svn commit: r359486 - in head: crypto/openssl crypto/openssl/apps crypto/openssl/crypto crypto/openssl/crypto/bn crypto/openssl/crypto/conf crypto/openssl/crypto/err crypto/openssl/crypto/pkcs12 cr...

Jung-uk Kim jkim at FreeBSD.org
Tue Mar 31 15:48:12 UTC 2020


Author: jkim
Date: Tue Mar 31 15:47:55 2020
New Revision: 359486
URL: https://svnweb.freebsd.org/changeset/base/359486

Log:
  Merge OpenSSL 1.1.1f.

Modified:
  head/crypto/openssl/CHANGES
  head/crypto/openssl/NEWS
  head/crypto/openssl/README
  head/crypto/openssl/apps/rehash.c
  head/crypto/openssl/apps/s_server.c
  head/crypto/openssl/crypto/bn/bn_local.h
  head/crypto/openssl/crypto/bn/bn_prime.c
  head/crypto/openssl/crypto/conf/conf_lib.c
  head/crypto/openssl/crypto/err/openssl.txt
  head/crypto/openssl/crypto/ex_data.c
  head/crypto/openssl/crypto/pkcs12/p12_crt.c
  head/crypto/openssl/crypto/ts/ts_rsp_sign.c
  head/crypto/openssl/crypto/ts/ts_rsp_verify.c
  head/crypto/openssl/crypto/x509/x509_cmp.c
  head/crypto/openssl/crypto/x509/x509_trs.c
  head/crypto/openssl/crypto/x509/x509_vfy.c
  head/crypto/openssl/crypto/x509/x_all.c
  head/crypto/openssl/crypto/x509/x_crl.c
  head/crypto/openssl/crypto/x509v3/v3_purp.c
  head/crypto/openssl/doc/man3/BN_generate_prime.pod
  head/crypto/openssl/doc/man3/SSL_get_error.pod
  head/crypto/openssl/doc/man3/X509_get_extension_flags.pod
  head/crypto/openssl/include/openssl/opensslv.h
  head/crypto/openssl/include/openssl/sslerr.h
  head/crypto/openssl/ssl/record/rec_layer_s3.c
  head/crypto/openssl/ssl/ssl_err.c
  head/secure/lib/libcrypto/Makefile.inc
  head/secure/lib/libcrypto/man/man3/ADMISSIONS.3
  head/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
  head/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
  head/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
  head/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
  head/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
  head/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
  head/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
  head/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
  head/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
  head/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
  head/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
  head/secure/lib/libcrypto/man/man3/ASYNC_start_job.3
  head/secure/lib/libcrypto/man/man3/BF_encrypt.3
  head/secure/lib/libcrypto/man/man3/BIO_ADDR.3
  head/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
  head/secure/lib/libcrypto/man/man3/BIO_connect.3
  head/secure/lib/libcrypto/man/man3/BIO_ctrl.3
  head/secure/lib/libcrypto/man/man3/BIO_f_base64.3
  head/secure/lib/libcrypto/man/man3/BIO_f_buffer.3
  head/secure/lib/libcrypto/man/man3/BIO_f_cipher.3
  head/secure/lib/libcrypto/man/man3/BIO_f_md.3
  head/secure/lib/libcrypto/man/man3/BIO_f_null.3
  head/secure/lib/libcrypto/man/man3/BIO_f_ssl.3
  head/secure/lib/libcrypto/man/man3/BIO_find_type.3
  head/secure/lib/libcrypto/man/man3/BIO_get_data.3
  head/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
  head/secure/lib/libcrypto/man/man3/BIO_meth_new.3
  head/secure/lib/libcrypto/man/man3/BIO_new.3
  head/secure/lib/libcrypto/man/man3/BIO_new_CMS.3
  head/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
  head/secure/lib/libcrypto/man/man3/BIO_printf.3
  head/secure/lib/libcrypto/man/man3/BIO_push.3
  head/secure/lib/libcrypto/man/man3/BIO_read.3
  head/secure/lib/libcrypto/man/man3/BIO_s_accept.3
  head/secure/lib/libcrypto/man/man3/BIO_s_bio.3
  head/secure/lib/libcrypto/man/man3/BIO_s_connect.3
  head/secure/lib/libcrypto/man/man3/BIO_s_fd.3
  head/secure/lib/libcrypto/man/man3/BIO_s_file.3
  head/secure/lib/libcrypto/man/man3/BIO_s_mem.3
  head/secure/lib/libcrypto/man/man3/BIO_s_null.3
  head/secure/lib/libcrypto/man/man3/BIO_s_socket.3
  head/secure/lib/libcrypto/man/man3/BIO_set_callback.3
  head/secure/lib/libcrypto/man/man3/BIO_should_retry.3
  head/secure/lib/libcrypto/man/man3/BN_BLINDING_new.3
  head/secure/lib/libcrypto/man/man3/BN_CTX_new.3
  head/secure/lib/libcrypto/man/man3/BN_CTX_start.3
  head/secure/lib/libcrypto/man/man3/BN_add.3
  head/secure/lib/libcrypto/man/man3/BN_add_word.3
  head/secure/lib/libcrypto/man/man3/BN_bn2bin.3
  head/secure/lib/libcrypto/man/man3/BN_cmp.3
  head/secure/lib/libcrypto/man/man3/BN_copy.3
  head/secure/lib/libcrypto/man/man3/BN_generate_prime.3
  head/secure/lib/libcrypto/man/man3/BN_mod_inverse.3
  head/secure/lib/libcrypto/man/man3/BN_mod_mul_montgomery.3
  head/secure/lib/libcrypto/man/man3/BN_mod_mul_reciprocal.3
  head/secure/lib/libcrypto/man/man3/BN_new.3
  head/secure/lib/libcrypto/man/man3/BN_num_bytes.3
  head/secure/lib/libcrypto/man/man3/BN_rand.3
  head/secure/lib/libcrypto/man/man3/BN_security_bits.3
  head/secure/lib/libcrypto/man/man3/BN_set_bit.3
  head/secure/lib/libcrypto/man/man3/BN_swap.3
  head/secure/lib/libcrypto/man/man3/BN_zero.3
  head/secure/lib/libcrypto/man/man3/BUF_MEM_new.3
  head/secure/lib/libcrypto/man/man3/CMS_add0_cert.3
  head/secure/lib/libcrypto/man/man3/CMS_add1_recipient_cert.3
  head/secure/lib/libcrypto/man/man3/CMS_add1_signer.3
  head/secure/lib/libcrypto/man/man3/CMS_compress.3
  head/secure/lib/libcrypto/man/man3/CMS_decrypt.3
  head/secure/lib/libcrypto/man/man3/CMS_encrypt.3
  head/secure/lib/libcrypto/man/man3/CMS_final.3
  head/secure/lib/libcrypto/man/man3/CMS_get0_RecipientInfos.3
  head/secure/lib/libcrypto/man/man3/CMS_get0_SignerInfos.3
  head/secure/lib/libcrypto/man/man3/CMS_get0_type.3
  head/secure/lib/libcrypto/man/man3/CMS_get1_ReceiptRequest.3
  head/secure/lib/libcrypto/man/man3/CMS_sign.3
  head/secure/lib/libcrypto/man/man3/CMS_sign_receipt.3
  head/secure/lib/libcrypto/man/man3/CMS_uncompress.3
  head/secure/lib/libcrypto/man/man3/CMS_verify.3
  head/secure/lib/libcrypto/man/man3/CMS_verify_receipt.3
  head/secure/lib/libcrypto/man/man3/CONF_modules_free.3
  head/secure/lib/libcrypto/man/man3/CONF_modules_load_file.3
  head/secure/lib/libcrypto/man/man3/CRYPTO_THREAD_run_once.3
  head/secure/lib/libcrypto/man/man3/CRYPTO_get_ex_new_index.3
  head/secure/lib/libcrypto/man/man3/CRYPTO_memcmp.3
  head/secure/lib/libcrypto/man/man3/CTLOG_STORE_get0_log_by_id.3
  head/secure/lib/libcrypto/man/man3/CTLOG_STORE_new.3
  head/secure/lib/libcrypto/man/man3/CTLOG_new.3
  head/secure/lib/libcrypto/man/man3/CT_POLICY_EVAL_CTX_new.3
  head/secure/lib/libcrypto/man/man3/DEFINE_STACK_OF.3
  head/secure/lib/libcrypto/man/man3/DES_random_key.3
  head/secure/lib/libcrypto/man/man3/DH_generate_key.3
  head/secure/lib/libcrypto/man/man3/DH_generate_parameters.3
  head/secure/lib/libcrypto/man/man3/DH_get0_pqg.3
  head/secure/lib/libcrypto/man/man3/DH_get_1024_160.3
  head/secure/lib/libcrypto/man/man3/DH_meth_new.3
  head/secure/lib/libcrypto/man/man3/DH_new.3
  head/secure/lib/libcrypto/man/man3/DH_new_by_nid.3
  head/secure/lib/libcrypto/man/man3/DH_set_method.3
  head/secure/lib/libcrypto/man/man3/DH_size.3
  head/secure/lib/libcrypto/man/man3/DSA_SIG_new.3
  head/secure/lib/libcrypto/man/man3/DSA_do_sign.3
  head/secure/lib/libcrypto/man/man3/DSA_dup_DH.3
  head/secure/lib/libcrypto/man/man3/DSA_generate_key.3
  head/secure/lib/libcrypto/man/man3/DSA_generate_parameters.3
  head/secure/lib/libcrypto/man/man3/DSA_get0_pqg.3
  head/secure/lib/libcrypto/man/man3/DSA_meth_new.3
  head/secure/lib/libcrypto/man/man3/DSA_new.3
  head/secure/lib/libcrypto/man/man3/DSA_set_method.3
  head/secure/lib/libcrypto/man/man3/DSA_sign.3
  head/secure/lib/libcrypto/man/man3/DSA_size.3
  head/secure/lib/libcrypto/man/man3/DTLS_get_data_mtu.3
  head/secure/lib/libcrypto/man/man3/DTLS_set_timer_cb.3
  head/secure/lib/libcrypto/man/man3/DTLSv1_listen.3
  head/secure/lib/libcrypto/man/man3/ECDSA_SIG_new.3
  head/secure/lib/libcrypto/man/man3/ECPKParameters_print.3
  head/secure/lib/libcrypto/man/man3/EC_GFp_simple_method.3
  head/secure/lib/libcrypto/man/man3/EC_GROUP_copy.3
  head/secure/lib/libcrypto/man/man3/EC_GROUP_new.3
  head/secure/lib/libcrypto/man/man3/EC_KEY_get_enc_flags.3
  head/secure/lib/libcrypto/man/man3/EC_KEY_new.3
  head/secure/lib/libcrypto/man/man3/EC_POINT_add.3
  head/secure/lib/libcrypto/man/man3/EC_POINT_new.3
  head/secure/lib/libcrypto/man/man3/ENGINE_add.3
  head/secure/lib/libcrypto/man/man3/ERR_GET_LIB.3
  head/secure/lib/libcrypto/man/man3/ERR_clear_error.3
  head/secure/lib/libcrypto/man/man3/ERR_error_string.3
  head/secure/lib/libcrypto/man/man3/ERR_get_error.3
  head/secure/lib/libcrypto/man/man3/ERR_load_crypto_strings.3
  head/secure/lib/libcrypto/man/man3/ERR_load_strings.3
  head/secure/lib/libcrypto/man/man3/ERR_print_errors.3
  head/secure/lib/libcrypto/man/man3/ERR_put_error.3
  head/secure/lib/libcrypto/man/man3/ERR_remove_state.3
  head/secure/lib/libcrypto/man/man3/ERR_set_mark.3
  head/secure/lib/libcrypto/man/man3/EVP_BytesToKey.3
  head/secure/lib/libcrypto/man/man3/EVP_CIPHER_CTX_get_cipher_data.3
  head/secure/lib/libcrypto/man/man3/EVP_CIPHER_meth_new.3
  head/secure/lib/libcrypto/man/man3/EVP_DigestInit.3
  head/secure/lib/libcrypto/man/man3/EVP_DigestSignInit.3
  head/secure/lib/libcrypto/man/man3/EVP_DigestVerifyInit.3
  head/secure/lib/libcrypto/man/man3/EVP_EncodeInit.3
  head/secure/lib/libcrypto/man/man3/EVP_EncryptInit.3
  head/secure/lib/libcrypto/man/man3/EVP_MD_meth_new.3
  head/secure/lib/libcrypto/man/man3/EVP_OpenInit.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_ASN1_METHOD.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_ctrl.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_new.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_hkdf_md.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_scrypt_N.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_asn1_get_count.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_cmp.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_decrypt.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_derive.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_encrypt.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_get_default_digest_nid.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_keygen.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_meth_get_count.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_meth_new.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_new.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_print_private.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_set1_RSA.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_sign.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_size.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_verify.3
  head/secure/lib/libcrypto/man/man3/EVP_PKEY_verify_recover.3
  head/secure/lib/libcrypto/man/man3/EVP_SealInit.3
  head/secure/lib/libcrypto/man/man3/EVP_SignInit.3
  head/secure/lib/libcrypto/man/man3/EVP_VerifyInit.3
  head/secure/lib/libcrypto/man/man3/EVP_aes.3
  head/secure/lib/libcrypto/man/man3/EVP_aria.3
  head/secure/lib/libcrypto/man/man3/EVP_bf_cbc.3
  head/secure/lib/libcrypto/man/man3/EVP_blake2b512.3
  head/secure/lib/libcrypto/man/man3/EVP_camellia.3
  head/secure/lib/libcrypto/man/man3/EVP_cast5_cbc.3
  head/secure/lib/libcrypto/man/man3/EVP_chacha20.3
  head/secure/lib/libcrypto/man/man3/EVP_des.3
  head/secure/lib/libcrypto/man/man3/EVP_desx_cbc.3
  head/secure/lib/libcrypto/man/man3/EVP_idea_cbc.3
  head/secure/lib/libcrypto/man/man3/EVP_md2.3
  head/secure/lib/libcrypto/man/man3/EVP_md4.3
  head/secure/lib/libcrypto/man/man3/EVP_md5.3
  head/secure/lib/libcrypto/man/man3/EVP_mdc2.3
  head/secure/lib/libcrypto/man/man3/EVP_rc2_cbc.3
  head/secure/lib/libcrypto/man/man3/EVP_rc4.3
  head/secure/lib/libcrypto/man/man3/EVP_rc5_32_12_16_cbc.3
  head/secure/lib/libcrypto/man/man3/EVP_ripemd160.3
  head/secure/lib/libcrypto/man/man3/EVP_seed_cbc.3
  head/secure/lib/libcrypto/man/man3/EVP_sha1.3
  head/secure/lib/libcrypto/man/man3/EVP_sha224.3
  head/secure/lib/libcrypto/man/man3/EVP_sha3_224.3
  head/secure/lib/libcrypto/man/man3/EVP_sm3.3
  head/secure/lib/libcrypto/man/man3/EVP_sm4_cbc.3
  head/secure/lib/libcrypto/man/man3/EVP_whirlpool.3
  head/secure/lib/libcrypto/man/man3/HMAC.3
  head/secure/lib/libcrypto/man/man3/MD5.3
  head/secure/lib/libcrypto/man/man3/MDC2_Init.3
  head/secure/lib/libcrypto/man/man3/OBJ_nid2obj.3
  head/secure/lib/libcrypto/man/man3/OCSP_REQUEST_new.3
  head/secure/lib/libcrypto/man/man3/OCSP_cert_to_id.3
  head/secure/lib/libcrypto/man/man3/OCSP_request_add1_nonce.3
  head/secure/lib/libcrypto/man/man3/OCSP_resp_find_status.3
  head/secure/lib/libcrypto/man/man3/OCSP_response_status.3
  head/secure/lib/libcrypto/man/man3/OCSP_sendreq_new.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_Applink.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_LH_COMPFUNC.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_LH_stats.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_VERSION_NUMBER.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_config.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_fork_prepare.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_ia32cap.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_init_crypto.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_init_ssl.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_instrument_bus.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_load_builtin_modules.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_malloc.3
  head/secure/lib/libcrypto/man/man3/OPENSSL_secure_malloc.3
  head/secure/lib/libcrypto/man/man3/OSSL_STORE_INFO.3
  head/secure/lib/libcrypto/man/man3/OSSL_STORE_LOADER.3
  head/secure/lib/libcrypto/man/man3/OSSL_STORE_SEARCH.3
  head/secure/lib/libcrypto/man/man3/OSSL_STORE_expect.3
  head/secure/lib/libcrypto/man/man3/OSSL_STORE_open.3
  head/secure/lib/libcrypto/man/man3/OpenSSL_add_all_algorithms.3
  head/secure/lib/libcrypto/man/man3/PEM_bytes_read_bio.3
  head/secure/lib/libcrypto/man/man3/PEM_read.3
  head/secure/lib/libcrypto/man/man3/PEM_read_CMS.3
  head/secure/lib/libcrypto/man/man3/PEM_read_bio_PrivateKey.3
  head/secure/lib/libcrypto/man/man3/PEM_read_bio_ex.3
  head/secure/lib/libcrypto/man/man3/PEM_write_bio_CMS_stream.3
  head/secure/lib/libcrypto/man/man3/PEM_write_bio_PKCS7_stream.3
  head/secure/lib/libcrypto/man/man3/PKCS12_create.3
  head/secure/lib/libcrypto/man/man3/PKCS12_newpass.3
  head/secure/lib/libcrypto/man/man3/PKCS12_parse.3
  head/secure/lib/libcrypto/man/man3/PKCS5_PBKDF2_HMAC.3
  head/secure/lib/libcrypto/man/man3/PKCS7_decrypt.3
  head/secure/lib/libcrypto/man/man3/PKCS7_encrypt.3
  head/secure/lib/libcrypto/man/man3/PKCS7_sign.3
  head/secure/lib/libcrypto/man/man3/PKCS7_sign_add_signer.3
  head/secure/lib/libcrypto/man/man3/PKCS7_verify.3
  head/secure/lib/libcrypto/man/man3/RAND_DRBG_generate.3
  head/secure/lib/libcrypto/man/man3/RAND_DRBG_get0_master.3
  head/secure/lib/libcrypto/man/man3/RAND_DRBG_new.3
  head/secure/lib/libcrypto/man/man3/RAND_DRBG_reseed.3
  head/secure/lib/libcrypto/man/man3/RAND_DRBG_set_callbacks.3
  head/secure/lib/libcrypto/man/man3/RAND_DRBG_set_ex_data.3
  head/secure/lib/libcrypto/man/man3/RAND_add.3
  head/secure/lib/libcrypto/man/man3/RAND_bytes.3
  head/secure/lib/libcrypto/man/man3/RAND_cleanup.3
  head/secure/lib/libcrypto/man/man3/RAND_egd.3
  head/secure/lib/libcrypto/man/man3/RAND_load_file.3
  head/secure/lib/libcrypto/man/man3/RAND_set_rand_method.3
  head/secure/lib/libcrypto/man/man3/RC4_set_key.3
  head/secure/lib/libcrypto/man/man3/RIPEMD160_Init.3
  head/secure/lib/libcrypto/man/man3/RSA_blinding_on.3
  head/secure/lib/libcrypto/man/man3/RSA_check_key.3
  head/secure/lib/libcrypto/man/man3/RSA_generate_key.3
  head/secure/lib/libcrypto/man/man3/RSA_get0_key.3
  head/secure/lib/libcrypto/man/man3/RSA_meth_new.3
  head/secure/lib/libcrypto/man/man3/RSA_new.3
  head/secure/lib/libcrypto/man/man3/RSA_padding_add_PKCS1_type_1.3
  head/secure/lib/libcrypto/man/man3/RSA_print.3
  head/secure/lib/libcrypto/man/man3/RSA_private_encrypt.3
  head/secure/lib/libcrypto/man/man3/RSA_public_encrypt.3
  head/secure/lib/libcrypto/man/man3/RSA_set_method.3
  head/secure/lib/libcrypto/man/man3/RSA_sign.3
  head/secure/lib/libcrypto/man/man3/RSA_sign_ASN1_OCTET_STRING.3
  head/secure/lib/libcrypto/man/man3/RSA_size.3
  head/secure/lib/libcrypto/man/man3/SCT_new.3
  head/secure/lib/libcrypto/man/man3/SCT_print.3
  head/secure/lib/libcrypto/man/man3/SCT_validate.3
  head/secure/lib/libcrypto/man/man3/SHA256_Init.3
  head/secure/lib/libcrypto/man/man3/SMIME_read_CMS.3
  head/secure/lib/libcrypto/man/man3/SMIME_read_PKCS7.3
  head/secure/lib/libcrypto/man/man3/SMIME_write_CMS.3
  head/secure/lib/libcrypto/man/man3/SMIME_write_PKCS7.3
  head/secure/lib/libcrypto/man/man3/SSL_CIPHER_get_name.3
  head/secure/lib/libcrypto/man/man3/SSL_COMP_add_compression_method.3
  head/secure/lib/libcrypto/man/man3/SSL_CONF_CTX_new.3
  head/secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set1_prefix.3
  head/secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set_flags.3
  head/secure/lib/libcrypto/man/man3/SSL_CONF_CTX_set_ssl_ctx.3
  head/secure/lib/libcrypto/man/man3/SSL_CONF_cmd.3
  head/secure/lib/libcrypto/man/man3/SSL_CONF_cmd_argv.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_add1_chain_cert.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_add_extra_chain_cert.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_add_session.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_config.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_ctrl.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_dane_enable.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_flush_sessions.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_free.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_get0_param.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_get_verify_mode.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_has_client_custom_ext.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_load_verify_locations.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_new.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_sess_number.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_sess_set_cache_size.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_sess_set_get_cb.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_sessions.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set0_CA_list.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set1_curves.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set1_sigalgs.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set1_verify_cert_store.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_alpn_select_cb.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_cb.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_store.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_cert_verify_callback.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_cipher_list.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_client_cert_cb.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_client_hello_cb.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_ct_validation_callback.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_ctlog_list_file.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_default_passwd_cb.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_ex_data.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_generate_session_id.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_info_callback.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_keylog_callback.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_max_cert_list.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_min_proto_version.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_mode.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_msg_callback.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_num_tickets.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_options.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_psk_client_callback.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_quiet_shutdown.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_read_ahead.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_record_padding_callback.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_security_level.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_session_cache_mode.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_session_id_context.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_session_ticket_cb.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_split_send_fragment.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_ssl_version.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_timeout.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_servername_callback.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_status_cb.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_use_srtp.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_tmp_dh_callback.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_set_verify.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_use_certificate.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_use_psk_identity_hint.3
  head/secure/lib/libcrypto/man/man3/SSL_CTX_use_serverinfo.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_free.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_get0_cipher.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_get0_hostname.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_get0_id_context.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_get0_peer.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_get_compress_id.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_get_ex_data.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_get_protocol_version.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_get_time.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_has_ticket.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_is_resumable.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_print.3
  head/secure/lib/libcrypto/man/man3/SSL_SESSION_set1_id.3
  head/secure/lib/libcrypto/man/man3/SSL_accept.3
  head/secure/lib/libcrypto/man/man3/SSL_alert_type_string.3
  head/secure/lib/libcrypto/man/man3/SSL_alloc_buffers.3
  head/secure/lib/libcrypto/man/man3/SSL_check_chain.3
  head/secure/lib/libcrypto/man/man3/SSL_clear.3
  head/secure/lib/libcrypto/man/man3/SSL_connect.3
  head/secure/lib/libcrypto/man/man3/SSL_do_handshake.3
  head/secure/lib/libcrypto/man/man3/SSL_export_keying_material.3
  head/secure/lib/libcrypto/man/man3/SSL_extension_supported.3
  head/secure/lib/libcrypto/man/man3/SSL_free.3
  head/secure/lib/libcrypto/man/man3/SSL_get0_peer_scts.3
  head/secure/lib/libcrypto/man/man3/SSL_get_SSL_CTX.3
  head/secure/lib/libcrypto/man/man3/SSL_get_all_async_fds.3
  head/secure/lib/libcrypto/man/man3/SSL_get_ciphers.3
  head/secure/lib/libcrypto/man/man3/SSL_get_client_random.3
  head/secure/lib/libcrypto/man/man3/SSL_get_current_cipher.3
  head/secure/lib/libcrypto/man/man3/SSL_get_default_timeout.3
  head/secure/lib/libcrypto/man/man3/SSL_get_error.3
  head/secure/lib/libcrypto/man/man3/SSL_get_extms_support.3
  head/secure/lib/libcrypto/man/man3/SSL_get_fd.3
  head/secure/lib/libcrypto/man/man3/SSL_get_peer_cert_chain.3
  head/secure/lib/libcrypto/man/man3/SSL_get_peer_certificate.3
  head/secure/lib/libcrypto/man/man3/SSL_get_peer_signature_nid.3
  head/secure/lib/libcrypto/man/man3/SSL_get_peer_tmp_key.3
  head/secure/lib/libcrypto/man/man3/SSL_get_psk_identity.3
  head/secure/lib/libcrypto/man/man3/SSL_get_rbio.3
  head/secure/lib/libcrypto/man/man3/SSL_get_session.3
  head/secure/lib/libcrypto/man/man3/SSL_get_shared_sigalgs.3
  head/secure/lib/libcrypto/man/man3/SSL_get_verify_result.3
  head/secure/lib/libcrypto/man/man3/SSL_get_version.3
  head/secure/lib/libcrypto/man/man3/SSL_in_init.3
  head/secure/lib/libcrypto/man/man3/SSL_key_update.3
  head/secure/lib/libcrypto/man/man3/SSL_library_init.3
  head/secure/lib/libcrypto/man/man3/SSL_load_client_CA_file.3
  head/secure/lib/libcrypto/man/man3/SSL_new.3
  head/secure/lib/libcrypto/man/man3/SSL_pending.3
  head/secure/lib/libcrypto/man/man3/SSL_read.3
  head/secure/lib/libcrypto/man/man3/SSL_read_early_data.3
  head/secure/lib/libcrypto/man/man3/SSL_rstate_string.3
  head/secure/lib/libcrypto/man/man3/SSL_session_reused.3
  head/secure/lib/libcrypto/man/man3/SSL_set1_host.3
  head/secure/lib/libcrypto/man/man3/SSL_set_bio.3
  head/secure/lib/libcrypto/man/man3/SSL_set_connect_state.3
  head/secure/lib/libcrypto/man/man3/SSL_set_fd.3
  head/secure/lib/libcrypto/man/man3/SSL_set_session.3
  head/secure/lib/libcrypto/man/man3/SSL_set_shutdown.3
  head/secure/lib/libcrypto/man/man3/SSL_set_verify_result.3
  head/secure/lib/libcrypto/man/man3/SSL_shutdown.3
  head/secure/lib/libcrypto/man/man3/SSL_state_string.3
  head/secure/lib/libcrypto/man/man3/SSL_want.3
  head/secure/lib/libcrypto/man/man3/SSL_write.3
  head/secure/lib/libcrypto/man/man3/UI_STRING.3
  head/secure/lib/libcrypto/man/man3/UI_UTIL_read_pw.3
  head/secure/lib/libcrypto/man/man3/UI_create_method.3
  head/secure/lib/libcrypto/man/man3/UI_new.3
  head/secure/lib/libcrypto/man/man3/X509V3_get_d2i.3
  head/secure/lib/libcrypto/man/man3/X509_ALGOR_dup.3
  head/secure/lib/libcrypto/man/man3/X509_CRL_get0_by_serial.3
  head/secure/lib/libcrypto/man/man3/X509_EXTENSION_set_object.3
  head/secure/lib/libcrypto/man/man3/X509_LOOKUP.3
  head/secure/lib/libcrypto/man/man3/X509_LOOKUP_hash_dir.3
  head/secure/lib/libcrypto/man/man3/X509_LOOKUP_meth_new.3
  head/secure/lib/libcrypto/man/man3/X509_NAME_ENTRY_get_object.3
  head/secure/lib/libcrypto/man/man3/X509_NAME_add_entry_by_txt.3
  head/secure/lib/libcrypto/man/man3/X509_NAME_get0_der.3
  head/secure/lib/libcrypto/man/man3/X509_NAME_get_index_by_NID.3
  head/secure/lib/libcrypto/man/man3/X509_NAME_print_ex.3
  head/secure/lib/libcrypto/man/man3/X509_PUBKEY_new.3
  head/secure/lib/libcrypto/man/man3/X509_SIG_get0.3
  head/secure/lib/libcrypto/man/man3/X509_STORE_CTX_get_error.3
  head/secure/lib/libcrypto/man/man3/X509_STORE_CTX_new.3
  head/secure/lib/libcrypto/man/man3/X509_STORE_CTX_set_verify_cb.3
  head/secure/lib/libcrypto/man/man3/X509_STORE_add_cert.3
  head/secure/lib/libcrypto/man/man3/X509_STORE_get0_param.3
  head/secure/lib/libcrypto/man/man3/X509_STORE_new.3
  head/secure/lib/libcrypto/man/man3/X509_STORE_set_verify_cb_func.3
  head/secure/lib/libcrypto/man/man3/X509_VERIFY_PARAM_set_flags.3
  head/secure/lib/libcrypto/man/man3/X509_check_ca.3
  head/secure/lib/libcrypto/man/man3/X509_check_host.3
  head/secure/lib/libcrypto/man/man3/X509_check_issued.3
  head/secure/lib/libcrypto/man/man3/X509_check_private_key.3
  head/secure/lib/libcrypto/man/man3/X509_cmp.3
  head/secure/lib/libcrypto/man/man3/X509_cmp_time.3
  head/secure/lib/libcrypto/man/man3/X509_digest.3
  head/secure/lib/libcrypto/man/man3/X509_dup.3
  head/secure/lib/libcrypto/man/man3/X509_get0_notBefore.3
  head/secure/lib/libcrypto/man/man3/X509_get0_signature.3
  head/secure/lib/libcrypto/man/man3/X509_get0_uids.3
  head/secure/lib/libcrypto/man/man3/X509_get_extension_flags.3
  head/secure/lib/libcrypto/man/man3/X509_get_pubkey.3
  head/secure/lib/libcrypto/man/man3/X509_get_serialNumber.3
  head/secure/lib/libcrypto/man/man3/X509_get_subject_name.3
  head/secure/lib/libcrypto/man/man3/X509_get_version.3
  head/secure/lib/libcrypto/man/man3/X509_new.3
  head/secure/lib/libcrypto/man/man3/X509_sign.3
  head/secure/lib/libcrypto/man/man3/X509_verify_cert.3
  head/secure/lib/libcrypto/man/man3/X509v3_get_ext_by_NID.3
  head/secure/lib/libcrypto/man/man3/d2i_DHparams.3
  head/secure/lib/libcrypto/man/man3/d2i_PKCS8PrivateKey_bio.3
  head/secure/lib/libcrypto/man/man3/d2i_PrivateKey.3
  head/secure/lib/libcrypto/man/man3/d2i_SSL_SESSION.3
  head/secure/lib/libcrypto/man/man3/d2i_X509.3
  head/secure/lib/libcrypto/man/man3/i2d_CMS_bio_stream.3
  head/secure/lib/libcrypto/man/man3/i2d_PKCS7_bio_stream.3
  head/secure/lib/libcrypto/man/man3/i2d_re_X509_tbs.3
  head/secure/lib/libcrypto/man/man3/o2i_SCT_LIST.3
  head/secure/lib/libcrypto/man/man5/x509v3_config.5
  head/secure/lib/libcrypto/man/man7/Ed25519.7
  head/secure/lib/libcrypto/man/man7/RAND.7
  head/secure/lib/libcrypto/man/man7/RAND_DRBG.7
  head/secure/lib/libcrypto/man/man7/RSA-PSS.7
  head/secure/lib/libcrypto/man/man7/SM2.7
  head/secure/lib/libcrypto/man/man7/X25519.7
  head/secure/lib/libcrypto/man/man7/bio.7
  head/secure/lib/libcrypto/man/man7/ct.7
  head/secure/lib/libcrypto/man/man7/des_modes.7
  head/secure/lib/libcrypto/man/man7/evp.7
  head/secure/lib/libcrypto/man/man7/ossl_store-file.7
  head/secure/lib/libcrypto/man/man7/ossl_store.7
  head/secure/lib/libcrypto/man/man7/passphrase-encoding.7
  head/secure/lib/libcrypto/man/man7/proxy-certificates.7
  head/secure/lib/libcrypto/man/man7/scrypt.7
  head/secure/lib/libcrypto/man/man7/ssl.7
  head/secure/lib/libcrypto/man/man7/x509.7
  head/secure/usr.bin/openssl/man/CA.pl.1
  head/secure/usr.bin/openssl/man/asn1parse.1
  head/secure/usr.bin/openssl/man/ca.1
  head/secure/usr.bin/openssl/man/ciphers.1
  head/secure/usr.bin/openssl/man/cms.1
  head/secure/usr.bin/openssl/man/crl.1
  head/secure/usr.bin/openssl/man/crl2pkcs7.1
  head/secure/usr.bin/openssl/man/dgst.1
  head/secure/usr.bin/openssl/man/dhparam.1
  head/secure/usr.bin/openssl/man/dsa.1
  head/secure/usr.bin/openssl/man/dsaparam.1
  head/secure/usr.bin/openssl/man/ec.1
  head/secure/usr.bin/openssl/man/ecparam.1
  head/secure/usr.bin/openssl/man/enc.1
  head/secure/usr.bin/openssl/man/engine.1
  head/secure/usr.bin/openssl/man/errstr.1
  head/secure/usr.bin/openssl/man/gendsa.1
  head/secure/usr.bin/openssl/man/genpkey.1
  head/secure/usr.bin/openssl/man/genrsa.1
  head/secure/usr.bin/openssl/man/list.1
  head/secure/usr.bin/openssl/man/nseq.1
  head/secure/usr.bin/openssl/man/ocsp.1
  head/secure/usr.bin/openssl/man/openssl.1
  head/secure/usr.bin/openssl/man/passwd.1
  head/secure/usr.bin/openssl/man/pkcs12.1
  head/secure/usr.bin/openssl/man/pkcs7.1
  head/secure/usr.bin/openssl/man/pkcs8.1
  head/secure/usr.bin/openssl/man/pkey.1
  head/secure/usr.bin/openssl/man/pkeyparam.1
  head/secure/usr.bin/openssl/man/pkeyutl.1
  head/secure/usr.bin/openssl/man/prime.1
  head/secure/usr.bin/openssl/man/rand.1
  head/secure/usr.bin/openssl/man/req.1
  head/secure/usr.bin/openssl/man/rsa.1
  head/secure/usr.bin/openssl/man/rsautl.1
  head/secure/usr.bin/openssl/man/s_client.1
  head/secure/usr.bin/openssl/man/s_server.1
  head/secure/usr.bin/openssl/man/s_time.1
  head/secure/usr.bin/openssl/man/sess_id.1
  head/secure/usr.bin/openssl/man/smime.1
  head/secure/usr.bin/openssl/man/speed.1
  head/secure/usr.bin/openssl/man/spkac.1
  head/secure/usr.bin/openssl/man/srp.1
  head/secure/usr.bin/openssl/man/storeutl.1
  head/secure/usr.bin/openssl/man/ts.1
  head/secure/usr.bin/openssl/man/tsget.1
  head/secure/usr.bin/openssl/man/verify.1
  head/secure/usr.bin/openssl/man/version.1
  head/secure/usr.bin/openssl/man/x509.1
Directory Properties:
  head/crypto/openssl/   (props changed)

Modified: head/crypto/openssl/CHANGES
==============================================================================
--- head/crypto/openssl/CHANGES	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/CHANGES	Tue Mar 31 15:47:55 2020	(r359486)
@@ -7,6 +7,24 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1e and 1.1.1f [31 Mar 2020]
+
+  *) Revert the change of EOF detection while reading in libssl to avoid
+     regressions in applications depending on the current way of reporting
+     the EOF. As the existing method is not fully accurate the change to
+     reporting the EOF via SSL_ERROR_SSL is kept on the current development
+     branch and will be present in the 3.0 release.
+     [Tomas Mraz]
+
+  *) Revised BN_generate_prime_ex to not avoid factors 3..17863 in p-1
+     when primes for RSA keys are computed.
+     Since we previously always generated primes == 2 (mod 3) for RSA keys,
+     the 2-prime and 3-prime RSA modules were easy to distinguish, since
+     N = p*q = 1 (mod 3), but N = p*q*r = 2 (mod 3). Therefore fingerprinting
+     2-prime vs. 3-prime RSA keys was possible by computing N mod 3.
+     This avoids possible fingerprinting of newly generated RSA modules.
+     [Bernd Edlinger]
+
  Changes between 1.1.1d and 1.1.1e [17 Mar 2020]
   *) Properly detect EOF while reading in libssl. Previously if we hit an EOF
      while reading in libssl then we would report an error back to the

Modified: head/crypto/openssl/NEWS
==============================================================================
--- head/crypto/openssl/NEWS	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/NEWS	Tue Mar 31 15:47:55 2020	(r359486)
@@ -5,10 +5,16 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1e and OpenSSL 1.1.1f [31 Mar 2020]
+
+      o Revert the unexpected EOF reporting via SSL_ERROR_SSL
+
   Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020]
 
       o Fixed an overflow bug in the x64_64 Montgomery squaring procedure
         used in exponentiation with 512-bit moduli (CVE-2019-1551)
+      o Properly detect unexpected EOF while reading in libssl and report
+        it via SSL_ERROR_SSL
 
   Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019]
 

Modified: head/crypto/openssl/README
==============================================================================
--- head/crypto/openssl/README	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/README	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,7 +1,7 @@
 
- OpenSSL 1.1.1e 17 Mar 2020
+ OpenSSL 1.1.1f 31 Mar 2020
 
- Copyright (c) 1998-2019 The OpenSSL Project
+ Copyright (c) 1998-2020 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
  All rights reserved.
 

Modified: head/crypto/openssl/apps/rehash.c
==============================================================================
--- head/crypto/openssl/apps/rehash.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/apps/rehash.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2013-2014 Timo Teräs <timo.teras at gmail.com>
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -274,11 +274,19 @@ static int do_file(const char *filename, const char *f
     if (x->x509 != NULL) {
         type = TYPE_CERT;
         name = X509_get_subject_name(x->x509);
-        X509_digest(x->x509, evpmd, digest, NULL);
+        if (!X509_digest(x->x509, evpmd, digest, NULL)) {
+            BIO_printf(bio_err, "out of memory\n");
+            ++errs;
+            goto end;
+        }
     } else if (x->crl != NULL) {
         type = TYPE_CRL;
         name = X509_CRL_get_issuer(x->crl);
-        X509_CRL_digest(x->crl, evpmd, digest, NULL);
+        if (!X509_CRL_digest(x->crl, evpmd, digest, NULL)) {
+            BIO_printf(bio_err, "out of memory\n");
+            ++errs;
+            goto end;
+        }
     } else {
         ++errs;
         goto end;

Modified: head/crypto/openssl/apps/s_server.c
==============================================================================
--- head/crypto/openssl/apps/s_server.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/apps/s_server.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -1904,7 +1904,7 @@ int s_server_main(int argc, char *argv[])
         BIO_printf(bio_s_out, "Setting secondary ctx parameters\n");
 
         if (sdebug)
-            ssl_ctx_security_debug(ctx, sdebug);
+            ssl_ctx_security_debug(ctx2, sdebug);
 
         if (session_id_prefix) {
             if (strlen(session_id_prefix) >= 32)

Modified: head/crypto/openssl/crypto/bn/bn_local.h
==============================================================================
--- head/crypto/openssl/crypto/bn/bn_local.h	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/bn/bn_local.h	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -653,9 +653,6 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, cons
 BIGNUM *int_bn_mod_inverse(BIGNUM *in,
                            const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx,
                            int *noinv);
-
-int bn_probable_prime_dh(BIGNUM *rnd, int bits,
-                         const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx);
 
 static ossl_inline BIGNUM *bn_expand(BIGNUM *a, int bits)
 {

Modified: head/crypto/openssl/crypto/bn/bn_prime.c
==============================================================================
--- head/crypto/openssl/crypto/bn/bn_prime.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/bn/bn_prime.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -22,11 +22,13 @@
 static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
                    const BIGNUM *a1_odd, int k, BN_CTX *ctx,
                    BN_MONT_CTX *mont);
-static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods);
-static int probable_prime_dh_safe(BIGNUM *rnd, int bits,
-                                  const BIGNUM *add, const BIGNUM *rem,
-                                  BN_CTX *ctx);
+static int probable_prime(BIGNUM *rnd, int bits, int safe, prime_t *mods);
+static int probable_prime_dh(BIGNUM *rnd, int bits, int safe, prime_t *mods,
+                             const BIGNUM *add, const BIGNUM *rem,
+                             BN_CTX *ctx);
 
+#define square(x) ((BN_ULONG)(x) * (BN_ULONG)(x))
+
 int BN_GENCB_call(BN_GENCB *cb, int a, int b)
 {
     /* No callback means continue */
@@ -87,16 +89,11 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int sa
  loop:
     /* make a random number and set the top and bottom bits */
     if (add == NULL) {
-        if (!probable_prime(ret, bits, mods))
+        if (!probable_prime(ret, bits, safe, mods))
             goto err;
     } else {
-        if (safe) {
-            if (!probable_prime_dh_safe(ret, bits, add, rem, ctx))
-                goto err;
-        } else {
-            if (!bn_probable_prime_dh(ret, bits, add, rem, ctx))
-                goto err;
-        }
+        if (!probable_prime_dh(ret, bits, safe, mods, add, rem, ctx))
+            goto err;
     }
 
     if (!BN_GENCB_call(cb, 0, c1++))
@@ -272,17 +269,18 @@ static int witness(BIGNUM *w, const BIGNUM *a, const B
     return 1;
 }
 
-static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods)
+static int probable_prime(BIGNUM *rnd, int bits, int safe, prime_t *mods)
 {
     int i;
     BN_ULONG delta;
     BN_ULONG maxdelta = BN_MASK2 - primes[NUMPRIMES - 1];
-    char is_single_word = bits <= BN_BITS2;
 
  again:
     /* TODO: Not all primes are private */
     if (!BN_priv_rand(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD))
         return 0;
+    if (safe && !BN_set_bit(rnd, 1))
+        return 0;
     /* we now have a random number 'rnd' to test. */
     for (i = 1; i < NUMPRIMES; i++) {
         BN_ULONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]);
@@ -290,62 +288,26 @@ static int probable_prime(BIGNUM *rnd, int bits, prime
             return 0;
         mods[i] = (prime_t) mod;
     }
-    /*
-     * If bits is so small that it fits into a single word then we
-     * additionally don't want to exceed that many bits.
-     */
-    if (is_single_word) {
-        BN_ULONG size_limit;
-
-        if (bits == BN_BITS2) {
-            /*
-             * Shifting by this much has undefined behaviour so we do it a
-             * different way
-             */
-            size_limit = ~((BN_ULONG)0) - BN_get_word(rnd);
-        } else {
-            size_limit = (((BN_ULONG)1) << bits) - BN_get_word(rnd) - 1;
-        }
-        if (size_limit < maxdelta)
-            maxdelta = size_limit;
-    }
     delta = 0;
  loop:
-    if (is_single_word) {
-        BN_ULONG rnd_word = BN_get_word(rnd);
-
-        /*-
-         * In the case that the candidate prime is a single word then
-         * we check that:
-         *   1) It's greater than primes[i] because we shouldn't reject
-         *      3 as being a prime number because it's a multiple of
-         *      three.
-         *   2) That it's not a multiple of a known prime. We don't
-         *      check that rnd-1 is also coprime to all the known
-         *      primes because there aren't many small primes where
-         *      that's true.
+    for (i = 1; i < NUMPRIMES; i++) {
+        /*
+         * check that rnd is a prime and also that
+         * gcd(rnd-1,primes) == 1 (except for 2)
+         * do the second check only if we are interested in safe primes
+         * in the case that the candidate prime is a single word then
+         * we check only the primes up to sqrt(rnd)
          */
-        for (i = 1; i < NUMPRIMES && primes[i] < rnd_word; i++) {
-            if ((mods[i] + delta) % primes[i] == 0) {
-                delta += 2;
-                if (delta > maxdelta)
-                    goto again;
-                goto loop;
-            }
+        if (bits <= 31 && delta <= 0x7fffffff
+                && square(primes[i]) > BN_get_word(rnd) + delta)
+            break;
+        if (safe ? (mods[i] + delta) % primes[i] <= 1
+                 : (mods[i] + delta) % primes[i] == 0) {
+            delta += safe ? 4 : 2;
+            if (delta > maxdelta)
+                goto again;
+            goto loop;
         }
-    } else {
-        for (i = 1; i < NUMPRIMES; i++) {
-            /*
-             * check that rnd is not a prime and also that gcd(rnd-1,primes)
-             * == 1 (except for 2)
-             */
-            if (((mods[i] + delta) % primes[i]) <= 1) {
-                delta += 2;
-                if (delta > maxdelta)
-                    goto again;
-                goto loop;
-            }
-        }
     }
     if (!BN_add_word(rnd, delta))
         return 0;
@@ -355,16 +317,23 @@ static int probable_prime(BIGNUM *rnd, int bits, prime
     return 1;
 }
 
-int bn_probable_prime_dh(BIGNUM *rnd, int bits,
-                         const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx)
+static int probable_prime_dh(BIGNUM *rnd, int bits, int safe, prime_t *mods,
+                             const BIGNUM *add, const BIGNUM *rem,
+                             BN_CTX *ctx)
 {
     int i, ret = 0;
     BIGNUM *t1;
+    BN_ULONG delta;
+    BN_ULONG maxdelta = BN_MASK2 - primes[NUMPRIMES - 1];
 
     BN_CTX_start(ctx);
     if ((t1 = BN_CTX_get(ctx)) == NULL)
         goto err;
 
+    if (maxdelta > BN_MASK2 - BN_get_word(add))
+        maxdelta = BN_MASK2 - BN_get_word(add);
+
+ again:
     if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
         goto err;
 
@@ -375,98 +344,48 @@ int bn_probable_prime_dh(BIGNUM *rnd, int bits,
     if (!BN_sub(rnd, rnd, t1))
         goto err;
     if (rem == NULL) {
-        if (!BN_add_word(rnd, 1))
+        if (!BN_add_word(rnd, safe ? 3u : 1u))
             goto err;
     } else {
         if (!BN_add(rnd, rnd, rem))
             goto err;
     }
 
-    /* we now have a random number 'rand' to test. */
+    if (BN_num_bits(rnd) < bits
+            || BN_get_word(rnd) < (safe ? 5u : 3u)) {
+        if (!BN_add(rnd, rnd, add))
+            goto err;
+    }
 
- loop:
+    /* we now have a random number 'rnd' to test. */
     for (i = 1; i < NUMPRIMES; i++) {
-        /* check that rnd is a prime */
         BN_ULONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]);
         if (mod == (BN_ULONG)-1)
             goto err;
-        if (mod <= 1) {
-            if (!BN_add(rnd, rnd, add))
-                goto err;
-            goto loop;
-        }
+        mods[i] = (prime_t) mod;
     }
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    bn_check_top(rnd);
-    return ret;
-}
-
-static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
-                                  const BIGNUM *rem, BN_CTX *ctx)
-{
-    int i, ret = 0;
-    BIGNUM *t1, *qadd, *q;
-
-    bits--;
-    BN_CTX_start(ctx);
-    t1 = BN_CTX_get(ctx);
-    q = BN_CTX_get(ctx);
-    qadd = BN_CTX_get(ctx);
-    if (qadd == NULL)
-        goto err;
-
-    if (!BN_rshift1(qadd, padd))
-        goto err;
-
-    if (!BN_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
-        goto err;
-
-    /* we need ((rnd-rem) % add) == 0 */
-    if (!BN_mod(t1, q, qadd, ctx))
-        goto err;
-    if (!BN_sub(q, q, t1))
-        goto err;
-    if (rem == NULL) {
-        if (!BN_add_word(q, 1))
-            goto err;
-    } else {
-        if (!BN_rshift1(t1, rem))
-            goto err;
-        if (!BN_add(q, q, t1))
-            goto err;
-    }
-
-    /* we now have a random number 'rand' to test. */
-    if (!BN_lshift1(p, q))
-        goto err;
-    if (!BN_add_word(p, 1))
-        goto err;
-
+    delta = 0;
  loop:
     for (i = 1; i < NUMPRIMES; i++) {
-        /* check that p and q are prime */
-        /*
-         * check that for p and q gcd(p-1,primes) == 1 (except for 2)
-         */
-        BN_ULONG pmod = BN_mod_word(p, (BN_ULONG)primes[i]);
-        BN_ULONG qmod = BN_mod_word(q, (BN_ULONG)primes[i]);
-        if (pmod == (BN_ULONG)-1 || qmod == (BN_ULONG)-1)
-            goto err;
-        if (pmod == 0 || qmod == 0) {
-            if (!BN_add(p, p, padd))
-                goto err;
-            if (!BN_add(q, q, qadd))
-                goto err;
+        /* check that rnd is a prime */
+        if (bits <= 31 && delta <= 0x7fffffff
+                && square(primes[i]) > BN_get_word(rnd) + delta)
+            break;
+        /* rnd mod p == 1 implies q = (rnd-1)/2 is divisible by p */
+        if (safe ? (mods[i] + delta) % primes[i] <= 1
+                 : (mods[i] + delta) % primes[i] == 0) {
+            delta += BN_get_word(add);
+            if (delta > maxdelta)
+                goto again;
             goto loop;
         }
     }
+    if (!BN_add_word(rnd, delta))
+        goto err;
     ret = 1;
 
  err:
     BN_CTX_end(ctx);
-    bn_check_top(p);
+    bn_check_top(rnd);
     return ret;
 }

Modified: head/crypto/openssl/crypto/conf/conf_lib.c
==============================================================================
--- head/crypto/openssl/crypto/conf/conf_lib.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/conf/conf_lib.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -356,8 +356,10 @@ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void)
 {
     OPENSSL_INIT_SETTINGS *ret = malloc(sizeof(*ret));
 
-    if (ret != NULL)
-        memset(ret, 0, sizeof(*ret));
+    if (ret == NULL)
+        return NULL;
+
+    memset(ret, 0, sizeof(*ret));
     ret->flags = DEFAULT_CONF_MFLAGS;
 
     return ret;

Modified: head/crypto/openssl/crypto/err/openssl.txt
==============================================================================
--- head/crypto/openssl/crypto/err/openssl.txt	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/err/openssl.txt	Tue Mar 31 15:47:55 2020	(r359486)
@@ -2852,7 +2852,6 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to l
 SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines
 SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message
 SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data
-SSL_R_UNEXPECTED_EOF_WHILE_READING:294:unexpected eof while reading
 SSL_R_UNEXPECTED_MESSAGE:244:unexpected message
 SSL_R_UNEXPECTED_RECORD:245:unexpected record
 SSL_R_UNINITIALIZED:276:uninitialized

Modified: head/crypto/openssl/crypto/ex_data.c
==============================================================================
--- head/crypto/openssl/crypto/ex_data.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/ex_data.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -235,7 +235,7 @@ int CRYPTO_new_ex_data(int class_index, void *obj, CRY
         return 0;
     }
     for (i = 0; i < mx; i++) {
-        if (storage[i] && storage[i]->new_func) {
+        if (storage[i] != NULL && storage[i]->new_func != NULL) {
             ptr = CRYPTO_get_ex_data(ad, i);
             storage[i]->new_func(obj, ptr, ad, i,
                                  storage[i]->argl, storage[i]->argp);
@@ -299,7 +299,7 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA
 
     for (i = 0; i < mx; i++) {
         ptr = CRYPTO_get_ex_data(from, i);
-        if (storage[i] && storage[i]->dup_func)
+        if (storage[i] != NULL && storage[i]->dup_func != NULL)
             if (!storage[i]->dup_func(to, from, &ptr, i,
                                       storage[i]->argl, storage[i]->argp))
                 goto err;

Modified: head/crypto/openssl/crypto/pkcs12/p12_crt.c
==============================================================================
--- head/crypto/openssl/crypto/pkcs12/p12_crt.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/pkcs12/p12_crt.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -62,7 +62,8 @@ PKCS12 *PKCS12_create(const char *pass, const char *na
     if (pkey && cert) {
         if (!X509_check_private_key(cert, pkey))
             return NULL;
-        X509_digest(cert, EVP_sha1(), keyid, &keyidlen);
+        if (!X509_digest(cert, EVP_sha1(), keyid, &keyidlen))
+            return NULL;
     }
 
     if (cert) {

Modified: head/crypto/openssl/crypto/ts/ts_rsp_sign.c
==============================================================================
--- head/crypto/openssl/crypto/ts/ts_rsp_sign.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/ts/ts_rsp_sign.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -771,7 +771,8 @@ static ESS_CERT_ID *ess_CERT_ID_new_init(X509 *cert, i
     X509_check_purpose(cert, -1, 0);
     if ((cid = ESS_CERT_ID_new()) == NULL)
         goto err;
-    X509_digest(cert, EVP_sha1(), cert_sha1, NULL);
+    if (!X509_digest(cert, EVP_sha1(), cert_sha1, NULL))
+        goto err;
     if (!ASN1_OCTET_STRING_set(cid->hash, cert_sha1, SHA_DIGEST_LENGTH))
         goto err;
 

Modified: head/crypto/openssl/crypto/ts/ts_rsp_verify.c
==============================================================================
--- head/crypto/openssl/crypto/ts/ts_rsp_verify.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/ts/ts_rsp_verify.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -289,11 +289,12 @@ static int ts_find_cert(STACK_OF(ESS_CERT_ID) *cert_id
     if (!cert_ids || !cert)
         return -1;
 
-    X509_digest(cert, EVP_sha1(), cert_sha1, NULL);
-
     /* Recompute SHA1 hash of certificate if necessary (side effect). */
     X509_check_purpose(cert, -1, 0);
 
+    if (!X509_digest(cert, EVP_sha1(), cert_sha1, NULL))
+        return -1;
+
     /* Look for cert in the cert_ids vector. */
     for (i = 0; i < sk_ESS_CERT_ID_num(cert_ids); ++i) {
         ESS_CERT_ID *cid = sk_ESS_CERT_ID_value(cert_ids, i);
@@ -326,7 +327,8 @@ static int ts_find_cert_v2(STACK_OF(ESS_CERT_ID_V2) *c
         else
             md = EVP_sha256();
 
-        X509_digest(cert, md, cert_digest, &len);
+        if (!X509_digest(cert, md, cert_digest, &len))
+            return -1;
         if (cid->hash->length != (int)len)
             return -1;
 

Modified: head/crypto/openssl/crypto/x509/x509_cmp.c
==============================================================================
--- head/crypto/openssl/crypto/x509/x509_cmp.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/x509/x509_cmp.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -134,9 +134,12 @@ unsigned long X509_subject_name_hash_old(X509 *x)
 int X509_cmp(const X509 *a, const X509 *b)
 {
     int rv;
+
     /* ensure hash is valid */
-    X509_check_purpose((X509 *)a, -1, 0);
-    X509_check_purpose((X509 *)b, -1, 0);
+    if (X509_check_purpose((X509 *)a, -1, 0) != 1)
+        return -2;
+    if (X509_check_purpose((X509 *)b, -1, 0) != 1)
+        return -2;
 
     rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
     if (rv)

Modified: head/crypto/openssl/crypto/x509/x509_trs.c
==============================================================================
--- head/crypto/openssl/crypto/x509/x509_trs.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/x509/x509_trs.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -240,8 +240,9 @@ static int trust_1oid(X509_TRUST *trust, X509 *x, int 
 static int trust_compat(X509_TRUST *trust, X509 *x, int flags)
 {
     /* Call for side-effect of computing hash and caching extensions */
-    X509_check_purpose(x, -1, 0);
-    if ((flags & X509_TRUST_NO_SS_COMPAT) == 0 && x->ex_flags & EXFLAG_SS)
+    if (X509_check_purpose(x, -1, 0) != 1)
+        return X509_TRUST_UNTRUSTED;
+    if ((flags & X509_TRUST_NO_SS_COMPAT) == 0 && (x->ex_flags & EXFLAG_SS))
         return X509_TRUST_TRUSTED;
     else
         return X509_TRUST_UNTRUSTED;

Modified: head/crypto/openssl/crypto/x509/x509_vfy.c
==============================================================================
--- head/crypto/openssl/crypto/x509/x509_vfy.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/x509/x509_vfy.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -107,12 +107,8 @@ static int null_callback(int ok, X509_STORE_CTX *e)
 /* Return 1 is a certificate is self signed */
 static int cert_self_signed(X509 *x)
 {
-    /*
-     * FIXME: x509v3_cache_extensions() needs to detect more failures and not
-     * set EXFLAG_SET when that happens.  Especially, if the failures are
-     * parse errors, rather than memory pressure!
-     */
-    X509_check_purpose(x, -1, 0);
+    if (X509_check_purpose(x, -1, 0) != 1)
+        return 0;
     if (x->ex_flags & EXFLAG_SS)
         return 1;
     else

Modified: head/crypto/openssl/crypto/x509/x_all.c
==============================================================================
--- head/crypto/openssl/crypto/x509/x_all.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/x509/x_all.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -362,7 +362,8 @@ int X509_pubkey_digest(const X509 *data, const EVP_MD 
 int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
                 unsigned int *len)
 {
-    if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0) {
+    if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0
+            && (data->ex_flags & EXFLAG_INVALID) == 0) {
         /* Asking for SHA1 and we already computed it. */
         if (len != NULL)
             *len = sizeof(data->sha1_hash);
@@ -376,7 +377,8 @@ int X509_digest(const X509 *data, const EVP_MD *type, 
 int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
                     unsigned char *md, unsigned int *len)
 {
-    if (type == EVP_sha1() && (data->flags & EXFLAG_SET) != 0) {
+    if (type == EVP_sha1() && (data->flags & EXFLAG_SET) != 0
+            && (data->flags & EXFLAG_INVALID) == 0) {
         /* Asking for SHA1; always computed in CRL d2i. */
         if (len != NULL)
             *len = sizeof(data->sha1_hash);

Modified: head/crypto/openssl/crypto/x509/x_crl.c
==============================================================================
--- head/crypto/openssl/crypto/x509/x_crl.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/x509/x_crl.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -17,7 +17,7 @@
 
 static int X509_REVOKED_cmp(const X509_REVOKED *const *a,
                             const X509_REVOKED *const *b);
-static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
+static int setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
 
 ASN1_SEQUENCE(X509_REVOKED) = {
         ASN1_EMBED(X509_REVOKED,serialNumber, ASN1_INTEGER),
@@ -155,7 +155,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, co
     X509_CRL *crl = (X509_CRL *)*pval;
     STACK_OF(X509_EXTENSION) *exts;
     X509_EXTENSION *ext;
-    int idx;
+    int idx, i;
 
     switch (operation) {
     case ASN1_OP_D2I_PRE:
@@ -184,23 +184,35 @@ static int crl_cb(int operation, ASN1_VALUE **pval, co
         break;
 
     case ASN1_OP_D2I_POST:
-        X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
+        if (!X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL))
+            crl->flags |= EXFLAG_INVALID;
         crl->idp = X509_CRL_get_ext_d2i(crl,
-                                        NID_issuing_distribution_point, NULL,
+                                        NID_issuing_distribution_point, &i,
                                         NULL);
-        if (crl->idp)
-            setup_idp(crl, crl->idp);
+        if (crl->idp != NULL) {
+            if (!setup_idp(crl, crl->idp))
+                crl->flags |= EXFLAG_INVALID;
+        }
+        else if (i != -1) {
+            crl->flags |= EXFLAG_INVALID;
+        }
 
         crl->akid = X509_CRL_get_ext_d2i(crl,
-                                         NID_authority_key_identifier, NULL,
+                                         NID_authority_key_identifier, &i,
                                          NULL);
+        if (crl->akid == NULL && i != -1)
+            crl->flags |= EXFLAG_INVALID;
 
         crl->crl_number = X509_CRL_get_ext_d2i(crl,
-                                               NID_crl_number, NULL, NULL);
+                                               NID_crl_number, &i, NULL);
+        if (crl->crl_number == NULL && i != -1)
+            crl->flags |= EXFLAG_INVALID;
 
         crl->base_crl_number = X509_CRL_get_ext_d2i(crl,
-                                                    NID_delta_crl, NULL,
+                                                    NID_delta_crl, &i,
                                                     NULL);
+        if (crl->base_crl_number == NULL && i != -1)
+            crl->flags |= EXFLAG_INVALID;
         /* Delta CRLs must have CRL number */
         if (crl->base_crl_number && !crl->crl_number)
             crl->flags |= EXFLAG_INVALID;
@@ -259,9 +271,10 @@ static int crl_cb(int operation, ASN1_VALUE **pval, co
 
 /* Convert IDP into a more convenient form */
 
-static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
+static int setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
 {
     int idp_only = 0;
+
     /* Set various flags according to IDP */
     crl->idp_flags |= IDP_PRESENT;
     if (idp->onlyuser > 0) {
@@ -292,7 +305,7 @@ static void setup_idp(X509_CRL *crl, ISSUING_DIST_POIN
         crl->idp_reasons &= CRLDP_ALL_REASONS;
     }
 
-    DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
+    return DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
 }
 
 ASN1_SEQUENCE_ref(X509_CRL, crl_cb) = {

Modified: head/crypto/openssl/crypto/x509v3/v3_purp.c
==============================================================================
--- head/crypto/openssl/crypto/x509v3/v3_purp.c	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/crypto/x509v3/v3_purp.c	Tue Mar 31 15:47:55 2020	(r359486)
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -81,6 +81,8 @@ int X509_check_purpose(X509 *x, int id, int ca)
     const X509_PURPOSE *pt;
 
     x509v3_cache_extensions(x);
+    if (x->ex_flags & EXFLAG_INVALID)
+        return -1;
 
     /* Return if side-effect only call */
     if (id == -1)
@@ -300,10 +302,11 @@ int X509_supported_extension(X509_EXTENSION *ex)
     return 0;
 }
 
-static void setup_dp(X509 *x, DIST_POINT *dp)
+static int setup_dp(X509 *x, DIST_POINT *dp)
 {
     X509_NAME *iname = NULL;
     int i;
+
     if (dp->reasons) {
         if (dp->reasons->length > 0)
             dp->dp_reasons = dp->reasons->data[0];
@@ -313,7 +316,7 @@ static void setup_dp(X509 *x, DIST_POINT *dp)
     } else
         dp->dp_reasons = CRLDP_ALL_REASONS;
     if (!dp->distpoint || (dp->distpoint->type != 1))
-        return;
+        return 1;
     for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
         GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
         if (gen->type == GEN_DIRNAME) {
@@ -324,16 +327,21 @@ static void setup_dp(X509 *x, DIST_POINT *dp)
     if (!iname)
         iname = X509_get_issuer_name(x);
 
-    DIST_POINT_set_dpname(dp->distpoint, iname);
-
+    return DIST_POINT_set_dpname(dp->distpoint, iname);
 }
 
-static void setup_crldp(X509 *x)
+static int setup_crldp(X509 *x)
 {
     int i;
-    x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL);
-    for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++)
-        setup_dp(x, sk_DIST_POINT_value(x->crldp, i));
+
+    x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, &i, NULL);
+    if (x->crldp == NULL && i != -1)
+        return 0;
+    for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) {
+        if (!setup_dp(x, sk_DIST_POINT_value(x->crldp, i)))
+            return 0;
+    }
+    return 1;
 }
 
 #define V1_ROOT (EXFLAG_V1|EXFLAG_SS)
@@ -366,12 +374,13 @@ static void x509v3_cache_extensions(X509 *x)
         return;
     }
 
-    X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);
+    if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL))
+        x->ex_flags |= EXFLAG_INVALID;
     /* V1 should mean no extensions ... */
     if (!X509_get_version(x))
         x->ex_flags |= EXFLAG_V1;
     /* Handle basic constraints */
-    if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, NULL, NULL))) {
+    if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, &i, NULL))) {
         if (bs->ca)
             x->ex_flags |= EXFLAG_CA;
         if (bs->pathlen) {
@@ -385,9 +394,11 @@ static void x509v3_cache_extensions(X509 *x)
             x->ex_pathlen = -1;
         BASIC_CONSTRAINTS_free(bs);
         x->ex_flags |= EXFLAG_BCONS;
+    } else if (i != -1) {
+        x->ex_flags |= EXFLAG_INVALID;
     }
     /* Handle proxy certificates */
-    if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) {
+    if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, &i, NULL))) {
         if (x->ex_flags & EXFLAG_CA
             || X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0
             || X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) {
@@ -399,9 +410,11 @@ static void x509v3_cache_extensions(X509 *x)
             x->ex_pcpathlen = -1;
         PROXY_CERT_INFO_EXTENSION_free(pci);
         x->ex_flags |= EXFLAG_PROXY;
+    } else if (i != -1) {
+        x->ex_flags |= EXFLAG_INVALID;
     }
     /* Handle key usage */
-    if ((usage = X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {
+    if ((usage = X509_get_ext_d2i(x, NID_key_usage, &i, NULL))) {
         if (usage->length > 0) {
             x->ex_kusage = usage->data[0];
             if (usage->length > 1)
@@ -410,9 +423,11 @@ static void x509v3_cache_extensions(X509 *x)
             x->ex_kusage = 0;
         x->ex_flags |= EXFLAG_KUSAGE;
         ASN1_BIT_STRING_free(usage);
+    } else if (i != -1) {
+        x->ex_flags |= EXFLAG_INVALID;
     }
     x->ex_xkusage = 0;
-    if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL))) {
+    if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, &i, NULL))) {
         x->ex_flags |= EXFLAG_XKUSAGE;
         for (i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) {
             switch (OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage, i))) {
@@ -455,18 +470,26 @@ static void x509v3_cache_extensions(X509 *x)
             }
         }
         sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);
+    } else if (i != -1) {
+        x->ex_flags |= EXFLAG_INVALID;
     }
 
-    if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, NULL, NULL))) {
+    if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, &i, NULL))) {
         if (ns->length > 0)
             x->ex_nscert = ns->data[0];
         else
             x->ex_nscert = 0;
         x->ex_flags |= EXFLAG_NSCERT;
         ASN1_BIT_STRING_free(ns);
+    } else if (i != -1) {
+        x->ex_flags |= EXFLAG_INVALID;
     }
-    x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);
-    x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);
+    x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, &i, NULL);
+    if (x->skid == NULL && i != -1)
+        x->ex_flags |= EXFLAG_INVALID;
+    x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, &i, NULL);
+    if (x->akid == NULL && i != -1)
+        x->ex_flags |= EXFLAG_INVALID;
     /* Does subject name match issuer ? */
     if (!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) {
         x->ex_flags |= EXFLAG_SI;
@@ -475,16 +498,22 @@ static void x509v3_cache_extensions(X509 *x)
             !ku_reject(x, KU_KEY_CERT_SIGN))
             x->ex_flags |= EXFLAG_SS;
     }
-    x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
+    x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, &i, NULL);
+    if (x->altname == NULL && i != -1)
+        x->ex_flags |= EXFLAG_INVALID;
     x->nc = X509_get_ext_d2i(x, NID_name_constraints, &i, NULL);
-    if (!x->nc && (i != -1))
+    if (x->nc == NULL && i != -1)
         x->ex_flags |= EXFLAG_INVALID;
-    setup_crldp(x);
+    if (!setup_crldp(x))
+        x->ex_flags |= EXFLAG_INVALID;
 
 #ifndef OPENSSL_NO_RFC3779
-    x->rfc3779_addr = X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, NULL, NULL);
-    x->rfc3779_asid = X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum,
-                                       NULL, NULL);
+    x->rfc3779_addr = X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, &i, NULL);
+    if (x->rfc3779_addr == NULL && i != -1)
+        x->ex_flags |= EXFLAG_INVALID;
+    x->rfc3779_asid = X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum, &i, NULL);
+    if (x->rfc3779_asid == NULL && i != -1)
+        x->ex_flags |= EXFLAG_INVALID;
 #endif
     for (i = 0; i < X509_get_ext_count(x); i++) {
         ex = X509_get_ext(x, i);
@@ -777,7 +806,11 @@ int X509_check_issued(X509 *issuer, X509 *subject)
         return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
 
     x509v3_cache_extensions(issuer);
+    if (issuer->ex_flags & EXFLAG_INVALID)
+        return X509_V_ERR_UNSPECIFIED;
     x509v3_cache_extensions(subject);
+    if (subject->ex_flags & EXFLAG_INVALID)
+        return X509_V_ERR_UNSPECIFIED;
 
     if (subject->akid) {
         int ret = X509_check_akid(issuer, subject->akid);
@@ -842,7 +875,8 @@ uint32_t X509_get_extension_flags(X509 *x)
 uint32_t X509_get_key_usage(X509 *x)
 {
     /* Call for side-effect of computing hash and caching extensions */
-    X509_check_purpose(x, -1, -1);
+    if (X509_check_purpose(x, -1, -1) != 1)
+        return 0;
     if (x->ex_flags & EXFLAG_KUSAGE)
         return x->ex_kusage;
     return UINT32_MAX;
@@ -851,7 +885,8 @@ uint32_t X509_get_key_usage(X509 *x)
 uint32_t X509_get_extended_key_usage(X509 *x)
 {
     /* Call for side-effect of computing hash and caching extensions */
-    X509_check_purpose(x, -1, -1);
+    if (X509_check_purpose(x, -1, -1) != 1)
+        return 0;
     if (x->ex_flags & EXFLAG_XKUSAGE)
         return x->ex_xkusage;
     return UINT32_MAX;
@@ -860,28 +895,32 @@ uint32_t X509_get_extended_key_usage(X509 *x)
 const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x)
 {
     /* Call for side-effect of computing hash and caching extensions */
-    X509_check_purpose(x, -1, -1);
+    if (X509_check_purpose(x, -1, -1) != 1)
+        return NULL;
     return x->skid;
 }
 
 const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x)
 {
     /* Call for side-effect of computing hash and caching extensions */
-    X509_check_purpose(x, -1, -1);
+    if (X509_check_purpose(x, -1, -1) != 1)
+        return NULL;
     return (x->akid != NULL ? x->akid->keyid : NULL);
 }
 
 const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x)
 {
     /* Call for side-effect of computing hash and caching extensions */
-    X509_check_purpose(x, -1, -1);
+    if (X509_check_purpose(x, -1, -1) != 1)
+        return NULL;
     return (x->akid != NULL ? x->akid->issuer : NULL);
 }
 
 const ASN1_INTEGER *X509_get0_authority_serial(X509 *x)
 {
     /* Call for side-effect of computing hash and caching extensions */
-    X509_check_purpose(x, -1, -1);
+    if (X509_check_purpose(x, -1, -1) != 1)
+        return NULL;
     return (x->akid != NULL ? x->akid->serial : NULL);
 }
 

Modified: head/crypto/openssl/doc/man3/BN_generate_prime.pod
==============================================================================
--- head/crypto/openssl/doc/man3/BN_generate_prime.pod	Tue Mar 31 15:28:31 2020	(r359485)
+++ head/crypto/openssl/doc/man3/BN_generate_prime.pod	Tue Mar 31 15:47:55 2020	(r359486)
@@ -52,7 +52,9 @@ Deprecated:
 
 BN_generate_prime_ex() generates a pseudo-random prime number of
 at least bit length B<bits>. The returned number is probably prime
-with a negligible error.
+with a negligible error. If B<add> is B<NULL> the returned prime
+number will have exact bit length B<bits> with the top most two

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***


More information about the svn-src-all mailing list