src - FreeBSD source tree

diff options


context:
space:
mode:

author	Jung-uk Kim <jkim@FreeBSD.org>	2020-09-22 14:27:08 +0000
committer	Jung-uk Kim <jkim@FreeBSD.org>	2020-09-22 14:27:08 +0000
commit	92f02b3b0f21350e7c92a16ca9b594ad7682c717 (patch)
tree	00444fe1520f87a0f22770b5c0be936737fb2179 /include/openssl
parent	65aa3028e51cba07879f3dc4608949c5c6b9fcc0 (diff)
download	src-4223715e81afb5822c1b577722ab3cc2dc49e39c.tar.gz src-4223715e81afb5822c1b577722ab3cc2dc49e39c.zip

Import OpenSSL 1.1.1h.vendor/openssl/1.1.1h

Diffstat (limited to 'include/openssl')

-rw-r--r--

include/openssl/bn.h

-rw-r--r--

include/openssl/e_os2.h

-rw-r--r--

include/openssl/ec.h

-rw-r--r--

include/openssl/ecerr.h

-rw-r--r--

include/openssl/opensslconf.h.in

-rw-r--r--

include/openssl/opensslv.h

-rw-r--r--

include/openssl/pemerr.h

-rw-r--r--

include/openssl/ssl.h

-rw-r--r--

include/openssl/ssl3.h

-rw-r--r--

include/openssl/x509.h

-rw-r--r--

include/openssl/x509_vfy.h

-rw-r--r--

include/openssl/x509err.h

12 files changed, 38 insertions, 19 deletions

diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index 8af05d00e59a..d87766049a42 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

@@ -56,7 +56,7 @@ extern "C" {

* avoid leaking exponent information through timing,

* BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,

* BN_div() will call BN_div_no_branch,

- * BN_mod_inverse() will call BN_mod_inverse_no_branch.

+ * BN_mod_inverse() will call bn_mod_inverse_no_branch.

# define BN_FLG_CONSTTIME 0x04

# define BN_FLG_SECURE 0x08

diff --git a/include/openssl/e_os2.h b/include/openssl/e_os2.h
index 97a776cdacc7..cf308eee2cd2 100644
--- a/include/openssl/e_os2.h
+++ b/include/openssl/e_os2.h

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -241,7 +241,7 @@ typedef UINT64 uint64_t;

defined(__osf__) || defined(__sgi) || defined(__hpux) || \

defined(OPENSSL_SYS_VMS) || defined (__OpenBSD__)

# include <inttypes.h>

-# elif defined(_MSC_VER) && _MSC_VER<=1500

+# elif defined(_MSC_VER) && _MSC_VER<1600

* minimally required typdefs for systems not supporting inttypes.h or

* stdint.h: currently just older VC++

diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 5af9ebdc7fce..44cc139966ef 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

@@ -829,6 +829,8 @@ void EC_KEY_set_flags(EC_KEY *key, int flags);

void EC_KEY_clear_flags(EC_KEY *key, int flags);

+int EC_KEY_decoded_from_explicit_params(const EC_KEY *key);

/** Creates a new EC_KEY object using a named curve as underlying

* EC_GROUP object.

* \param nid NID of the named curve.

diff --git a/include/openssl/ecerr.h b/include/openssl/ecerr.h
index f7b91834564e..51738113dc7d 100644
--- a/include/openssl/ecerr.h
+++ b/include/openssl/ecerr.h

@@ -1,6 +1,6 @@

* Generated by util/mkerr.pl DO NOT EDIT

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -243,6 +243,7 @@ int ERR_load_EC_strings(void);

# define EC_R_LADDER_POST_FAILURE 136

# define EC_R_LADDER_PRE_FAILURE 153

# define EC_R_LADDER_STEP_FAILURE 162

+# define EC_R_MISSING_OID 167

# define EC_R_MISSING_PARAMETERS 124

# define EC_R_MISSING_PRIVATE_KEY 125

# define EC_R_NEED_NEW_SETUP_VALUES 157

diff --git a/include/openssl/opensslconf.h.in b/include/openssl/opensslconf.h.in
index bc98cad51a64..06270922c2ac 100644
--- a/include/openssl/opensslconf.h.in
+++ b/include/openssl/opensslconf.h.in

@@ -1,7 +1,7 @@

* {- join("\n * ", @autowarntext) -}

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -77,6 +77,11 @@ extern "C" {

# undef DECLARE_DEPRECATED

# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));

# endif

+# elif defined(__SUNPRO_C)

+# if (__SUNPRO_C >= 0x5130)

+# undef DECLARE_DEPRECATED

+# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));

+# endif

# endif

#endif

diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
index 17d271f54c7f..7cf31d3625cc 100644
--- a/include/openssl/opensslv.h
+++ b/include/openssl/opensslv.h

@@ -39,8 +39,8 @@ extern "C" {

* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for

* major minor fix final patch/beta)

-# define OPENSSL_VERSION_NUMBER 0x1010107fL

-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1g 21 Apr 2020"

+# define OPENSSL_VERSION_NUMBER 0x1010108fL

+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1h 22 Sep 2020"

/*-

* The macros below are to be used for shared library (.so, .dll, ...)

diff --git a/include/openssl/pemerr.h b/include/openssl/pemerr.h
index 0c45918f3c1d..4f7e3574b34a 100644
--- a/include/openssl/pemerr.h
+++ b/include/openssl/pemerr.h

@@ -1,6 +1,6 @@

* Generated by util/mkerr.pl DO NOT EDIT

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -61,6 +61,7 @@ int ERR_load_PEM_strings(void);

# define PEM_F_PEM_SIGNFINAL 112

# define PEM_F_PEM_WRITE 113

# define PEM_F_PEM_WRITE_BIO 114

+# define PEM_F_PEM_WRITE_BIO_PRIVATEKEY_TRADITIONAL 147

# define PEM_F_PEM_WRITE_PRIVATEKEY 139

# define PEM_F_PEM_X509_INFO_READ 115

# define PEM_F_PEM_X509_INFO_READ_BIO 116

@@ -99,5 +100,6 @@ int ERR_load_PEM_strings(void);

# define PEM_R_UNSUPPORTED_CIPHER 113

# define PEM_R_UNSUPPORTED_ENCRYPTION 114

# define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126

+# define PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE 110

#endif

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 6724ccf2d252..fd0c5a99967f 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -1,5 +1,5 @@

@@ -1393,7 +1393,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)

# define SSL_get1_groups(s, glist) \

SSL_ctrl(s,SSL_CTRL_GET_GROUPS,0,(int*)(glist))

# define SSL_CTX_set1_groups(ctx, glist, glistlen) \

- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))

+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(int *)(glist))

# define SSL_CTX_set1_groups_list(ctx, s) \

SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s))

# define SSL_set1_groups(s, glist, glistlen) \

diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h
index 8d01fcc48765..07effba287d3 100644
--- a/include/openssl/ssl3.h
+++ b/include/openssl/ssl3.h

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

@@ -292,6 +292,9 @@ extern "C" {

# define TLS1_FLAGS_STATELESS 0x0800

+/* Set if extended master secret extension required on renegotiation */

+# define TLS1_FLAGS_REQUIRED_EXTMS 0x1000

# define SSL3_MT_HELLO_REQUEST 0

# define SSL3_MT_CLIENT_HELLO 1

# define SSL3_MT_SERVER_HELLO 2

diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 39ca0ba57561..b97ec342e2c9 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

@@ -478,6 +478,7 @@ void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype,

const void **ppval, const X509_ALGOR *algor);

void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);

int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);

+int X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src);

X509_NAME *X509_NAME_dup(X509_NAME *xn);

X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);

@@ -679,6 +680,8 @@ X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);

int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);

void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig,

const X509_ALGOR **palg);

+void X509_REQ_set0_signature(X509_REQ *req, ASN1_BIT_STRING *psig);

+int X509_REQ_set1_signature_algo(X509_REQ *req, X509_ALGOR *palg);

int X509_REQ_get_signature_nid(const X509_REQ *req);

int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);

int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);

diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h
index adb8bce7cb43..25c79f1be2f0 100644
--- a/include/openssl/x509_vfy.h
+++ b/include/openssl/x509_vfy.h

@@ -1,5 +1,5 @@

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -184,6 +184,10 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);

# define X509_V_ERR_OCSP_VERIFY_NEEDED 73 /* Need OCSP verification */

# define X509_V_ERR_OCSP_VERIFY_FAILED 74 /* Couldn't verify cert through OCSP */

# define X509_V_ERR_OCSP_CERT_UNKNOWN 75 /* Certificate wasn't recognized by the OCSP responder */

+# define X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH 76

+# define X509_V_ERR_NO_ISSUER_PUBLIC_KEY 77

+# define X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM 78

+# define X509_V_ERR_EC_KEY_EXPLICIT_PARAMS 79

/* Certificate verify flags */

diff --git a/include/openssl/x509err.h b/include/openssl/x509err.h
index 0273853172d9..cd08673f8f69 100644
--- a/include/openssl/x509err.h
+++ b/include/openssl/x509err.h

@@ -1,6 +1,6 @@

* Generated by util/mkerr.pl DO NOT EDIT

* Licensed under the OpenSSL license (the "License"). You may not use

* this file except in compliance with the License. You can obtain a copy

@@ -11,9 +11,7 @@

#ifndef HEADER_X509ERR_H

# define HEADER_X509ERR_H

-# ifndef HEADER_SYMHACKS_H

-# include <openssl/symhacks.h>

-# endif

+# include <openssl/symhacks.h>

# ifdef __cplusplus

extern "C"

@@ -65,6 +63,7 @@ int ERR_load_X509_strings(void);

# define X509_F_X509_OBJECT_NEW 150

# define X509_F_X509_PRINT_EX_FP 118

# define X509_F_X509_PUBKEY_DECODE 148

+# define X509_F_X509_PUBKEY_GET 161

# define X509_F_X509_PUBKEY_GET0 119

# define X509_F_X509_PUBKEY_SET 120

# define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144