diff --git a/deps/openssl/openssl/CHANGES b/deps/openssl/openssl/CHANGES index 117ba6d79a59af..d4700d9d799e51 100644 --- a/deps/openssl/openssl/CHANGES +++ b/deps/openssl/openssl/CHANGES @@ -2,6 +2,11 @@ OpenSSL CHANGES _______________ + Changes between 1.0.1k and 1.0.1l [15 Jan 2015] + + *) Build fixes for the Windows and OpenVMS platforms + [Matt Caswell and Richard Levitte] + Changes between 1.0.1j and 1.0.1k [8 Jan 2015] *) Fix DTLS segmentation fault in dtls1_get_record. A carefully crafted DTLS diff --git a/deps/openssl/openssl/Makefile b/deps/openssl/openssl/Makefile index 6282bdebab6285..f68eab69676aaa 100644 --- a/deps/openssl/openssl/Makefile +++ b/deps/openssl/openssl/Makefile @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=1.0.1k +VERSION=1.0.1l MAJOR=1 MINOR=0.1 SHLIB_VERSION_NUMBER=1.0.0 diff --git a/deps/openssl/openssl/Makefile.bak b/deps/openssl/openssl/Makefile.bak index 34fd58f46871ba..d6e20cca28555f 100644 --- a/deps/openssl/openssl/Makefile.bak +++ b/deps/openssl/openssl/Makefile.bak @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=1.0.1k-dev +VERSION=1.0.1l-dev MAJOR=1 MINOR=0.1 SHLIB_VERSION_NUMBER=1.0.0 diff --git a/deps/openssl/openssl/NEWS b/deps/openssl/openssl/NEWS index 85969135ff17d6..4ff27753ea7d30 100644 --- a/deps/openssl/openssl/NEWS +++ b/deps/openssl/openssl/NEWS @@ -5,6 +5,10 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015] + + o Build fixes for the Windows and OpenVMS platforms + Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015] o Fix for CVE-2014-3571 diff --git a/deps/openssl/openssl/README b/deps/openssl/openssl/README index df2734d3b5a4ba..ef7eec7a2b7c25 100644 --- a/deps/openssl/openssl/README +++ b/deps/openssl/openssl/README @@ -1,5 +1,5 @@ - OpenSSL 1.0.1k 8 Jan 2015 + OpenSSL 1.0.1l 15 Jan 2015 Copyright (c) 1998-2011 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/deps/openssl/openssl/crypto/Makefile b/deps/openssl/openssl/crypto/Makefile index 2b6397a24b4dc8..2355661f40fa31 100644 --- a/deps/openssl/openssl/crypto/Makefile +++ b/deps/openssl/openssl/crypto/Makefile @@ -55,7 +55,7 @@ top: all: shared buildinf.h: ../Makefile - $(PERL) $(TOP)/util/mkbuildinf.pl "$(CFLAGS)" "$(PLATFORM)" >buildinf.h + $(PERL) $(TOP)/util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)" >buildinf.h x86cpuid.s: x86cpuid.pl perlasm/x86asm.pl $(PERL) x86cpuid.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@ diff --git a/deps/openssl/openssl/crypto/cversion.c b/deps/openssl/openssl/crypto/cversion.c index 0336adaa578482..881957e8923e15 100644 --- a/deps/openssl/openssl/crypto/cversion.c +++ b/deps/openssl/openssl/crypto/cversion.c @@ -77,7 +77,7 @@ const char *SSLeay_version(int t) if (t == SSLEAY_CFLAGS) { #ifdef CFLAGS - return(cflags); + return(CFLAGS); #else return("compiler: information not available"); #endif diff --git a/deps/openssl/openssl/crypto/ecdsa/Makefile b/deps/openssl/openssl/crypto/ecdsa/Makefile index 60c876df1abf69..e89e0c010c6b93 100644 --- a/deps/openssl/openssl/crypto/ecdsa/Makefile +++ b/deps/openssl/openssl/crypto/ecdsa/Makefile @@ -126,16 +126,15 @@ ecs_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h ecs_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h ecs_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h ecs_sign.o: ecs_locl.h ecs_sign.c -ecs_vrf.o: ../../e_os.h ../../include/openssl/asn1.h -ecs_vrf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -ecs_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -ecs_vrf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -ecs_vrf.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -ecs_vrf.o: ../../include/openssl/err.h ../../include/openssl/evp.h +ecs_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ecs_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +ecs_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ecs_vrf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ecs_vrf.o: ../../include/openssl/engine.h ../../include/openssl/evp.h ecs_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h ecs_vrf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h ecs_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ecs_vrf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h ecs_vrf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h ecs_vrf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -ecs_vrf.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ecs_locl.h ecs_vrf.c +ecs_vrf.o: ../../include/openssl/x509_vfy.h ecs_locl.h ecs_vrf.c diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_vrf.c b/deps/openssl/openssl/crypto/ecdsa/ecs_vrf.c index 2836efe5eff228..188b9d57b40c96 100644 --- a/deps/openssl/openssl/crypto/ecdsa/ecs_vrf.c +++ b/deps/openssl/openssl/crypto/ecdsa/ecs_vrf.c @@ -57,7 +57,7 @@ */ #include "ecs_locl.h" -#include "cryptlib.h" +#include #ifndef OPENSSL_NO_ENGINE #include #endif diff --git a/deps/openssl/openssl/crypto/opensslv.h b/deps/openssl/openssl/crypto/opensslv.h index 0aebfd44662650..4a1df08f6c3069 100644 --- a/deps/openssl/openssl/crypto/opensslv.h +++ b/deps/openssl/openssl/crypto/opensslv.h @@ -29,11 +29,11 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x100010bfL +#define OPENSSL_VERSION_NUMBER 0x100010cfL #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1k-fips 8 Jan 2015" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1l-fips 15 Jan 2015" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1k 8 Jan 2015" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1l 15 Jan 2015" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/deps/openssl/openssl/crypto/rand/rand_win.c b/deps/openssl/openssl/crypto/rand/rand_win.c index 34ffcd23f9a097..c37c416b889195 100644 --- a/deps/openssl/openssl/crypto/rand/rand_win.c +++ b/deps/openssl/openssl/crypto/rand/rand_win.c @@ -196,12 +196,6 @@ int RAND_poll(void) DWORD w; int good = 0; - /* Determine the OS version we are on so we can turn off things - * that do not work properly. - */ - OSVERSIONINFO osverinfo ; - osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ; - GetVersionEx( &osverinfo ) ; #if defined(OPENSSL_SYS_WINCE) # if defined(_WIN32_WCE) && _WIN32_WCE>=300 @@ -281,56 +275,6 @@ int RAND_poll(void) * at random times on Windows 2000. Reported by Jeffrey Altman. * Only use it on NT. */ - /* Wolfgang Marczy reports that - * the RegQueryValueEx call below can hang on NT4.0 (SP6). - * So we don't use this at all for now. */ -#if 0 - if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT && - osverinfo.dwMajorVersion < 5) - { - /* Read Performance Statistics from NT/2000 registry - * The size of the performance data can vary from call - * to call so we must guess the size of the buffer to use - * and increase its size if we get an ERROR_MORE_DATA - * return instead of ERROR_SUCCESS. - */ - LONG rc=ERROR_MORE_DATA; - char * buf=NULL; - DWORD bufsz=0; - DWORD length; - - while (rc == ERROR_MORE_DATA) - { - buf = realloc(buf,bufsz+8192); - if (!buf) - break; - bufsz += 8192; - - length = bufsz; - rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, TEXT("Global"), - NULL, NULL, buf, &length); - } - if (rc == ERROR_SUCCESS) - { - /* For entropy count assume only least significant - * byte of each DWORD is random. - */ - RAND_add(&length, sizeof(length), 0); - RAND_add(buf, length, length / 4.0); - - /* Close the Registry Key to allow Windows to cleanup/close - * the open handle - * Note: The 'HKEY_PERFORMANCE_DATA' key is implicitly opened - * when the RegQueryValueEx above is done. However, if - * it is not explicitly closed, it can cause disk - * partition manipulation problems. - */ - RegCloseKey(HKEY_PERFORMANCE_DATA); - } - if (buf) - free(buf); - } -#endif if (advapi) { @@ -383,7 +327,7 @@ int RAND_poll(void) if (advapi) FreeLibrary(advapi); - if ((osverinfo.dwPlatformId != VER_PLATFORM_WIN32_NT || + if ((!check_winnt() || !OPENSSL_isservice()) && (user = LoadLibrary(TEXT("USER32.DLL")))) { @@ -407,8 +351,7 @@ int RAND_poll(void) * on NT4 even though it exists in SP3 (or SP6) and * higher. */ - if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT && - osverinfo.dwMajorVersion < 5) + if (check_winnt() && !check_win_minplat(5)) cursor = 0; } if (cursor) diff --git a/deps/openssl/openssl/crypto/x509v3/v3_ncons.c b/deps/openssl/openssl/crypto/x509v3/v3_ncons.c index a01dc64dd22e83..3b0f1bd1bd0bec 100644 --- a/deps/openssl/openssl/crypto/x509v3/v3_ncons.c +++ b/deps/openssl/openssl/crypto/x509v3/v3_ncons.c @@ -401,7 +401,7 @@ static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base) if (dns->length > base->length) { dnsptr += dns->length - base->length; - if (dnsptr[-1] != '.') + if (*baseptr != '.' && dnsptr[-1] != '.') return X509_V_ERR_PERMITTED_VIOLATION; } diff --git a/deps/openssl/openssl/e_os.h b/deps/openssl/openssl/e_os.h index 832272e9866e90..4df285b5b5a0c8 100644 --- a/deps/openssl/openssl/e_os.h +++ b/deps/openssl/openssl/e_os.h @@ -368,11 +368,13 @@ static __inline unsigned int _strlen31(const char *str) # define DEFAULT_HOME "C:" # endif -/* Avoid Windows 8 SDK GetVersion deprecated problems */ +/* Avoid Visual Studio 13 GetVersion deprecated problems */ #if defined(_MSC_VER) && _MSC_VER>=1800 # define check_winnt() (1) +# define check_win_minplat(x) (1) #else # define check_winnt() (GetVersion() < 0x80000000) +# define check_win_minplat(x) (LOBYTE(LOWORD(GetVersion())) >= (x)) #endif #else /* The non-microsoft world */ diff --git a/deps/openssl/openssl/makevms.com b/deps/openssl/openssl/makevms.com index e4f5a86b61580a..01ada3a57bf895 100755 --- a/deps/openssl/openssl/makevms.com +++ b/deps/openssl/openssl/makevms.com @@ -646,7 +646,7 @@ $ if (CFLAGS .nes. "") then CFLAGS = CFLAGS+ " " $ CFLAGS = CFLAGS+ "/DEFINE=ZLIB" $ endif $! -$ WRITE H_FILE "#define CFLAGS" +$ WRITE H_FILE "#define CFLAGS cflags" $ WRITE H_FILE "static const char cflags[] = ""compiler: ''CFLAGS'"";" $ WRITE H_FILE "#define PLATFORM ""platform: VMS ''ARCHD' ''VMS_VERSION'""" $ WRITE H_FILE "#define DATE ""built on: ''TIME'"" " diff --git a/deps/openssl/openssl/openssl.spec b/deps/openssl/openssl/openssl.spec index 707dd2c5782068..70cfc7da92465e 100644 --- a/deps/openssl/openssl/openssl.spec +++ b/deps/openssl/openssl/openssl.spec @@ -7,7 +7,7 @@ Release: 1 Summary: Secure Sockets Layer and cryptography libraries and tools Name: openssl #Version: %{libmaj}.%{libmin}.%{librel} -Version: 1.0.1k +Version: 1.0.1l Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz License: OpenSSL Group: System Environment/Libraries diff --git a/deps/openssl/openssl/util/mk1mf.pl b/deps/openssl/openssl/util/mk1mf.pl index d3f5424ff30def..550ef9f6853476 100755 --- a/deps/openssl/openssl/util/mk1mf.pl +++ b/deps/openssl/openssl/util/mk1mf.pl @@ -625,7 +625,7 @@ printf OUT <