Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | update libressl to version 2.9.2 |
---|---|
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
344943e84b906db507804e1173abd379 |
User & Date: | chw 2019-05-24 18:46:54 |
Context
2019-05-24
| ||
22:16 | update curl to version 7.65.0 check-in: 64dd8bc483 user: chw tags: trunk | |
18:46 | update libressl to version 2.9.2 check-in: 344943e84b user: chw tags: trunk | |
09:37 | improved topcua example from [2d7bf2f037] check-in: 9dc5a09111 user: chw tags: trunk | |
Changes
Changes to jni/libressl/Android.mk.
409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 |
crypto/compat/timingsafe_bcmp.c \
crypto/compat/recallocarray.c \
crypto/compat/arc4random_uniform.c \
crypto/compat/bsd-asprintf.c \
crypto/compat/explicit_bzero.c \
crypto/compat/freezero.c \
crypto/compat/timegm.c \
crypto/compat/getprogname_unimpl.c \
crypto/err/err_all.c \
crypto/err/err.c \
crypto/err/err_prn.c \
crypto/rand/rand_err.c \
crypto/rand/rand_lib.c \
crypto/rand/randfile.c \
crypto/sha/sha1dgst.c \
|
| |
409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 |
crypto/compat/timingsafe_bcmp.c \
crypto/compat/recallocarray.c \
crypto/compat/arc4random_uniform.c \
crypto/compat/bsd-asprintf.c \
crypto/compat/explicit_bzero.c \
crypto/compat/freezero.c \
crypto/compat/timegm.c \
crypto/compat/getprogname_linux.c \
crypto/err/err_all.c \
crypto/err/err.c \
crypto/err/err_prn.c \
crypto/rand/rand_err.c \
crypto/rand/rand_lib.c \
crypto/rand/randfile.c \
crypto/sha/sha1dgst.c \
|
Changes to jni/libressl/ChangeLog.
24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
The portable bits of the project are largely maintained out-of-tree, and their history is also available from Git. https://github.com/libressl-portable/portable LibreSSL Portable Release Notes: 2.9.1 - Stable release * Added support for XChaCha20 and XChaCha20-Poly1305. * Added support for AES key wrap constructions via the EVP interface. * Partial port of the OpenSSL EC_KEY_METHOD API for use by OpenSSH. |
> > > > > > > |
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
The portable bits of the project are largely maintained out-of-tree, and their history is also available from Git. https://github.com/libressl-portable/portable LibreSSL Portable Release Notes: 2.9.2 - Bug fixes * Fixed portable builds with older versions of MacOS, Android targets < API 21, and Solaris 10 * Fixed SRTP profile advertisement for DTLS servers. 2.9.1 - Stable release * Added support for XChaCha20 and XChaCha20-Poly1305. * Added support for AES key wrap constructions via the EVP interface. * Partial port of the OpenSSL EC_KEY_METHOD API for use by OpenSSH. |
Changes to jni/libressl/VERSION.
1 2 |
2.9.1
|
| |
1 2 |
2.9.2
|
Changes to jni/libressl/apps/openssl/CMakeLists.txt.
62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
check_function_exists(strtonum HAVE_STRTONUM) if(HAVE_STRTONUM) add_definitions(-DHAVE_STRTONUM) else() set(OPENSSL_SRC ${OPENSSL_SRC} compat/strtonum.c) endif() add_executable(openssl ${OPENSSL_SRC}) target_include_directories(openssl PRIVATE . ../../include/compat) target_link_libraries(openssl ${OPENSSL_LIBS}) if(ENABLE_LIBRESSL_INSTALL) install(TARGETS openssl DESTINATION ${CMAKE_INSTALL_BINDIR}) |
> > > > > > > |
62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 |
check_function_exists(strtonum HAVE_STRTONUM) if(HAVE_STRTONUM) add_definitions(-DHAVE_STRTONUM) else() set(OPENSSL_SRC ${OPENSSL_SRC} compat/strtonum.c) endif() if(CMAKE_SYSTEM_NAME MATCHES "Darwin") check_function_exists(clock_gettime HAVE_CLOCK_GETTIME) if(NOT HAVE_CLOCK_GETTIME) set(OPENSSL_SRC ${OPENSSL_SRC} compat/clock_gettime_osx.c) endif() endif() add_executable(openssl ${OPENSSL_SRC}) target_include_directories(openssl PRIVATE . ../../include/compat) target_link_libraries(openssl ${OPENSSL_LIBS}) if(ENABLE_LIBRESSL_INSTALL) install(TARGETS openssl DESTINATION ${CMAKE_INSTALL_BINDIR}) |
Changes to jni/libressl/configure.
1 2 3 4 5 6 7 8 9 10 ... 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 .... 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 .... 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 .... 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 .... 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173 2174 2175 2176 2177 .... 3104 3105 3106 3107 3108 3109 3110 3111 3112 3113 3114 3115 3116 3117 3118 ..... 12055 12056 12057 12058 12059 12060 12061 12062 12063 12064 12065 12066 12067 12068 12069 ..... 14838 14839 14840 14841 14842 14843 14844 14845 14846 14847 14848 14849 14850 14851 14852 ..... 14895 14896 14897 14898 14899 14900 14901 14902 14903 14904 14905 14906 14907 14908 14909 |
#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69 for libressl 2.9.1. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ................................................................................ subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME='libressl' PACKAGE_TARNAME='libressl' PACKAGE_VERSION='2.9.1' PACKAGE_STRING='libressl 2.9.1' PACKAGE_BUGREPORT='' PACKAGE_URL='' # Factoring default headers for most tests. ac_includes_default="\ #include <stdio.h> #ifdef HAVE_SYS_TYPES_H ................................................................................ # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures libressl 2.9.1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. ................................................................................ --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in short | recursive ) echo "Configuration of libressl 2.9.1:";; esac cat <<\_ACEOF Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] ................................................................................ cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF libressl configure 2.9.1 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit ................................................................................ as_fn_set_status $ac_retval } # ac_fn_c_compute_int cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by libressl $as_me 2.9.1, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ _ACEOF exec 5>>config.log { ................................................................................ CYGPATH_W=echo fi fi # Define the identity of the package. PACKAGE='libressl' VERSION='2.9.1' cat >>confdefs.h <<_ACEOF #define PACKAGE "$PACKAGE" _ACEOF ................................................................................ PLATFORM_LDADD='-lws2_32' ;; *solaris*) HOST_OS=solaris HOST_ABI=elf CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP" PLATFORM_LDADD='-lnsl -lsocket' ;; *) ;; esac # Check whether --enable-nc was given. if test "${enable_nc+set}" = set; then : ................................................................................ test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by libressl $as_me 2.9.1, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ ................................................................................ Report bugs to the package provider." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ libressl config.status 2.9.1 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." |
| | | | | | | | | | | |
1 2 3 4 5 6 7 8 9 10 ... 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 .... 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 .... 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 .... 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 .... 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173 2174 2175 2176 2177 .... 3104 3105 3106 3107 3108 3109 3110 3111 3112 3113 3114 3115 3116 3117 3118 ..... 12055 12056 12057 12058 12059 12060 12061 12062 12063 12064 12065 12066 12067 12068 12069 ..... 14838 14839 14840 14841 14842 14843 14844 14845 14846 14847 14848 14849 14850 14851 14852 ..... 14895 14896 14897 14898 14899 14900 14901 14902 14903 14904 14905 14906 14907 14908 14909 |
#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69 for libressl 2.9.2. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ................................................................................ subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME='libressl' PACKAGE_TARNAME='libressl' PACKAGE_VERSION='2.9.2' PACKAGE_STRING='libressl 2.9.2' PACKAGE_BUGREPORT='' PACKAGE_URL='' # Factoring default headers for most tests. ac_includes_default="\ #include <stdio.h> #ifdef HAVE_SYS_TYPES_H ................................................................................ # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures libressl 2.9.2 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. ................................................................................ --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in short | recursive ) echo "Configuration of libressl 2.9.2:";; esac cat <<\_ACEOF Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] ................................................................................ cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF libressl configure 2.9.2 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit ................................................................................ as_fn_set_status $ac_retval } # ac_fn_c_compute_int cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by libressl $as_me 2.9.2, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ _ACEOF exec 5>>config.log { ................................................................................ CYGPATH_W=echo fi fi # Define the identity of the package. PACKAGE='libressl' VERSION='2.9.2' cat >>confdefs.h <<_ACEOF #define PACKAGE "$PACKAGE" _ACEOF ................................................................................ PLATFORM_LDADD='-lws2_32' ;; *solaris*) HOST_OS=solaris HOST_ABI=elf CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP" PLATFORM_LDADD='-ldl -lnsl -lsocket' ;; *) ;; esac # Check whether --enable-nc was given. if test "${enable_nc+set}" = set; then : ................................................................................ test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by libressl $as_me 2.9.2, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ ................................................................................ Report bugs to the package provider." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ libressl config.status 2.9.2 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." |
Changes to jni/libressl/crypto/compat/getprogname_linux.c.
1 2 3 4 5 6 7 8 9 |
#include <stdlib.h> #include <errno.h> const char * getprogname(void) { return program_invocation_short_name; } |
> > > > > > > > > > > > > > > > > > > > > > > > > |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
#include <stdlib.h> #include <errno.h> const char * getprogname(void) { /* * Android added getprogname with API 21 [0]. We should not end up here * with APIs bigger than 21. Still write a precise check. * * Since Android is using portions of OpenBSD libc, it should have * a symbol called __progname [1]. * * Regarding program_invocation_short_name, it is a GNU libc ext [2] and * so make it conditional to __GLIBC__ [3]. * * .. [0] https://github.com/aosp-mirror/platform_bionic/blob/1eb6d3/libc/include/stdlib.h#L160 * * .. [1] https://github.com/aosp-mirror/platform_bionic/commit/692207 * * .. [2] https://linux.die.net/man/3/program_invocation_short_name * * .. [3] https://android.googlesource.com/platform/system/core/+/2819c0/base/logging.cpp#65 */ #if defined(__ANDROID_API__) && __ANDROID_API__ < 21 extern const char *__progname; return __progname; #elif defined(__GLIBC__) return program_invocation_short_name; #else #error "Cannot emulate getprogname" #endif } |
Changes to jni/libressl/include/openssl/opensslv.h.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
/* $OpenBSD: opensslv.h,v 1.51 2019/03/27 02:08:24 bcook Exp $ */ #ifndef HEADER_OPENSSLV_H #define HEADER_OPENSSLV_H /* These will change with each release of LibreSSL-portable */ #define LIBRESSL_VERSION_NUMBER 0x2090100fL /* ^ Patch starts here */ #define LIBRESSL_VERSION_TEXT "LibreSSL 2.9.1" /* These will never change */ #define OPENSSL_VERSION_NUMBER 0x20000000L #define OPENSSL_VERSION_TEXT LIBRESSL_VERSION_TEXT #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT #define SHLIB_VERSION_HISTORY "" #define SHLIB_VERSION_NUMBER "1.0.0" #endif /* HEADER_OPENSSLV_H */ |
| | | |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
/* $OpenBSD: opensslv.h,v 1.51.2.1 2019/05/13 12:05:04 bcook Exp $ */ #ifndef HEADER_OPENSSLV_H #define HEADER_OPENSSLV_H /* These will change with each release of LibreSSL-portable */ #define LIBRESSL_VERSION_NUMBER 0x2090200fL /* ^ Patch starts here */ #define LIBRESSL_VERSION_TEXT "LibreSSL 2.9.2" /* These will never change */ #define OPENSSL_VERSION_NUMBER 0x20000000L #define OPENSSL_VERSION_TEXT LIBRESSL_VERSION_TEXT #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT #define SHLIB_VERSION_HISTORY "" #define SHLIB_VERSION_NUMBER "1.0.0" #endif /* HEADER_OPENSSLV_H */ |
Changes to jni/libressl/m4/check-os-options.m4.
110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 |
CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED" AC_SUBST([PLATFORM_LDADD], ['-lws2_32']) ;; *solaris*) HOST_OS=solaris HOST_ABI=elf CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP" AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket']) ;; *) ;; esac AC_ARG_ENABLE([nc], AS_HELP_STRING([--enable-nc], [Enable installing TLS-enabled nc(1)])) AM_CONDITIONAL([ENABLE_NC], [test "x$enable_nc" = xyes]) |
| |
110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 |
CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED"
AC_SUBST([PLATFORM_LDADD], ['-lws2_32'])
;;
*solaris*)
HOST_OS=solaris
HOST_ABI=elf
CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP"
AC_SUBST([PLATFORM_LDADD], ['-ldl -lnsl -lsocket'])
;;
*) ;;
esac
AC_ARG_ENABLE([nc],
AS_HELP_STRING([--enable-nc], [Enable installing TLS-enabled nc(1)]))
AM_CONDITIONAL([ENABLE_NC], [test "x$enable_nc" = xyes])
|
Changes to jni/libressl/ssl/ssl_tlsext.c.
1
2
3
4
5
6
7
8
....
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
|
/* $OpenBSD: ssl_tlsext.c,v 1.44 2019/03/25 17:21:18 jsing Exp $ */ /* * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org> * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above ................................................................................ .build = tlsext_cookie_server_build, .parse = tlsext_cookie_client_parse, }, }, #ifndef OPENSSL_NO_SRTP { .type = TLSEXT_TYPE_use_srtp, .messages = SSL_TLSEXT_MSG_CH | SSL_TLSEXT_MSG_EE, .client = { .needs = tlsext_srtp_client_needs, .build = tlsext_srtp_client_build, .parse = tlsext_srtp_server_parse, }, .server = { .needs = tlsext_srtp_server_needs, |
|
|
>
|
1
2
3
4
5
6
7
8
....
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
|
/* $OpenBSD: ssl_tlsext.c,v 1.44.2.1 2019/05/15 19:25:15 tb Exp $ */ /* * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org> * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above ................................................................................ .build = tlsext_cookie_server_build, .parse = tlsext_cookie_client_parse, }, }, #ifndef OPENSSL_NO_SRTP { .type = TLSEXT_TYPE_use_srtp, .messages = SSL_TLSEXT_MSG_CH | SSL_TLSEXT_MSG_SH /* XXX */ | SSL_TLSEXT_MSG_EE, .client = { .needs = tlsext_srtp_client_needs, .build = tlsext_srtp_client_build, .parse = tlsext_srtp_server_parse, }, .server = { .needs = tlsext_srtp_server_needs, |