deps: upgrade openssl sources to 1.1.0j

This updates all sources in deps/openssl/openssl with openssl-1.1.0j.

PR-URL: https://github.com/nodejs/node/pull/24523
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>

5 files changed, 51 insertions, 26 deletions

diff --git a/deps/openssl/openssl/apps/apps.c b/deps/openssl/openssl/apps/apps.c
index d52201f1f3..94efa5ac05 100644
--- a/deps/openssl/openssl/apps/apps.c
+++ b/deps/openssl/openssl/apps/apps.c
@@ -1707,8 +1707,14 @@ X509_NAME *parse_name(const char *cp, long chtype, int canmulti)
     char *work;
     X509_NAME *n;
 
-    if (*cp++ != '/')
+    if (*cp++ != '/') {
+        BIO_printf(bio_err,
+                   "name is expected to be in the format "
+                   "/type0=value0/type1=value1/type2=... where characters may "
+                   "be escaped by \\. This name is not in that format: '%s'\n",
+                   --cp);
         return NULL;
+    }
 
     n = X509_NAME_new();
     if (n == NULL)
@@ -1764,6 +1770,12 @@ X509_NAME *parse_name(const char *cp, long chtype, int canmulti)
                       opt_getprog(), typestr);
             continue;
         }
+        if (*valstr == '\0') {
+            BIO_printf(bio_err,
+                       "%s: No value provided for Subject Attribute %s, skipped\n",
+                       opt_getprog(), typestr);
+            continue;
+        }
         if (!X509_NAME_add_entry_by_NID(n, nid, chtype,
                                         valstr, strlen((char *)valstr),
                                         -1, ismulti ? -1 : 0))
diff --git a/deps/openssl/openssl/apps/pkey.c b/deps/openssl/openssl/apps/pkey.c
index ad1a3b10eb..5c13d8b87a 100644
--- a/deps/openssl/openssl/apps/pkey.c
+++ b/deps/openssl/openssl/apps/pkey.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -141,24 +141,30 @@ int pkey_main(int argc, char **argv)
 
     if (!noout) {
         if (outformat == FORMAT_PEM) {
-            if (pubout)
-                PEM_write_bio_PUBKEY(out, pkey);
-            else {
+            if (pubout) {
+                if (!PEM_write_bio_PUBKEY(out, pkey))
+                    goto end;
+            } else {
                 assert(private);
-                if (traditional)
-                    PEM_write_bio_PrivateKey_traditional(out, pkey, cipher,
-                                                         NULL, 0, NULL,
-                                                         passout);
-                else
-                    PEM_write_bio_PrivateKey(out, pkey, cipher,
-                                             NULL, 0, NULL, passout);
+                if (traditional) {
+                    if (!PEM_write_bio_PrivateKey_traditional(out, pkey, cipher,
+                                                              NULL, 0, NULL,
+                                                              passout))
+                        goto end;
+                } else {
+                    if (!PEM_write_bio_PrivateKey(out, pkey, cipher,
+                                                  NULL, 0, NULL, passout))
+                        goto end;
+                }
             }
         } else if (outformat == FORMAT_ASN1) {
-            if (pubout)
-                i2d_PUBKEY_bio(out, pkey);
-            else {
+            if (pubout) {
+                if (!i2d_PUBKEY_bio(out, pkey))
+                    goto end;
+            } else {
                 assert(private);
-                i2d_PrivateKey_bio(out, pkey);
+                if (!i2d_PrivateKey_bio(out, pkey))
+                    goto end;
             }
         } else {
             BIO_printf(bio_err, "Bad format specified for key\n");
@@ -168,17 +174,21 @@ int pkey_main(int argc, char **argv)
     }
 
     if (text) {
-        if (pubtext)
-            EVP_PKEY_print_public(out, pkey, 0, NULL);
-        else {
+        if (pubtext) {
+            if (EVP_PKEY_print_public(out, pkey, 0, NULL) <= 0)
+                goto end;
+        } else {
             assert(private);
-            EVP_PKEY_print_private(out, pkey, 0, NULL);
+            if (EVP_PKEY_print_private(out, pkey, 0, NULL) <= 0)
+                goto end;
         }
     }
 
     ret = 0;
 
  end:
+    if (ret != 0)
+        ERR_print_errors(bio_err);
     EVP_PKEY_free(pkey);
     release_engine(e);
     BIO_free_all(out);
diff --git a/deps/openssl/openssl/apps/req.c b/deps/openssl/openssl/apps/req.c
index 2a2156953a..a20e7c1ef1 100644
--- a/deps/openssl/openssl/apps/req.c
+++ b/deps/openssl/openssl/apps/req.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -509,8 +509,7 @@ int req_main(int argc, char **argv)
         if (pkey_type == EVP_PKEY_EC) {
             BIO_printf(bio_err, "Generating an EC private key\n");
         } else {
-            BIO_printf(bio_err, "Generating a %ld bit %s private key\n",
-                       newkey, keyalgstr);
+            BIO_printf(bio_err, "Generating a %s private key\n", keyalgstr);
         }
 
         EVP_PKEY_CTX_set_cb(genctx, genpkey_cb);
diff --git a/deps/openssl/openssl/apps/s_server.c b/deps/openssl/openssl/apps/s_server.c
index e8aa323a4f..86298334bd 100644
--- a/deps/openssl/openssl/apps/s_server.c
+++ b/deps/openssl/openssl/apps/s_server.c
@@ -2660,8 +2660,10 @@ static int www_body(int s, int stype, unsigned char *context)
 
     if (context
         && !SSL_set_session_id_context(con, context,
-                                       strlen((char *)context)))
+                                       strlen((char *)context))) {
+        SSL_free(con);
         goto err;
+    }
 
     sbio = BIO_new_socket(s, BIO_NOCLOSE);
     if (s_nbio_test) {
@@ -2673,7 +2675,7 @@ static int www_body(int s, int stype, unsigned char *context)
     SSL_set_bio(con, sbio, sbio);
     SSL_set_accept_state(con);
 
-    /* SSL_set_fd(con,s); */
+    /* No need to free |con| after this. Done by BIO_free(ssl_bio) */
     BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
     BIO_push(io, ssl_bio);
 #ifdef CHARSET_EBCDIC
@@ -3030,6 +3032,7 @@ static int rev_body(int s, int stype, unsigned char *context)
     if (context
         && !SSL_set_session_id_context(con, context,
                                        strlen((char *)context))) {
+        SSL_free(con);
         ERR_print_errors(bio_err);
         goto err;
     }
@@ -3038,6 +3041,7 @@ static int rev_body(int s, int stype, unsigned char *context)
     SSL_set_bio(con, sbio, sbio);
     SSL_set_accept_state(con);
 
+    /* No need to free |con| after this. Done by BIO_free(ssl_bio) */
     BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
     BIO_push(io, ssl_bio);
 #ifdef CHARSET_EBCDIC
diff --git a/deps/openssl/openssl/apps/speed.c b/deps/openssl/openssl/apps/speed.c
index 3ef37b78a6..6672fe606a 100644
--- a/deps/openssl/openssl/apps/speed.c
+++ b/deps/openssl/openssl/apps/speed.c
@@ -2541,7 +2541,7 @@ int speed_main(int argc, char **argv)
 
             if (rsa_count <= 1) {
                 /* if longer than 10s, don't do any more */
-                for (testnum++; testnum < EC_NUM; testnum++)
+                for (testnum++; testnum < ECDSA_NUM; testnum++)
                     ecdsa_doit[testnum] = 0;
             }
         }