diff options
author | Shigeki Ohtsu <ohtsu@iij.ad.jp> | 2015-12-04 00:41:27 +0900 |
---|---|---|
committer | Shigeki Ohtsu <ohtsu@iij.ad.jp> | 2015-12-04 03:56:12 +0900 |
commit | ff4f16b7dd92f74bfa77207c623d6e7d13e19baf (patch) | |
tree | e2d867b594a7281e98d22c754425b06187d8fe91 /deps/openssl/openssl/include | |
parent | 181816ea1629b6bb8419d72a4fbe93df0f094831 (diff) | |
download | android-node-v8-ff4f16b7dd92f74bfa77207c623d6e7d13e19baf.tar.gz android-node-v8-ff4f16b7dd92f74bfa77207c623d6e7d13e19baf.tar.bz2 android-node-v8-ff4f16b7dd92f74bfa77207c623d6e7d13e19baf.zip |
deps: upgrade openssl sources to 1.0.2e
This just replaces all sources of openssl-1.0.2e.tar.gz into
deps/openssl/openssl
deps: copy all openssl header files to include dir
All symlink files in `deps/openssl/openssl/include/openssl/`
are removed and replaced with real header files to avoid
issues on Windows. Two files of opensslconf.h in crypto and
include dir are replaced to refer config/opensslconf.h.
deps: fix openssl assembly error on ia32 win32
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and
perhaps others) are requiring .686 .
deps: fix asm build error of openssl in x86_win32
See
https://mta.openssl.org/pipermail/openssl-dev/2015-February/000651.html
node needs to stop using masm and move to nasm or yasm on Win32.
openssl: fix keypress requirement in apps on win32
Reapply b910613792dac946b295855963869933a9089044 .
deps: add -no_rand_screen to openssl s_client
In openssl s_client on Windows, RAND_screen() is invoked to initialize
random state but it takes several seconds in each connection.
This added -no_rand_screen to openssl s_client on Windows to skip
RAND_screen() and gets a better performance in the unit test of
test-tls-server-verify.
Do not enable this except to use in the unit test.
deps: update openssl config files
Regenrate config files for supported platforms with Makefile.
deps: update openssl asm and asm_obsolete files
Regenerate asm files with Makefile and CC=gcc and ASM=gcc where
gcc-4.8.4. Also asm files in asm_obsolete dir to support old compiler
and assmebler are regenerated without CC and ASM envs.
PR-URL: https://github.com/nodejs/node/pull/4134
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Diffstat (limited to 'deps/openssl/openssl/include')
-rw-r--r-- | deps/openssl/openssl/include/openssl/buffer.h | 6 | ||||
-rw-r--r-- | deps/openssl/openssl/include/openssl/dh.h | 2 | ||||
-rw-r--r-- | deps/openssl/openssl/include/openssl/ec.h | 2 | ||||
-rw-r--r-- | deps/openssl/openssl/include/openssl/ecdsa.h | 2 | ||||
-rw-r--r-- | deps/openssl/openssl/include/openssl/opensslv.h | 6 | ||||
-rw-r--r-- | deps/openssl/openssl/include/openssl/ssl.h | 4 | ||||
-rw-r--r-- | deps/openssl/openssl/include/openssl/tls1.h | 17 |
7 files changed, 23 insertions, 16 deletions
diff --git a/deps/openssl/openssl/include/openssl/buffer.h b/deps/openssl/openssl/include/openssl/buffer.h index c343dd772f..efd240a5f9 100644 --- a/deps/openssl/openssl/include/openssl/buffer.h +++ b/deps/openssl/openssl/include/openssl/buffer.h @@ -86,7 +86,13 @@ int BUF_MEM_grow(BUF_MEM *str, size_t len); int BUF_MEM_grow_clean(BUF_MEM *str, size_t len); size_t BUF_strnlen(const char *str, size_t maxlen); char *BUF_strdup(const char *str); + +/* + * Like strndup, but in addition, explicitly guarantees to never read past the + * first |siz| bytes of |str|. + */ char *BUF_strndup(const char *str, size_t siz); + void *BUF_memdup(const void *data, size_t siz); void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz); diff --git a/deps/openssl/openssl/include/openssl/dh.h b/deps/openssl/openssl/include/openssl/dh.h index 0502f1a9cc..b177673281 100644 --- a/deps/openssl/openssl/include/openssl/dh.h +++ b/deps/openssl/openssl/include/openssl/dh.h @@ -142,7 +142,7 @@ struct dh_st { BIGNUM *p; BIGNUM *g; long length; /* optional */ - BIGNUM *pub_key; /* g^x */ + BIGNUM *pub_key; /* g^x % p */ BIGNUM *priv_key; /* x */ int flags; BN_MONT_CTX *method_mont_p; diff --git a/deps/openssl/openssl/include/openssl/ec.h b/deps/openssl/openssl/include/openssl/ec.h index 6d3178f609..81e6faf6c5 100644 --- a/deps/openssl/openssl/include/openssl/ec.h +++ b/deps/openssl/openssl/include/openssl/ec.h @@ -106,7 +106,7 @@ typedef enum { /** the point is encoded as z||x, where the octet z specifies * which solution of the quadratic equation y is */ POINT_CONVERSION_COMPRESSED = 2, - /** the point is encoded as z||x||y, where z is the octet 0x02 */ + /** the point is encoded as z||x||y, where z is the octet 0x04 */ POINT_CONVERSION_UNCOMPRESSED = 4, /** the point is encoded as z||x||y, where the octet z specifies * which solution of the quadratic equation y is */ diff --git a/deps/openssl/openssl/include/openssl/ecdsa.h b/deps/openssl/openssl/include/openssl/ecdsa.h index c4016ac3e1..a6f0930f82 100644 --- a/deps/openssl/openssl/include/openssl/ecdsa.h +++ b/deps/openssl/openssl/include/openssl/ecdsa.h @@ -233,7 +233,7 @@ void *ECDSA_get_ex_data(EC_KEY *d, int idx); * \return pointer to a ECDSA_METHOD structure or NULL if an error occurred */ -ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method); +ECDSA_METHOD *ECDSA_METHOD_new(const ECDSA_METHOD *ecdsa_method); /** frees a ECDSA_METHOD structure * \param ecdsa_method pointer to the ECDSA_METHOD structure diff --git a/deps/openssl/openssl/include/openssl/opensslv.h b/deps/openssl/openssl/include/openssl/opensslv.h index c06b13ac6b..abcef15b17 100644 --- a/deps/openssl/openssl/include/openssl/opensslv.h +++ b/deps/openssl/openssl/include/openssl/opensslv.h @@ -30,11 +30,11 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x1000204fL +# define OPENSSL_VERSION_NUMBER 0x1000205fL # ifdef OPENSSL_FIPS -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2d-fips 9 Jul 2015" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2e-fips 3 Dec 2015" # else -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2d 9 Jul 2015" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2e 3 Dec 2015" # endif # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/deps/openssl/openssl/include/openssl/ssl.h b/deps/openssl/openssl/include/openssl/ssl.h index 6fe1a2474d..afec1f5bf2 100644 --- a/deps/openssl/openssl/include/openssl/ssl.h +++ b/deps/openssl/openssl/include/openssl/ssl.h @@ -2681,6 +2681,7 @@ void ERR_load_SSL_strings(void); # define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292 # define SSL_F_SSL3_ENC 134 # define SSL_F_SSL3_GENERATE_KEY_BLOCK 238 +# define SSL_F_SSL3_GENERATE_MASTER_SECRET 388 # define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 # define SSL_F_SSL3_GET_CERT_STATUS 289 # define SSL_F_SSL3_GET_CERT_VERIFY 136 @@ -2846,8 +2847,11 @@ void ERR_load_SSL_strings(void); # define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 # define SSL_R_BAD_DECOMPRESSION 107 # define SSL_R_BAD_DH_G_LENGTH 108 +# define SSL_R_BAD_DH_G_VALUE 375 # define SSL_R_BAD_DH_PUB_KEY_LENGTH 109 +# define SSL_R_BAD_DH_PUB_KEY_VALUE 393 # define SSL_R_BAD_DH_P_LENGTH 110 +# define SSL_R_BAD_DH_P_VALUE 395 # define SSL_R_BAD_DIGEST_LENGTH 111 # define SSL_R_BAD_DSA_SIGNATURE 112 # define SSL_R_BAD_ECC_CERT 304 diff --git a/deps/openssl/openssl/include/openssl/tls1.h b/deps/openssl/openssl/include/openssl/tls1.h index 5929607ff8..7e237d0631 100644 --- a/deps/openssl/openssl/include/openssl/tls1.h +++ b/deps/openssl/openssl/include/openssl/tls1.h @@ -231,13 +231,12 @@ extern "C" { /* ExtensionType value from RFC5620 */ # define TLSEXT_TYPE_heartbeat 15 -/* ExtensionType value from draft-ietf-tls-applayerprotoneg-00 */ +/* ExtensionType value from RFC7301 */ # define TLSEXT_TYPE_application_layer_protocol_negotiation 16 /* * ExtensionType value for TLS padding extension. - * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml - * http://tools.ietf.org/html/draft-agl-tls-padding-03 + * http://tools.ietf.org/html/draft-agl-tls-padding */ # define TLSEXT_TYPE_padding 21 @@ -262,20 +261,19 @@ extern "C" { # define TLSEXT_TYPE_next_proto_neg 13172 # endif -/* NameType value from RFC 3546 */ +/* NameType value from RFC3546 */ # define TLSEXT_NAMETYPE_host_name 0 -/* status request value from RFC 3546 */ +/* status request value from RFC3546 */ # define TLSEXT_STATUSTYPE_ocsp 1 -/* ECPointFormat values from draft-ietf-tls-ecc-12 */ +/* ECPointFormat values from RFC4492 */ # define TLSEXT_ECPOINTFORMAT_first 0 # define TLSEXT_ECPOINTFORMAT_uncompressed 0 # define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1 # define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2 # define TLSEXT_ECPOINTFORMAT_last 2 -/* Signature and hash algorithms from RFC 5246 */ - +/* Signature and hash algorithms from RFC5246 */ # define TLSEXT_signature_anonymous 0 # define TLSEXT_signature_rsa 1 # define TLSEXT_signature_dsa 2 @@ -430,7 +428,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) # define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066 /* AES ciphersuites from RFC3268 */ - # define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F # define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030 # define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031 @@ -595,7 +592,7 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) # define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA" # define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA" -/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */ +/* ECC ciphersuites from RFC4492 */ # define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA" # define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA" # define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA" |