Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | update libressl to version 2.9.2 |
---|---|
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
344943e84b906db507804e1173abd379 |
User & Date: | chw 2019-05-24 18:46:54.830 |
Context
2019-05-24
| ||
22:16 | update curl to version 7.65.0 check-in: 64dd8bc483 user: chw tags: trunk | |
18:46 | update libressl to version 2.9.2 check-in: 344943e84b user: chw tags: trunk | |
09:37 | improved topcua example from [2d7bf2f037] check-in: 9dc5a09111 user: chw tags: trunk | |
Changes
Changes to jni/libressl/Android.mk.
︙ | ︙ | |||
409 410 411 412 413 414 415 | crypto/compat/timingsafe_bcmp.c \ crypto/compat/recallocarray.c \ crypto/compat/arc4random_uniform.c \ crypto/compat/bsd-asprintf.c \ crypto/compat/explicit_bzero.c \ crypto/compat/freezero.c \ crypto/compat/timegm.c \ | | | 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 | crypto/compat/timingsafe_bcmp.c \ crypto/compat/recallocarray.c \ crypto/compat/arc4random_uniform.c \ crypto/compat/bsd-asprintf.c \ crypto/compat/explicit_bzero.c \ crypto/compat/freezero.c \ crypto/compat/timegm.c \ crypto/compat/getprogname_linux.c \ crypto/err/err_all.c \ crypto/err/err.c \ crypto/err/err_prn.c \ crypto/rand/rand_err.c \ crypto/rand/rand_lib.c \ crypto/rand/randfile.c \ crypto/sha/sha1dgst.c \ |
︙ | ︙ |
Changes to jni/libressl/ChangeLog.
︙ | ︙ | |||
24 25 26 27 28 29 30 31 32 33 34 35 36 37 | The portable bits of the project are largely maintained out-of-tree, and their history is also available from Git. https://github.com/libressl-portable/portable LibreSSL Portable Release Notes: 2.9.1 - Stable release * Added support for XChaCha20 and XChaCha20-Poly1305. * Added support for AES key wrap constructions via the EVP interface. * Partial port of the OpenSSL EC_KEY_METHOD API for use by OpenSSH. | > > > > > > > | 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 | The portable bits of the project are largely maintained out-of-tree, and their history is also available from Git. https://github.com/libressl-portable/portable LibreSSL Portable Release Notes: 2.9.2 - Bug fixes * Fixed portable builds with older versions of MacOS, Android targets < API 21, and Solaris 10 * Fixed SRTP profile advertisement for DTLS servers. 2.9.1 - Stable release * Added support for XChaCha20 and XChaCha20-Poly1305. * Added support for AES key wrap constructions via the EVP interface. * Partial port of the OpenSSL EC_KEY_METHOD API for use by OpenSSH. |
︙ | ︙ |
Changes to jni/libressl/VERSION.
|
| | | 1 2 | 2.9.2 |
Changes to jni/libressl/apps/openssl/CMakeLists.txt.
︙ | ︙ | |||
62 63 64 65 66 67 68 69 70 71 72 73 74 75 | check_function_exists(strtonum HAVE_STRTONUM) if(HAVE_STRTONUM) add_definitions(-DHAVE_STRTONUM) else() set(OPENSSL_SRC ${OPENSSL_SRC} compat/strtonum.c) endif() add_executable(openssl ${OPENSSL_SRC}) target_include_directories(openssl PRIVATE . ../../include/compat) target_link_libraries(openssl ${OPENSSL_LIBS}) if(ENABLE_LIBRESSL_INSTALL) install(TARGETS openssl DESTINATION ${CMAKE_INSTALL_BINDIR}) | > > > > > > > | 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 | check_function_exists(strtonum HAVE_STRTONUM) if(HAVE_STRTONUM) add_definitions(-DHAVE_STRTONUM) else() set(OPENSSL_SRC ${OPENSSL_SRC} compat/strtonum.c) endif() if(CMAKE_SYSTEM_NAME MATCHES "Darwin") check_function_exists(clock_gettime HAVE_CLOCK_GETTIME) if(NOT HAVE_CLOCK_GETTIME) set(OPENSSL_SRC ${OPENSSL_SRC} compat/clock_gettime_osx.c) endif() endif() add_executable(openssl ${OPENSSL_SRC}) target_include_directories(openssl PRIVATE . ../../include/compat) target_link_libraries(openssl ${OPENSSL_LIBS}) if(ENABLE_LIBRESSL_INSTALL) install(TARGETS openssl DESTINATION ${CMAKE_INSTALL_BINDIR}) |
︙ | ︙ |
Changes to jni/libressl/configure.
1 2 | #! /bin/sh # Guess values for system-dependent variables and create Makefiles. | | | 1 2 3 4 5 6 7 8 9 10 | #! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69 for libressl 2.9.2. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. |
︙ | ︙ | |||
583 584 585 586 587 588 589 | subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME='libressl' PACKAGE_TARNAME='libressl' | | | | 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 | subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME='libressl' PACKAGE_TARNAME='libressl' PACKAGE_VERSION='2.9.2' PACKAGE_STRING='libressl 2.9.2' PACKAGE_BUGREPORT='' PACKAGE_URL='' # Factoring default headers for most tests. ac_includes_default="\ #include <stdio.h> #ifdef HAVE_SYS_TYPES_H |
︙ | ︙ | |||
1429 1430 1431 1432 1433 1434 1435 | # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF | | | 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 | # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures libressl 2.9.2 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. |
︙ | ︙ | |||
1499 1500 1501 1502 1503 1504 1505 | --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in | | | 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 | --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in short | recursive ) echo "Configuration of libressl 2.9.2:";; esac cat <<\_ACEOF Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] |
︙ | ︙ | |||
1615 1616 1617 1618 1619 1620 1621 | cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF | | | 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 | cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF libressl configure 2.9.2 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit |
︙ | ︙ | |||
2163 2164 2165 2166 2167 2168 2169 | as_fn_set_status $ac_retval } # ac_fn_c_compute_int cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. | | | 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173 2174 2175 2176 2177 | as_fn_set_status $ac_retval } # ac_fn_c_compute_int cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by libressl $as_me 2.9.2, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ _ACEOF exec 5>>config.log { |
︙ | ︙ | |||
3104 3105 3106 3107 3108 3109 3110 | CYGPATH_W=echo fi fi # Define the identity of the package. PACKAGE='libressl' | | | 3104 3105 3106 3107 3108 3109 3110 3111 3112 3113 3114 3115 3116 3117 3118 | CYGPATH_W=echo fi fi # Define the identity of the package. PACKAGE='libressl' VERSION='2.9.2' cat >>confdefs.h <<_ACEOF #define PACKAGE "$PACKAGE" _ACEOF |
︙ | ︙ | |||
12055 12056 12057 12058 12059 12060 12061 | PLATFORM_LDADD='-lws2_32' ;; *solaris*) HOST_OS=solaris HOST_ABI=elf CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP" | | | 12055 12056 12057 12058 12059 12060 12061 12062 12063 12064 12065 12066 12067 12068 12069 | PLATFORM_LDADD='-lws2_32' ;; *solaris*) HOST_OS=solaris HOST_ABI=elf CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP" PLATFORM_LDADD='-ldl -lnsl -lsocket' ;; *) ;; esac # Check whether --enable-nc was given. if test "${enable_nc+set}" = set; then : |
︙ | ︙ | |||
14838 14839 14840 14841 14842 14843 14844 | test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" | | | 14838 14839 14840 14841 14842 14843 14844 14845 14846 14847 14848 14849 14850 14851 14852 | test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by libressl $as_me 2.9.2, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ |
︙ | ︙ | |||
14895 14896 14897 14898 14899 14900 14901 | Report bugs to the package provider." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ | | | 14895 14896 14897 14898 14899 14900 14901 14902 14903 14904 14905 14906 14907 14908 14909 | Report bugs to the package provider." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ libressl config.status 2.9.2 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." |
︙ | ︙ |
Changes to jni/libressl/crypto/compat/getprogname_linux.c.
1 2 3 4 5 6 7 8 9 | #include <stdlib.h> #include <errno.h> const char * getprogname(void) { return program_invocation_short_name; } | > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | #include <stdlib.h> #include <errno.h> const char * getprogname(void) { /* * Android added getprogname with API 21 [0]. We should not end up here * with APIs bigger than 21. Still write a precise check. * * Since Android is using portions of OpenBSD libc, it should have * a symbol called __progname [1]. * * Regarding program_invocation_short_name, it is a GNU libc ext [2] and * so make it conditional to __GLIBC__ [3]. * * .. [0] https://github.com/aosp-mirror/platform_bionic/blob/1eb6d3/libc/include/stdlib.h#L160 * * .. [1] https://github.com/aosp-mirror/platform_bionic/commit/692207 * * .. [2] https://linux.die.net/man/3/program_invocation_short_name * * .. [3] https://android.googlesource.com/platform/system/core/+/2819c0/base/logging.cpp#65 */ #if defined(__ANDROID_API__) && __ANDROID_API__ < 21 extern const char *__progname; return __progname; #elif defined(__GLIBC__) return program_invocation_short_name; #else #error "Cannot emulate getprogname" #endif } |
Changes to jni/libressl/include/openssl/opensslv.h.
|
| | | | | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | /* $OpenBSD: opensslv.h,v 1.51.2.1 2019/05/13 12:05:04 bcook Exp $ */ #ifndef HEADER_OPENSSLV_H #define HEADER_OPENSSLV_H /* These will change with each release of LibreSSL-portable */ #define LIBRESSL_VERSION_NUMBER 0x2090200fL /* ^ Patch starts here */ #define LIBRESSL_VERSION_TEXT "LibreSSL 2.9.2" /* These will never change */ #define OPENSSL_VERSION_NUMBER 0x20000000L #define OPENSSL_VERSION_TEXT LIBRESSL_VERSION_TEXT #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT #define SHLIB_VERSION_HISTORY "" |
︙ | ︙ |
Changes to jni/libressl/m4/check-os-options.m4.
︙ | ︙ | |||
110 111 112 113 114 115 116 | CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED" AC_SUBST([PLATFORM_LDADD], ['-lws2_32']) ;; *solaris*) HOST_OS=solaris HOST_ABI=elf CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP" | | | 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 | CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED" AC_SUBST([PLATFORM_LDADD], ['-lws2_32']) ;; *solaris*) HOST_OS=solaris HOST_ABI=elf CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP" AC_SUBST([PLATFORM_LDADD], ['-ldl -lnsl -lsocket']) ;; *) ;; esac AC_ARG_ENABLE([nc], AS_HELP_STRING([--enable-nc], [Enable installing TLS-enabled nc(1)])) AM_CONDITIONAL([ENABLE_NC], [test "x$enable_nc" = xyes]) |
︙ | ︙ |
Changes to jni/libressl/ssl/ssl_tlsext.c.
|
| | | 1 2 3 4 5 6 7 8 | /* $OpenBSD: ssl_tlsext.c,v 1.44.2.1 2019/05/15 19:25:15 tb Exp $ */ /* * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org> * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above |
︙ | ︙ | |||
1818 1819 1820 1821 1822 1823 1824 | .build = tlsext_cookie_server_build, .parse = tlsext_cookie_client_parse, }, }, #ifndef OPENSSL_NO_SRTP { .type = TLSEXT_TYPE_use_srtp, | | > | 1818 1819 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 | .build = tlsext_cookie_server_build, .parse = tlsext_cookie_client_parse, }, }, #ifndef OPENSSL_NO_SRTP { .type = TLSEXT_TYPE_use_srtp, .messages = SSL_TLSEXT_MSG_CH | SSL_TLSEXT_MSG_SH /* XXX */ | SSL_TLSEXT_MSG_EE, .client = { .needs = tlsext_srtp_client_needs, .build = tlsext_srtp_client_build, .parse = tlsext_srtp_server_parse, }, .server = { .needs = tlsext_srtp_server_needs, |
︙ | ︙ |