openssl: Update to pristine 1.0.2u (security update)

This commit is contained in:
Rémi Verschelde 2020-08-14 12:40:55 +02:00
parent 0f436f10d0
commit 1394bbd443
7 changed files with 36 additions and 17 deletions

View File

@ -248,7 +248,7 @@ Collection of single-file libraries used in Godot components.
## openssl
- Upstream: https://www.openssl.org
- Version: 1.0.2t
- Version: 1.0.2u
- License: OpenSSL license / BSD-like
Files extracted from the upstream source:

View File

@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
* Copyright (c) 2000-2019 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -102,7 +102,7 @@ ASN1_ITEM_end(CBIGNUM)
static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
*pval = (ASN1_VALUE *)BN_new();
if (*pval)
if (*pval != NULL)
return 1;
else
return 0;
@ -110,7 +110,7 @@ static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
if (!*pval)
if (*pval == NULL)
return;
if (it->size & BN_SENSITIVE)
BN_clear_free((BIGNUM *)*pval);
@ -124,7 +124,7 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
{
BIGNUM *bn;
int pad;
if (!*pval)
if (*pval == NULL)
return -1;
bn = (BIGNUM *)*pval;
/* If MSB set in an octet we need a padding byte */

View File

@ -1,6 +1,6 @@
/* crypto/cryptlib.c */
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -745,6 +745,11 @@ int OPENSSL_NONPIC_relocated = 0;
void OPENSSL_cpuid_setup(void)
{
}
unsigned long OPENSSL_rdtsc(void)
{
return 0;
}
#endif
#if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL)

View File

@ -973,6 +973,20 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
* 0x0 = OPENSSL_EC_EXPLICIT_CURVE
*/
EC_GROUP_set_asn1_flag(ret, 0x0);
/*
* If the input params do not contain the optional seed field we make
* sure it is not added to the returned group.
*
* The seed field is not really used inside libcrypto anyway, and
* adding it to parsed explicit parameter keys would alter their DER
* encoding output (because of the extra field) which could impact
* applications fingerprinting keys by their DER encoding.
*/
if (params->curve->seed == NULL) {
if (EC_GROUP_set_seed(ret, NULL, 0) != 1)
goto err;
}
}
ok = 1;

View File

@ -255,7 +255,7 @@ extern "C" {
even newer MIPS CPU's, but at the moment one size fits all for
optimization options. Older Sparc's work better with only UNROLL, but
there's no way to tell at compile time what it is you're running on */
#if defined( __sun ) || defined ( sun ) /* Newer Sparc's */
# define DES_PTR
# define DES_RISC1

View File

@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
# define OPENSSL_VERSION_NUMBER 0x1000214fL
# define OPENSSL_VERSION_NUMBER 0x1000215fL
# ifdef OPENSSL_FIPS
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2t-fips 10 Sep 2019"
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2u-fips 20 Dec 2019"
# else
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2t 10 Sep 2019"
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2u 20 Dec 2019"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

View File

@ -1,5 +1,5 @@
diff --git a/thirdparty/openssl/crypto/rand/rand_win.c b/thirdparty/openssl/crypto/rand/rand_win.c
index 06670ae01..cb4093128 100644
index b4be3097e9..63a9e9975a 100644
--- a/thirdparty/openssl/crypto/rand/rand_win.c
+++ b/thirdparty/openssl/crypto/rand/rand_win.c
@@ -118,8 +118,10 @@
@ -22,15 +22,15 @@ index 06670ae01..cb4093128 100644
typedef BOOL(WINAPI *CRYPTACQUIRECONTEXTW) (HCRYPTPROV *, LPCWSTR, LPCWSTR,
DWORD, DWORD);
typedef BOOL(WINAPI *CRYPTGENRANDOM) (HCRYPTPROV, DWORD, BYTE *);
@@ -196,6 +198,7 @@ typedef NET_API_STATUS(NET_API_FUNCTION *NETFREE) (LPBYTE);
# endif /* 1 */
# endif /* !OPENSSL_SYS_WINCE */
@@ -198,6 +200,7 @@ typedef NET_API_STATUS(NET_API_FUNCTION *NETFREE) (LPBYTE);
#define NOTTOOLONG(start) ((GetTickCount() - (start)) < MAXDELAY)
+#if !defined(WINRT_ENABLED) // -- GODOT --
int RAND_poll(void)
{
MEMORYSTATUS m;
@@ -580,6 +583,8 @@ int RAND_poll(void)
@@ -576,6 +579,8 @@ int RAND_poll(void)
return (1);
}
@ -39,7 +39,7 @@ index 06670ae01..cb4093128 100644
int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam)
{
double add_entropy = 0;
@@ -682,7 +687,7 @@ static void readtimer(void)
@@ -678,7 +683,7 @@ static void readtimer(void)
static void readscreen(void)
{
@ -49,7 +49,7 @@ index 06670ae01..cb4093128 100644
HBITMAP hBitmap; /* handle for our bitmap */
BITMAP bm; /* bitmap properties */
diff --git a/thirdparty/openssl/openssl/dtls1.h b/thirdparty/openssl/openssl/dtls1.h
index 30bbcf278..81d28c29c 100644
index 30bbcf278a..31cb6d7eb9 100644
--- a/thirdparty/openssl/openssl/dtls1.h
+++ b/thirdparty/openssl/openssl/dtls1.h
@@ -78,6 +78,9 @@