openssl: bump to 1.1.1s
Changes between 1.1.1r and 1.1.1s [1 Nov 2022]
*) Fixed a regression introduced in 1.1.1r version not refreshing the
certificate data to be signed before signing the certificate.
[Gibeom Gwon]
Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
*) Fixed the linux-mips64 Configure target which was missing the
SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
platform.
[Adam Joseph]
*) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
causing incorrect results in some cases as a result.
[Paul Dale]
*) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
report correct results in some cases
[Matt Caswell]
*) Fixed a regression introduced in 1.1.1o for re-signing certificates with
different key sizes
[Todd Short]
*) Added the loongarch64 target
[Shi Pujin]
*) Fixed a DRBG seed propagation thread safety issue
[Bernd Edlinger]
*) Fixed a memory leak in tls13_generate_secret
[Bernd Edlinger]
*) Fixed reported performance degradation on aarch64. Restored the
implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
32-bit lane assignment in CTR mode") for 64bit targets only, since it is
reportedly 2-17% slower and the silicon errata only affects 32bit targets.
The new algorithm is still used for 32 bit targets.
[Bernd Edlinger]
*) Added a missing header for memcmp that caused compilation failure on some
platforms
[Gregor Jasny]
Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B
Signed-off-by: John Audia <therealgraysky@proton.me>
This commit is contained in:
John Audia
@@ -13,7 +13,6 @@ Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
|
||||
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
||||
(Merged from https://github.com/openssl/openssl/pull/7585)
|
||||
|
||||
diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
|
||||
--- a/crypto/engine/eng_devcrypto.c
|
||||
+++ b/crypto/engine/eng_devcrypto.c
|
||||
@@ -16,6 +16,7 @@
|
||||
@@ -79,7 +78,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
|
||||
|
||||
/*
|
||||
* Code further down must make sure that only NIDs in the table above
|
||||
@@ -333,19 +367,40 @@ static int cipher_cleanup(EVP_CIPHER_CTX *ctx)
|
||||
@@ -333,19 +367,40 @@ static int cipher_cleanup(EVP_CIPHER_CTX
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -185,7 +184,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
|
||||
static const EVP_CIPHER *get_cipher_method(int nid)
|
||||
{
|
||||
size_t i = get_cipher_data_index(nid);
|
||||
@@ -438,6 +520,36 @@ static int devcrypto_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
|
||||
@@ -438,6 +520,36 @@ static int devcrypto_ciphers(ENGINE *e,
|
||||
return *cipher != NULL;
|
||||
}
|
||||
|
||||
@@ -246,7 +245,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
|
||||
|
||||
/*
|
||||
* Code further down must make sure that only NIDs in the table above
|
||||
@@ -516,8 +637,8 @@ static const struct digest_data_st *get_digest_data(int nid)
|
||||
@@ -516,8 +637,8 @@ static const struct digest_data_st *get_
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -257,7 +256,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
|
||||
*/
|
||||
|
||||
static int digest_init(EVP_MD_CTX *ctx)
|
||||
@@ -630,52 +751,94 @@ static int digest_cleanup(EVP_MD_CTX *ctx)
|
||||
@@ -630,52 +751,94 @@ static int digest_cleanup(EVP_MD_CTX *ct
|
||||
return clean_devcrypto_session(&digest_ctx->sess);
|
||||
}
|
||||
|
||||
@@ -402,7 +401,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
|
||||
}
|
||||
}
|
||||
|
||||
@@ -739,8 +909,154 @@ static int devcrypto_digests(ENGINE *e, const EVP_MD **digest,
|
||||
@@ -739,7 +909,153 @@ static int devcrypto_digests(ENGINE *e,
|
||||
return *digest != NULL;
|
||||
}
|
||||
|
||||
@@ -478,8 +477,8 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
|
||||
+ "DIGESTS",
|
||||
+ "either ALL, NONE, or a comma-separated list of digests to enable [default=ALL]",
|
||||
+ ENGINE_CMD_FLAG_STRING},
|
||||
#endif
|
||||
|
||||
+#endif
|
||||
+
|
||||
+ {0, NULL, NULL, 0}
|
||||
+};
|
||||
+
|
||||
@@ -503,7 +502,7 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
|
||||
+ use_softdrivers = i;
|
||||
+#ifdef IMPLEMENT_DIGEST
|
||||
+ rebuild_known_digest_nids(e);
|
||||
+#endif
|
||||
#endif
|
||||
+ rebuild_known_cipher_nids(e);
|
||||
+ return 1;
|
||||
+#endif /* CIOCGSESSINFO */
|
||||
@@ -553,10 +552,9 @@ diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
|
||||
+ }
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
|
||||
/******************************************************************************
|
||||
*
|
||||
* LOAD / UNLOAD
|
||||
@@ -806,6 +1122,8 @@ void engine_load_devcrypto_int()
|
||||
|
||||
if (!ENGINE_set_id(e, "devcrypto")
|
||||
|
||||
Reference in New Issue
Block a user