 *p12, const char
while ((x = sk_X509_pop(ocerts))) {
if (pkey && *pkey && cert && !*cert) {
+ ERR_set_mark();
if (X509_check_private_key(x, *pkey)) {
*cert = x;
x = NULL;
}
+ ERR_pop_to_mark();
}
if (ca && x) {
Modified: stable/10/crypto/openssl/crypto/threads/mttest.c
==============================================================================
--- stable/10/crypto/openssl/crypto/threads/mttest.c Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/crypto/threads/mttest.c Thu Jul 9 17:17:22 2015 (r285330)
@@ -56,7 +56,6 @@
* [including the GNU Public Licence.]
*/
-#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
@@ -86,17 +85,11 @@
#include <openssl/lhash.h>
#include <openssl/crypto.h>
#include <openssl/buffer.h>
-#include "../../e_os.h"
#include <openssl/x509.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
-#ifdef OPENSSL_NO_FP_API
-# define APPS_WIN16
-# include "../buffer/bss_file.c"
-#endif
-
#ifdef OPENSSL_SYS_NETWARE
# define TEST_SERVER_CERT "/openssl/apps/server.pem"
# define TEST_CLIENT_CERT "/openssl/apps/client.pem"
@@ -107,23 +100,23 @@
#define MAX_THREAD_NUMBER 100
-int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *xs);
+int verify_callback(int ok, X509_STORE_CTX *xs);
void thread_setup(void);
void thread_cleanup(void);
void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx);
-void irix_locking_callback(int mode, int type, char *file, int line);
-void solaris_locking_callback(int mode, int type, char *file, int line);
-void win32_locking_callback(int mode, int type, char *file, int line);
-void pthreads_locking_callback(int mode, int type, char *file, int line);
-void netware_locking_callback(int mode, int type, char *file, int line);
+void irix_locking_callback(int mode, int type, const char *file, int line);
+void solaris_locking_callback(int mode, int type, const char *file, int line);
+void win32_locking_callback(int mode, int type, const char *file, int line);
+void pthreads_locking_callback(int mode, int type, const char *file, int line);
+void netware_locking_callback(int mode, int type, const char *file, int line);
void beos_locking_callback(int mode, int type, const char *file, int line);
-unsigned long irix_thread_id(void);
-unsigned long solaris_thread_id(void);
-unsigned long pthreads_thread_id(void);
-unsigned long netware_thread_id(void);
-unsigned long beos_thread_id(void);
+void irix_thread_id(CRYPTO_THREADID *tid);
+void solaris_thread_id(CRYPTO_THREADID *tid);
+void pthreads_thread_id(CRYPTO_THREADID *tid);
+void netware_thread_id(CRYPTO_THREADID *tid);
+void beos_thread_id(CRYPTO_THREADID *tid);
#if defined(OPENSSL_SYS_NETWARE)
static MPKMutex *lock_cs;
@@ -149,39 +142,39 @@ static const char rnd_seed[] =
"string to make the random number generator think it has entropy";
int doit(char *ctx[4]);
-static void print_stats(FILE *fp, SSL_CTX *ctx)
+static void print_stats(BIO *bio, SSL_CTX *ctx)
{
- fprintf(fp, "%4ld items in the session cache\n",
- SSL_CTX_sess_number(ctx));
- fprintf(fp, "%4d client connects (SSL_connect())\n",
- SSL_CTX_sess_connect(ctx));
- fprintf(fp, "%4d client connects that finished\n",
- SSL_CTX_sess_connect_good(ctx));
- fprintf(fp, "%4d server connects (SSL_accept())\n",
- SSL_CTX_sess_accept(ctx));
- fprintf(fp, "%4d server connects that finished\n",
- SSL_CTX_sess_accept_good(ctx));
- fprintf(fp, "%4d session cache hits\n", SSL_CTX_sess_hits(ctx));
- fprintf(fp, "%4d session cache misses\n", SSL_CTX_sess_misses(ctx));
- fprintf(fp, "%4d session cache timeouts\n", SSL_CTX_sess_timeouts(ctx));
+ BIO_printf(bio, "%4ld items in the session cache\n",
+ SSL_CTX_sess_number(ctx));
+ BIO_printf(bio, "%4d client connects (SSL_connect())\n",
+ SSL_CTX_sess_connect(ctx));
+ BIO_printf(bio, "%4d client connects that finished\n",
+ SSL_CTX_sess_connect_good(ctx));
+ BIO_printf(bio, "%4d server connects (SSL_accept())\n",
+ SSL_CTX_sess_accept(ctx));
+ BIO_printf(bio, "%4d server connects that finished\n",
+ SSL_CTX_sess_accept_good(ctx));
+ BIO_printf(bio, "%4d session cache hits\n", SSL_CTX_sess_hits(ctx));
+ BIO_printf(bio, "%4d session cache misses\n", SSL_CTX_sess_misses(ctx));
+ BIO_printf(bio, "%4d session cache timeouts\n", SSL_CTX_sess_timeouts(ctx));
}
static void sv_usage(void)
{
- fprintf(stderr, "usage: ssltest [args ...]\n");
- fprintf(stderr, "\n");
- fprintf(stderr, " -server_auth - check server certificate\n");
- fprintf(stderr, " -client_auth - do client authentication\n");
- fprintf(stderr, " -v - more output\n");
- fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
- fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
- fprintf(stderr, " -threads arg - number of threads\n");
- fprintf(stderr, " -loops arg - number of 'connections', per thread\n");
- fprintf(stderr, " -reconnect - reuse session-id's\n");
- fprintf(stderr, " -stats - server session-id cache stats\n");
- fprintf(stderr, " -cert arg - server certificate/key\n");
- fprintf(stderr, " -ccert arg - client certificate/key\n");
- fprintf(stderr, " -ssl3 - just SSLv3n\n");
+ BIO_printf(bio_err, "usage: ssltest [args ...]\n");
+ BIO_printf(bio_err, "\n");
+ BIO_printf(bio_err, " -server_auth - check server certificate\n");
+ BIO_printf(bio_err, " -client_auth - do client authentication\n");
+ BIO_printf(bio_err, " -v - more output\n");
+ BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
+ BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
+ BIO_printf(bio_err, " -threads arg - number of threads\n");
+ BIO_printf(bio_err, " -loops arg - number of 'connections', per thread\n");
+ BIO_printf(bio_err, " -reconnect - reuse session-id's\n");
+ BIO_printf(bio_err, " -stats - server session-id cache stats\n");
+ BIO_printf(bio_err, " -cert arg - server certificate/key\n");
+ BIO_printf(bio_err, " -ccert arg - client certificate/key\n");
+ BIO_printf(bio_err, " -ssl3 - just SSLv3n\n");
}
int main(int argc, char *argv[])
@@ -195,14 +188,14 @@ int main(int argc, char *argv[])
SSL_CTX *c_ctx = NULL;
char *scert = TEST_SERVER_CERT;
char *ccert = TEST_CLIENT_CERT;
- SSL_METHOD *ssl_method = SSLv23_method();
+ const SSL_METHOD *ssl_method = SSLv23_method();
RAND_seed(rnd_seed, sizeof rnd_seed);
if (bio_err == NULL)
- bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+ bio_err = BIO_new_fd(2, BIO_NOCLOSE);
if (bio_stdout == NULL)
- bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
+ bio_stdout = BIO_new_fd(1, BIO_NOCLOSE);
argc--;
argv++;
@@ -250,7 +243,7 @@ int main(int argc, char *argv[])
if (number_of_loops == 0)
number_of_loops = 1;
} else {
- fprintf(stderr, "unknown option %s\n", *argv);
+ BIO_printf(bio_err, "unknown option %s\n", *argv);
badop = 1;
break;
}
@@ -284,9 +277,12 @@ int main(int argc, char *argv[])
SSL_SESS_CACHE_SERVER);
if (!SSL_CTX_use_certificate_file(s_ctx, scert, SSL_FILETYPE_PEM)) {
+ BIO_printf(bio_err, "SSL_CTX_use_certificate_file (%s)\n", scert);
ERR_print_errors(bio_err);
+ goto end;
} else
if (!SSL_CTX_use_RSAPrivateKey_file(s_ctx, scert, SSL_FILETYPE_PEM)) {
+ BIO_printf(bio_err, "SSL_CTX_use_RSAPrivateKey_file (%s)\n", scert);
ERR_print_errors(bio_err);
goto end;
}
@@ -300,19 +296,19 @@ int main(int argc, char *argv[])
(!SSL_CTX_set_default_verify_paths(s_ctx)) ||
(!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
(!SSL_CTX_set_default_verify_paths(c_ctx))) {
- fprintf(stderr, "SSL_load_verify_locations\n");
+ BIO_printf(bio_err, "SSL_load_verify_locations\n");
ERR_print_errors(bio_err);
goto end;
}
if (client_auth) {
- fprintf(stderr, "client authentication\n");
+ BIO_printf(bio_err, "client authentication\n");
SSL_CTX_set_verify(s_ctx,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verify_callback);
}
if (server_auth) {
- fprintf(stderr, "server authentication\n");
+ BIO_printf(bio_err, "server authentication\n");
SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
}
@@ -322,24 +318,24 @@ int main(int argc, char *argv[])
end:
if (c_ctx != NULL) {
- fprintf(stderr, "Client SSL_CTX stats then free it\n");
- print_stats(stderr, c_ctx);
+ BIO_printf(bio_err, "Client SSL_CTX stats then free it\n");
+ print_stats(bio_err, c_ctx);
SSL_CTX_free(c_ctx);
}
if (s_ctx != NULL) {
- fprintf(stderr, "Server SSL_CTX stats then free it\n");
- print_stats(stderr, s_ctx);
+ BIO_printf(bio_err, "Server SSL_CTX stats then free it\n");
+ print_stats(bio_err, s_ctx);
if (cache_stats) {
- fprintf(stderr, "-----\n");
- lh_stats(SSL_CTX_sessions(s_ctx), stderr);
- fprintf(stderr, "-----\n");
- /*- lh_node_stats(SSL_CTX_sessions(s_ctx),stderr);
- fprintf(stderr,"-----\n"); */
- lh_node_usage_stats(SSL_CTX_sessions(s_ctx), stderr);
- fprintf(stderr, "-----\n");
+ BIO_printf(bio_err, "-----\n");
+ lh_SSL_SESSION_stats_bio(SSL_CTX_sessions(s_ctx), bio_err);
+ BIO_printf(bio_err, "-----\n");
+ /*- lh_SSL_SESSION_node_stats_bio(SSL_CTX_sessions(s_ctx),bio_err);
+ BIO_printf(bio_err,"-----\n"); */
+ lh_SSL_SESSION_node_usage_stats_bio(SSL_CTX_sessions(s_ctx), bio_err);
+ BIO_printf(bio_err, "-----\n");
}
SSL_CTX_free(s_ctx);
- fprintf(stderr, "done free\n");
+ BIO_printf(bio_err, "done free\n");
}
exit(ret);
return (0);
@@ -355,6 +351,7 @@ int ndoit(SSL_CTX *ssl_ctx[2])
int i;
int ret;
char *ctx[4];
+ CRYPTO_THREADID thread_id;
ctx[0] = (char *)ssl_ctx[0];
ctx[1] = (char *)ssl_ctx[1];
@@ -367,22 +364,24 @@ int ndoit(SSL_CTX *ssl_ctx[2])
ctx[3] = NULL;
}
- fprintf(stdout, "started thread %lu\n", CRYPTO_thread_id());
+ CRYPTO_THREADID_current(&thread_id);
+ BIO_printf(bio_stdout, "started thread %lu\n",
+ CRYPTO_THREADID_hash(&thread_id));
for (i = 0; i < number_of_loops; i++) {
-/*- fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n",
- CRYPTO_thread_id(),i,
- ssl_ctx[0]->references,
- ssl_ctx[1]->references); */
+/*- BIO_printf(bio_err,"%4d %2d ctx->ref (%3d,%3d)\n",
+ CRYPTO_THREADID_hash(&thread_id),i,
+ ssl_ctx[0]->references,
+ ssl_ctx[1]->references); */
/* pthread_delay_np(&tm); */
ret = doit(ctx);
if (ret != 0) {
- fprintf(stdout, "error[%d] %lu - %d\n",
- i, CRYPTO_thread_id(), ret);
+ BIO_printf(bio_stdout, "error[%d] %lu - %d\n",
+ i, CRYPTO_THREADID_hash(&thread_id), ret);
return (ret);
}
}
- fprintf(stdout, "DONE %lu\n", CRYPTO_thread_id());
+ BIO_printf(bio_stdout, "DONE %lu\n", CRYPTO_THREADID_hash(&thread_id));
if (reconnect) {
SSL_free((SSL *)ctx[2]);
SSL_free((SSL *)ctx[3]);
@@ -467,26 +466,26 @@ int doit(char *ctx[4])
if (do_server && verbose) {
if (SSL_in_init(s_ssl))
- printf("server waiting in SSL_accept - %s\n",
- SSL_state_string_long(s_ssl));
+ BIO_printf(bio_stdout, "server waiting in SSL_accept - %s\n",
+ SSL_state_string_long(s_ssl));
else if (s_write)
- printf("server:SSL_write()\n");
+ BIO_printf(bio_stdout, "server:SSL_write()\n");
else
- printf("server:SSL_read()\n");
+ BIO_printf(bio_stdout, "server:SSL_read()\n");
}
if (do_client && verbose) {
if (SSL_in_init(c_ssl))
- printf("client waiting in SSL_connect - %s\n",
- SSL_state_string_long(c_ssl));
+ BIO_printf(bio_stdout, "client waiting in SSL_connect - %s\n",
+ SSL_state_string_long(c_ssl));
else if (c_write)
- printf("client:SSL_write()\n");
+ BIO_printf(bio_stdout, "client:SSL_write()\n");
else
- printf("client:SSL_read()\n");
+ BIO_printf(bio_stdout, "client:SSL_read()\n");
}
if (!do_client && !do_server) {
- fprintf(stdout, "ERROR IN STARTUP\n");
+ BIO_printf(bio_stdout, "ERROR IN STARTUP\n");
break;
}
if (do_client && !(done & C_DONE)) {
@@ -501,12 +500,12 @@ int doit(char *ctx[4])
if (BIO_should_write(c_bio))
c_w = 1;
} else {
- fprintf(stderr, "ERROR in CLIENT\n");
+ BIO_printf(bio_err, "ERROR in CLIENT\n");
ERR_print_errors_fp(stderr);
return (1);
}
} else if (i == 0) {
- fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+ BIO_printf(bio_err, "SSL CLIENT STARTUP FAILED\n");
return (1);
} else {
/* ok */
@@ -523,19 +522,19 @@ int doit(char *ctx[4])
if (BIO_should_write(c_bio))
c_w = 1;
} else {
- fprintf(stderr, "ERROR in CLIENT\n");
+ BIO_printf(bio_err, "ERROR in CLIENT\n");
ERR_print_errors_fp(stderr);
return (1);
}
} else if (i == 0) {
- fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+ BIO_printf(bio_err, "SSL CLIENT STARTUP FAILED\n");
return (1);
} else {
done |= C_DONE;
#ifdef undef
- fprintf(stdout, "CLIENT:from server:");
- fwrite(cbuf, 1, i, stdout);
- fflush(stdout);
+ BIO_printf(bio_stdout, "CLIENT:from server:");
+ BIO_write(bio_stdout, cbuf, i);
+ BIO_flush(bio_stdout);
#endif
}
}
@@ -553,20 +552,20 @@ int doit(char *ctx[4])
if (BIO_should_write(s_bio))
s_w = 1;
} else {
- fprintf(stderr, "ERROR in SERVER\n");
+ BIO_printf(bio_err, "ERROR in SERVER\n");
ERR_print_errors_fp(stderr);
return (1);
}
} else if (i == 0) {
- fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
+ BIO_printf(bio_err, "SSL SERVER STARTUP FAILED\n");
return (1);
} else {
s_write = 1;
s_w = 1;
#ifdef undef
- fprintf(stdout, "SERVER:from client:");
- fwrite(sbuf, 1, i, stdout);
- fflush(stdout);
+ BIO_printf(bio_stdout, "SERVER:from client:");
+ BIO_write(bio_stdout, sbuf, i);
+ BIO_flush(bio_stdout);
#endif
}
} else {
@@ -580,12 +579,12 @@ int doit(char *ctx[4])
if (BIO_should_write(s_bio))
s_w = 1;
} else {
- fprintf(stderr, "ERROR in SERVER\n");
+ BIO_printf(bio_err, "ERROR in SERVER\n");
ERR_print_errors_fp(stderr);
return (1);
}
} else if (i == 0) {
- fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
+ BIO_printf(bio_err, "SSL SERVER STARTUP FAILED\n");
return (1);
} else {
s_write = 0;
@@ -606,7 +605,7 @@ int doit(char *ctx[4])
SSL_set_shutdown(s_ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
#ifdef undef
- fprintf(stdout, "DONE\n");
+ BIO_printf(bio_stdout, "DONE\n");
#endif
err:
/*
@@ -640,7 +639,7 @@ int doit(char *ctx[4])
return (0);
}
-int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
+int verify_callback(int ok, X509_STORE_CTX *ctx)
{
char *s, buf[256];
@@ -649,9 +648,9 @@ int MS_CALLBACK verify_callback(int ok,
buf, 256);
if (s != NULL) {
if (ok)
- fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf);
+ BIO_printf(bio_err, "depth=%d %s\n", ctx->error_depth, buf);
else
- fprintf(stderr, "depth=%d error=%d %s\n",
+ BIO_printf(bio_err, "depth=%d error=%d %s\n",
ctx->error_depth, ctx->error, buf);
}
}
@@ -688,7 +687,7 @@ void thread_cleanup(void)
OPENSSL_free(lock_cs);
}
-void win32_locking_callback(int mode, int type, char *file, int line)
+void win32_locking_callback(int mode, int type, const char *file, int line)
{
if (mode & CRYPTO_LOCK) {
WaitForSingleObject(lock_cs[type], INFINITE);
@@ -717,7 +716,7 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX
(void *)ssl_ctx, 0L, &(thread_id[i]));
}
- printf("reaping\n");
+ BIO_printf(bio_stdout, "reaping\n");
for (i = 0; i < thread_number; i += 50) {
int j;
@@ -727,7 +726,7 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX
(CONST HANDLE *) & (thread_handle[i]),
TRUE, INFINITE)
== WAIT_FAILED) {
- fprintf(stderr, "WaitForMultipleObjects failed:%d\n",
+ BIO_printf(bio_err, "WaitForMultipleObjects failed:%d\n",
GetLastError());
exit(1);
}
@@ -743,7 +742,7 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX
ret = (ret + end.wSecond - start.wSecond);
ret += (end.wMilliseconds - start.wMilliseconds) / 1000.0;
- printf("win32 threads done - %.3f seconds\n", ret);
+ BIO_printf(bio_stdout, "win32 threads done - %.3f seconds\n", ret);
}
#endif /* OPENSSL_SYS_WIN32 */
@@ -768,8 +767,8 @@ void thread_setup(void)
mutex_init(&(lock_cs[i]), USYNC_THREAD, NULL);
}
- CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
- CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+ CRYPTO_set_id_callback(solaris_thread_id);
+ CRYPTO_set_locking_callback(solaris_locking_callback);
}
void thread_cleanup(void)
@@ -778,34 +777,34 @@ void thread_cleanup(void)
CRYPTO_set_locking_callback(NULL);
- fprintf(stderr, "cleanup\n");
+ BIO_printf(bio_err, "cleanup\n");
for (i = 0; i < CRYPTO_num_locks(); i++) {
/* rwlock_destroy(&(lock_cs[i])); */
mutex_destroy(&(lock_cs[i]));
- fprintf(stderr, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
+ BIO_printf(bio_err, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
}
OPENSSL_free(lock_cs);
OPENSSL_free(lock_count);
- fprintf(stderr, "done cleanup\n");
+ BIO_printf(bio_err, "done cleanup\n");
}
-void solaris_locking_callback(int mode, int type, char *file, int line)
+void solaris_locking_callback(int mode, int type, const char *file, int line)
{
# ifdef undef
- fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n",
- CRYPTO_thread_id(),
- (mode & CRYPTO_LOCK) ? "l" : "u",
- (type & CRYPTO_READ) ? "r" : "w", file, line);
+ BIO_printf(bio_err, "thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode & CRYPTO_LOCK) ? "l" : "u",
+ (type & CRYPTO_READ) ? "r" : "w", file, line);
# endif
/*-
if (CRYPTO_LOCK_SSL_CERT == type)
- fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
- CRYPTO_thread_id(),
- mode,file,line);
+ BIO_printf(bio_err,"(t,m,f,l) %ld %d %s %d\n",
+ CRYPTO_thread_id(),
+ mode,file,line);
*/
if (mode & CRYPTO_LOCK) {
/*-
@@ -837,21 +836,22 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX
(void *(*)())ndoit, (void *)ssl_ctx, 0L, &(thread_ctx[i]));
}
- printf("reaping\n");
+ BIO_printf(bio_stdout, "reaping\n");
for (i = 0; i < thread_number; i++) {
thr_join(thread_ctx[i], NULL, NULL);
}
- printf("solaris threads done (%d,%d)\n",
- s_ctx->references, c_ctx->references);
+#if 0 /* We can't currently find out the reference amount */
+ BIO_printf(bio_stdout, "solaris threads done (%d,%d)\n",
+ s_ctx->references, c_ctx->references);
+#else
+ BIO_printf(bio_stdout, "solaris threads done\n");
+#endif
}
-unsigned long solaris_thread_id(void)
+void solaris_thread_id(CRYPTO_THREADID *tid)
{
- unsigned long ret;
-
- ret = (unsigned long)thr_self();
- return (ret);
+ CRYPTO_THREADID_set_numeric((unsigned long)thr_self());
}
#endif /* SOLARIS */
@@ -880,8 +880,8 @@ void thread_setup(void)
lock_cs[i] = usnewsema(arena, 1);
}
- CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
- CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
+ CRYPTO_set_id_callback(irix_thread_id);
+ CRYPTO_set_locking_callback(irix_locking_callback);
}
void thread_cleanup(void)
@@ -899,13 +899,13 @@ void thread_cleanup(void)
OPENSSL_free(lock_cs);
}
-void irix_locking_callback(int mode, int type, char *file, int line)
+void irix_locking_callback(int mode, int type, const char *file, int line)
{
if (mode & CRYPTO_LOCK) {
- printf("lock %d\n", type);
+ BIO_printf(bio_stdout, "lock %d\n", type);
uspsema(lock_cs[type]);
} else {
- printf("unlock %d\n", type);
+ BIO_printf(bio_stdout, "unlock %d\n", type);
usvsema(lock_cs[type]);
}
}
@@ -924,21 +924,22 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX
PR_SADDR | PR_SFDS, (void *)ssl_ctx);
}
- printf("reaping\n");
+ BIO_printf(bio_stdout, "reaping\n");
for (i = 0; i < thread_number; i++) {
wait(NULL);
}
- printf("irix threads done (%d,%d)\n",
- s_ctx->references, c_ctx->references);
+#if 0 /* We can't currently find out the reference amount */
+ BIO_printf(bio_stdout, "irix threads done (%d,%d)\n",
+ s_ctx->references, c_ctx->references);
+#else
+ BIO_printf(bio_stdout, "irix threads done\n");
+#endif
}
unsigned long irix_thread_id(void)
{
- unsigned long ret;
-
- ret = (unsigned long)getpid();
- return (ret);
+ CRYPTO_THREADID_set_numeric((unsigned long)getpid());
}
#endif /* IRIX */
@@ -958,8 +959,8 @@ void thread_setup(void)
pthread_mutex_init(&(lock_cs[i]), NULL);
}
- CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
- CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
+ CRYPTO_THREADID_set_callback(pthreads_thread_id);
+ CRYPTO_set_locking_callback(pthreads_locking_callback);
}
void thread_cleanup(void)
@@ -967,30 +968,30 @@ void thread_cleanup(void)
int i;
CRYPTO_set_locking_callback(NULL);
- fprintf(stderr, "cleanup\n");
+ BIO_printf(bio_err, "cleanup\n");
for (i = 0; i < CRYPTO_num_locks(); i++) {
pthread_mutex_destroy(&(lock_cs[i]));
- fprintf(stderr, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
+ BIO_printf(bio_err, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
}
OPENSSL_free(lock_cs);
OPENSSL_free(lock_count);
- fprintf(stderr, "done cleanup\n");
+ BIO_printf(bio_err, "done cleanup\n");
}
-void pthreads_locking_callback(int mode, int type, char *file, int line)
+void pthreads_locking_callback(int mode, int type, const char *file, int line)
{
# ifdef undef
- fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n",
- CRYPTO_thread_id(),
- (mode & CRYPTO_LOCK) ? "l" : "u",
- (type & CRYPTO_READ) ? "r" : "w", file, line);
+ BIO_printf(bio_err, "thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode & CRYPTO_LOCK) ? "l" : "u",
+ (type & CRYPTO_READ) ? "r" : "w", file, line);
# endif
/*-
if (CRYPTO_LOCK_SSL_CERT == type)
- fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
- CRYPTO_thread_id(),
- mode,file,line);
+ BIO_printf(bio_err,"(t,m,f,l) %ld %d %s %d\n",
+ CRYPTO_thread_id(),
+ mode,file,line);
*/
if (mode & CRYPTO_LOCK) {
pthread_mutex_lock(&(lock_cs[type]));
@@ -1017,21 +1018,22 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX
(void *(*)())ndoit, (void *)ssl_ctx);
}
- printf("reaping\n");
+ BIO_printf(bio_stdout, "reaping\n");
for (i = 0; i < thread_number; i++) {
pthread_join(thread_ctx[i], NULL);
}
- printf("pthreads threads done (%d,%d)\n",
- s_ctx->references, c_ctx->references);
+#if 0 /* We can't currently find out the reference amount */
+ BIO_printf(bio_stdout, "pthreads threads done (%d,%d)\n",
+ s_ctx->references, c_ctx->references);
+#else
+ BIO_printf(bio_stdout, "pthreads threads done\n");
+#endif
}
-unsigned long pthreads_thread_id(void)
+void pthreads_thread_id(CRYPTO_THREADID *tid)
{
- unsigned long ret;
-
- ret = (unsigned long)pthread_self();
- return (ret);
+ CRYPTO_THREADID_set_numeric(tid, (unsigned long)pthread_self());
}
#endif /* PTHREADS */
@@ -1051,8 +1053,8 @@ void thread_setup(void)
ThreadSem = MPKSemaphoreAlloc("OpenSSL mttest semaphore", 0);
- CRYPTO_set_id_callback((unsigned long (*)())netware_thread_id);
- CRYPTO_set_locking_callback((void (*)())netware_locking_callback);
+ CRYPTO_set_id_callback(netware_thread_id);
+ CRYPTO_set_locking_callback(netware_locking_callback);
}
void thread_cleanup(void)
@@ -1061,21 +1063,21 @@ void thread_cleanup(void)
CRYPTO_set_locking_callback(NULL);
- fprintf(stdout, "thread_cleanup\n");
+ BIO_printf(bio_stdout, "thread_cleanup\n");
for (i = 0; i < CRYPTO_num_locks(); i++) {
MPKMutexFree(lock_cs[i]);
- fprintf(stdout, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
+ BIO_printf(bio_stdout, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
}
OPENSSL_free(lock_cs);
OPENSSL_free(lock_count);
MPKSemaphoreFree(ThreadSem);
- fprintf(stdout, "done cleanup\n");
+ BIO_printf(bio_stdout, "done cleanup\n");
}
-void netware_locking_callback(int mode, int type, char *file, int line)
+void netware_locking_callback(int mode, int type, const char *file, int line)
{
if (mode & CRYPTO_LOCK) {
MPKMutexLock(lock_cs[type]);
@@ -1097,22 +1099,23 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX
ThreadSwitchWithDelay();
}
- printf("reaping\n");
+ BIO_printf(bio_stdout, "reaping\n");
/* loop until all threads have signaled the semaphore */
for (i = 0; i < thread_number; i++) {
MPKSemaphoreWait(ThreadSem);
}
- printf("netware threads done (%d,%d)\n",
- s_ctx->references, c_ctx->references);
+#if 0 /* We can't currently find out the reference amount */
+ BIO_printf(bio_stdout, "netware threads done (%d,%d)\n",
+ s_ctx->references, c_ctx->references);
+#else
+ BIO_printf(bio_stdout, "netware threads done\n");
+#endif
}
unsigned long netware_thread_id(void)
{
- unsigned long ret;
-
- ret = (unsigned long)GetThreadID();
- return (ret);
+ CRYPTO_THREADID_set_numeric((unsigned long)GetThreadID());
}
#endif /* NETWARE */
@@ -1144,24 +1147,24 @@ void thread_cleanup(void)
int i;
CRYPTO_set_locking_callback(NULL);
- fprintf(stderr, "cleanup\n");
+ BIO_printf(bio_err, "cleanup\n");
for (i = 0; i < CRYPTO_num_locks(); i++) {
delete lock_cs[i];
- fprintf(stderr, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
+ BIO_printf(bio_err, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
}
OPENSSL_free(lock_cs);
OPENSSL_free(lock_count);
- fprintf(stderr, "done cleanup\n");
+ BIO_printf(bio_err, "done cleanup\n");
}
void beos_locking_callback(int mode, int type, const char *file, int line)
{
# if 0
- fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n",
- CRYPTO_thread_id(),
- (mode & CRYPTO_LOCK) ? "l" : "u",
- (type & CRYPTO_READ) ? "r" : "w", file, line);
+ BIO_printf(bio_err, "thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode & CRYPTO_LOCK) ? "l" : "u",
+ (type & CRYPTO_READ) ? "r" : "w", file, line);
# endif
if (mode & CRYPTO_LOCK) {
lock_cs[type]->Lock();
@@ -1187,14 +1190,14 @@ void do_threads(SSL_CTX *s_ctx, SSL_CTX
resume_thread(thread_ctx[i]);
}
- printf("waiting...\n");
+ BIO_printf(bio_stdout, "waiting...\n");
for (i = 0; i < thread_number; i++) {
status_t result;
wait_for_thread(thread_ctx[i], &result);
}
- printf("beos threads done (%d,%d)\n",
- s_ctx->references, c_ctx->references);
+ BIO_printf(bio_stdout, "beos threads done (%d,%d)\n",
+ s_ctx->references, c_ctx->references);
}
unsigned long beos_thread_id(void)
Modified: stable/10/crypto/openssl/crypto/threads/pthread2.sh
==============================================================================
--- stable/10/crypto/openssl/crypto/threads/pthread2.sh Thu Jul 9 17:07:45 2015 (r285329)
+++ stable/10/crypto/openssl/crypto/threads/pthread2.sh Thu Jul 9 17:17:22 2015 (r285330)
@@ -3,5 +3,4 @@
# build using pthreads where it's already built into the system
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-all
mailing list