Skip to content

Commit

Permalink
deps: upgrade openssl sources to 1.1.1b
Browse files Browse the repository at this point in the history
This updates all sources in deps/openssl/openssl with openssl-1.1.1b.

Backport-PR-URL: #27419
PR-URL: #26327
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
  • Loading branch information
sam-github authored and MylesBorins committed May 16, 2019
1 parent a8ad994 commit c0e4d6e
Show file tree
Hide file tree
Showing 452 changed files with 6,927 additions and 4,232 deletions.
3 changes: 0 additions & 3 deletions deps/openssl/openssl/.gitattributes

This file was deleted.

14 changes: 0 additions & 14 deletions deps/openssl/openssl/.github/PULL_REQUEST_TEMPLATE.md

This file was deleted.

11 changes: 0 additions & 11 deletions deps/openssl/openssl/.gitmodules

This file was deleted.

15 changes: 0 additions & 15 deletions deps/openssl/openssl/.travis-apt-pin.preferences

This file was deleted.

11 changes: 0 additions & 11 deletions deps/openssl/openssl/.travis-create-release.sh

This file was deleted.

254 changes: 0 additions & 254 deletions deps/openssl/openssl/.travis.yml

This file was deleted.

38 changes: 38 additions & 0 deletions deps/openssl/openssl/CHANGES
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,44 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.

Changes between 1.1.1a and 1.1.1b [26 Feb 2019]

*) Added SCA hardening for modular field inversion in EC_GROUP through
a new dedicated field_inv() pointer in EC_METHOD.
This also addresses a leakage affecting conversions from projective
to affine coordinates.
[Billy Bob Brumley, Nicola Tuveri]

*) Change the info callback signals for the start and end of a post-handshake
message exchange in TLSv1.3. In 1.1.1/1.1.1a we used SSL_CB_HANDSHAKE_START
and SSL_CB_HANDSHAKE_DONE. Experience has shown that many applications get
confused by this and assume that a TLSv1.2 renegotiation has started. This
can break KeyUpdate handling. Instead we no longer signal the start and end
of a post handshake message exchange (although the messages themselves are
still signalled). This could break some applications that were expecting
the old signals. However without this KeyUpdate is not usable for many
applications.
[Matt Caswell]

*) Fix a bug in the computation of the endpoint-pair shared secret used
by DTLS over SCTP. This breaks interoperability with older versions
of OpenSSL like OpenSSL 1.1.0 and OpenSSL 1.0.2. There is a runtime
switch SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG (off by default) enabling
interoperability with such broken implementations. However, enabling
this switch breaks interoperability with correct implementations.

*) Fix a use after free bug in d2i_X509_PUBKEY when overwriting a
re-used X509_PUBKEY object if the second PUBKEY is malformed.
[Bernd Edlinger]

*) Move strictness check from EVP_PKEY_asn1_new() to EVP_PKEY_asn1_add0().
[Richard Levitte]

*) Remove the 'dist' target and add a tarball building script. The
'dist' target has fallen out of use, and it shouldn't be
necessary to configure just to create a source distribution.
[Richard Levitte]

Changes between 1.1.1 and 1.1.1a [20 Nov 2018]

*) Timing vulnerability in DSA signature generation
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/CONTRIBUTING
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ guidelines:
7. For user visible changes (API changes, behaviour changes, ...),
consider adding a note in CHANGES. This could be a summarising
description of the change, and could explain the grander details.
Have a look through existing entries for inspiration.
Have a look through existing entries for inspiration.
Please note that this is NOT simply a copy of git-log oneliners.
Also note that security fixes get an entry in CHANGES.
This file helps users get more in depth information of what comes
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/Configurations/00-base-templates.conf
Original file line number Diff line number Diff line change
Expand Up @@ -306,7 +306,7 @@ my %targets=(
sha1_asm_src => "sha1-armv4-large.S sha256-armv4.S sha512-armv4.S",
modes_asm_src => "ghash-armv4.S ghashv8-armx.S",
chacha_asm_src => "chacha-armv4.S",
poly1305_asm_src=> "poly1305-armv4.S",
poly1305_asm_src=> "poly1305-armv4.S",
keccak1600_asm_src => "keccak1600-armv4.S",
perlasm_scheme => "void"
},
Expand Down
Loading

0 comments on commit c0e4d6e

Please sign in to comment.