Diffusion FreeBSD src repository a7148ab39c03

openssl: Import OpenSSL 3.0.15.
a7148ab39c03
Actions

Description

openssl: Import OpenSSL 3.0.15.

This release incorporates the following bug fixes and mitigations:

Fixed possible denial of service in X.509 name checks ([CVE-2024-6119])
Fixed possible buffer overread in SSL_select_next_proto() ([CVE-2024-5535])

Release notes can be found at:
https://openssl-library.org/news/openssl-3.0-notes/index.html

Co-authored-by: gordon
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D46602

Merge commit '108164cf95d9594884c2dcccba2691335e6f221b'

Details

Provenance

ngie	Authored on Sep 8 2024, 4:30 AM

Differential Revision

D46602: openssl: Import OpenSSL 3.0.15.

Parents

rG4086a0635d38: openssl: Update upgrade instructions.
rG108164cf95d9: openssl: Import OpenSSL 3.0.15.

Branches

Unknown

Tags

Unknown

Event Timeline

ngie committed rGa7148ab39c03: openssl: Import OpenSSL 3.0.15. (authored by ngie).Sep 8 2024, 4:31 AM

ngie mentioned this in rGcc717b574d7f: Update config/build info for OpenSSL 3.0.15.Sep 8 2024, 4:36 AM

ngie mentioned this in D46604: sys/crypto/openssl: update powerpc* ASM.Sep 8 2024, 4:39 AM

ngie added an edge: D46602: openssl: Import OpenSSL 3.0.15..Sep 9 2024, 3:17 PM

ngie mentioned this in rG77864b545b0a: sys/crypto/openssl: update powerpc* ASM.Sep 14 2024, 7:38 PM

ngie mentioned this in rGcc43f991ab3e: openssl: Import OpenSSL 3.0.15..Sep 28 2024, 3:52 AM

Merged Changes

108164cf95d9 openssl: Import OpenSSL 3.0.15.
Author
gordon
Browse Repository
No Builds
No Audits

Changes (174)
Show All Changes

Very Large Commit

This commit is very large. Load each file individually.

Path

Size

crypto/

openssl/

Configurations/

apps/

lib/

crypto/

aes/

asm/

asn1/

bio/

cmp/

conf/

ec/

engine/

evp/

ctrl_params_translate.c

pkcs12/

pkcs7/

property/

rand/

rsa/

x509/

doc/

HOWTO/

certificates.txt

fingerprints.txt

man1/

openssl-enc.pod.in

openssl-passphrase-options.pod

openssl-s_client.pod.in

openssl-s_server.pod.in

openssl-verification-options.pod

man3/

ASN1_INTEGER_new.pod

ASYNC_WAIT_CTX_new.pod

BN_generate_prime.pod

BN_set_bit.pod

BUF_MEM_new.pod

CRYPTO_THREAD_run_once.pod

CTLOG_STORE_new.pod

CTLOG_new.pod

CT_POLICY_EVAL_CTX_new.pod

EVP_ASYM_CIPHER_free.pod

EVP_CIPHER_meth_new.pod

EVP_PKEY_ASN1_METHOD.pod

EVP_PKEY_meth_new.pod

OCSP_response_status.pod

OPENSSL_LH_COMPFUNC.pod

OPENSSL_init_crypto.pod

OPENSSL_malloc.pod

OPENSSL_secure_malloc.pod

OSSL_CMP_CTX_new.pod

OSSL_CMP_SRV_CTX_new.pod

OSSL_CMP_validate_msg.pod

OSSL_DECODER.pod

OSSL_DECODER_CTX.pod

OSSL_DECODER_CTX_new_for_pkey.pod

OSSL_ENCODER.pod

OSSL_ENCODER_CTX.pod

OSSL_HTTP_REQ_CTX.pod

OSSL_LIB_CTX.pod

OSSL_PARAM_BLD.pod

OSSL_PARAM_dup.pod

OSSL_SELF_TEST_new.pod

OSSL_STORE_INFO.pod

OSSL_STORE_LOADER.pod

OSSL_STORE_SEARCH.pod

PEM_read_bio_PrivateKey.pod

RAND_set_DRBG_type.pod

RSA_meth_new.pod

SCT_new.pod

SSL_CTX_set_alpn_select_cb.pod

SSL_CTX_set_cipher_list.pod

SSL_CTX_set_tlsext_ticket_key_cb.pod

TS_RESP_CTX_new.pod

X509V3_get_d2i.pod

X509_LOOKUP.pod

X509_LOOKUP_meth_new.pod

man7/

fuzz/

include/

crypto/

aes_platform.h

bn.h

openssl/

tls1.h

providers/

fips-sources.checksums

fips.checksum

implementations/

encode_decode/

rands/

ssl/

statem/

test/

helpers/

provider_fallback_test.c

provider_internal_test.c

provider_test.c

recipes/

03-test_fipsinstall.t

04-test_conf_data/

30-test_evp_data/

evppkey_rsa_common.txt

ssl-tests/

util/

check-format-commit.sh

check-format-test-negatives.c

check-format.pl

perl/

OpenSSL/

Test/

TLSProxy/

rGa7148ab39c03

View Options

crypto/openssl/CHANGES.md

Load File

View Options

crypto/openssl/CONTRIBUTING.md

Load File

View Options

crypto/openssl/Configurations/10-main.conf

Load File

View Options

crypto/openssl/Configurations/15-ios.conf

Load File

View Options

crypto/openssl/Configure

Load File

View Options

crypto/openssl/FAQ.md

Load File

View Options

crypto/openssl/INSTALL.md

Load File

View Options

crypto/openssl/NEWS.md

Load File

View Options

crypto/openssl/VERSION.dat

Load File

View Options

crypto/openssl/apps/cms.c

Load File

View Options

crypto/openssl/apps/dgst.c

Load File

View Options

crypto/openssl/apps/lib/opt.c

Load File

View Options

crypto/openssl/apps/lib/s_cb.c

Load File

View Options

crypto/openssl/apps/smime.c

Load File

View Options

crypto/openssl/crypto/aes/asm/aesp8-ppc.pl

Load File

View Options

crypto/openssl/crypto/aes/build.info

Load File

View Options

crypto/openssl/crypto/asn1/a_d2i_fp.c

Load File

View Options

crypto/openssl/crypto/asn1/a_mbstr.c

Load File

View Options

crypto/openssl/crypto/asn1/a_strex.c

Load File

View Options

crypto/openssl/crypto/asn1/a_verify.c

Load File

View Options

crypto/openssl/crypto/asn1/tasn_fre.c

Load File

View Options

crypto/openssl/crypto/bio/bf_readbuff.c

Load File

View Options

crypto/openssl/crypto/bio/bio_addr.c

Load File

View Options

crypto/openssl/crypto/cmp/cmp_vfy.c

Load File

View Options

crypto/openssl/crypto/conf/conf_def.c

Load File

View Options

crypto/openssl/crypto/conf/conf_lib.c

Load File

View Options

crypto/openssl/crypto/conf/conf_sap.c

Load File

View Options

crypto/openssl/crypto/context.c

Load File

View Options

crypto/openssl/crypto/ec/ecdsa_ossl.c

Load File

View Options

crypto/openssl/crypto/engine/eng_table.c

Load File

View Options

crypto/openssl/crypto/evp/ctrl_params_translate.c

Load File

View Options

crypto/openssl/crypto/evp/digest.c

Load File

View Options

crypto/openssl/crypto/evp/names.c

Load File

View Options

crypto/openssl/crypto/evp/pmeth_lib.c

Load File

View Options

crypto/openssl/crypto/o_str.c

Load File

View Options

crypto/openssl/crypto/pkcs12/p12_crt.c

Load File

View Options

crypto/openssl/crypto/pkcs7/pk7_doit.c

Load File

View Options

crypto/openssl/crypto/property/property.c

Load File

View Options

crypto/openssl/crypto/rand/randfile.c

Load File

View Options

crypto/openssl/crypto/rsa/rsa_oaep.c

Load File

View Options

crypto/openssl/crypto/x509/v3_utl.c

Load File

View Options

crypto/openssl/crypto/x509/x_name.c

Load File

View Options

crypto/openssl/doc/HOWTO/certificates.txt

Load File

View Options

crypto/openssl/doc/fingerprints.txt

Load File

View Options

crypto/openssl/doc/man1/openssl-enc.pod.in

Load File

View Options

crypto/openssl/doc/man1/openssl-passphrase-options.pod

Load File

View Options

crypto/openssl/doc/man1/openssl-s_client.pod.in

Load File

View Options

crypto/openssl/doc/man1/openssl-s_server.pod.in

Load File

View Options

crypto/openssl/doc/man1/openssl-verification-options.pod

Load File

View Options

crypto/openssl/doc/man3/ASN1_INTEGER_new.pod

Load File

View Options

crypto/openssl/doc/man3/ASYNC_WAIT_CTX_new.pod

Load File

View Options

crypto/openssl/doc/man3/BIO_ADDR.pod

Load File

View Options

crypto/openssl/doc/man3/BIO_ADDRINFO.pod

Load File

View Options

crypto/openssl/doc/man3/BIO_f_base64.pod

Load File

View Options

crypto/openssl/doc/man3/BIO_meth_new.pod

Load File

View Options

crypto/openssl/doc/man3/BN_add.pod

Load File

View Options

crypto/openssl/doc/man3/BN_generate_prime.pod

Load File

View Options

crypto/openssl/doc/man3/BN_set_bit.pod

Load File

View Options

crypto/openssl/doc/man3/BUF_MEM_new.pod

Load File

View Options

crypto/openssl/doc/man3/CRYPTO_THREAD_run_once.pod

Load File

View Options

crypto/openssl/doc/man3/CTLOG_STORE_new.pod

Load File

View Options

crypto/openssl/doc/man3/CTLOG_new.pod

Load File

View Options

crypto/openssl/doc/man3/CT_POLICY_EVAL_CTX_new.pod

Load File

View Options

crypto/openssl/doc/man3/DH_meth_new.pod

Load File

View Options

crypto/openssl/doc/man3/DSA_SIG_new.pod

Load File

View Options

crypto/openssl/doc/man3/DSA_meth_new.pod

Load File

View Options

crypto/openssl/doc/man3/ECDSA_SIG_new.pod

Load File

View Options

crypto/openssl/doc/man3/ENGINE_add.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_ASYM_CIPHER_free.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_CIPHER_meth_new.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_DigestInit.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_EncodeInit.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_EncryptInit.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_KEM_free.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_KEYEXCH_free.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_KEYMGMT.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_MD_meth_new.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_PKEY_ASN1_METHOD.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_PKEY_meth_new.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_RAND.pod

Load File

View Options

crypto/openssl/doc/man3/EVP_SIGNATURE.pod

Load File

View Options

crypto/openssl/doc/man3/HMAC.pod

Load File

View Options

crypto/openssl/doc/man3/MD5.pod

Load File

View Options

crypto/openssl/doc/man3/NCONF_new_ex.pod

Load File

View Options

crypto/openssl/doc/man3/OCSP_REQUEST_new.pod

Load File

View Options

crypto/openssl/doc/man3/OCSP_cert_to_id.pod

Load File

View Options

crypto/openssl/doc/man3/OCSP_response_status.pod

Load File

View Options

crypto/openssl/doc/man3/OPENSSL_LH_COMPFUNC.pod

Load File

View Options

crypto/openssl/doc/man3/OPENSSL_init_crypto.pod

Load File

View Options

crypto/openssl/doc/man3/OPENSSL_malloc.pod

Load File

View Options

crypto/openssl/doc/man3/OPENSSL_secure_malloc.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_CMP_CTX_new.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_CMP_SRV_CTX_new.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_CMP_validate_msg.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_DECODER.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_DECODER_CTX.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_DECODER_CTX_new_for_pkey.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_ENCODER.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_ENCODER_CTX.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_HTTP_REQ_CTX.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_LIB_CTX.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_PARAM_BLD.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_PARAM_dup.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_SELF_TEST_new.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_STORE_INFO.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_STORE_LOADER.pod

Load File

View Options

crypto/openssl/doc/man3/OSSL_STORE_SEARCH.pod

Load File

View Options

crypto/openssl/doc/man3/PEM_read_bio_PrivateKey.pod

Load File

View Options

crypto/openssl/doc/man3/RAND_set_DRBG_type.pod

Load File

View Options

crypto/openssl/doc/man3/RSA_meth_new.pod

Load File

View Options

crypto/openssl/doc/man3/SCT_new.pod

Load File

View Options

crypto/openssl/doc/man3/SSL_CTX_set_alpn_select_cb.pod

Load File

View Options

crypto/openssl/doc/man3/SSL_CTX_set_cipher_list.pod

Load File

View Options

crypto/openssl/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod

Load File

View Options

crypto/openssl/doc/man3/TS_RESP_CTX_new.pod

Load File

View Options

crypto/openssl/doc/man3/X509V3_get_d2i.pod

Load File

View Options

crypto/openssl/doc/man3/X509_LOOKUP.pod

Load File

View Options

crypto/openssl/doc/man3/X509_LOOKUP_meth_new.pod

Load File

View Options

crypto/openssl/doc/man3/X509_STORE_new.pod

Load File

View Options

crypto/openssl/doc/man3/X509_dup.pod

Load File

View Options

crypto/openssl/doc/man3/X509_new.pod

Load File

View Options

crypto/openssl/doc/man3/d2i_X509.pod

Load File

View Options

crypto/openssl/doc/man7/EVP_KEYEXCH-DH.pod

Load File

View Options

crypto/openssl/doc/man7/EVP_PKEY-DH.pod

Load File

View Options

crypto/openssl/doc/man7/ossl_store.pod

Load File

View Options

crypto/openssl/fuzz/bignum.c

Load File

View Options

crypto/openssl/include/crypto/aes_platform.h

Load File

View Options

crypto/openssl/include/crypto/bn.h

Load File

View Options

crypto/openssl/include/openssl/tls1.h

Load File

View Options

crypto/openssl/providers/fips-sources.checksums

Load File

View Options

crypto/openssl/providers/fips.checksum

Load File

View Options

crypto/openssl/providers/implementations/encode_decode/decode_der2key.c

Load File

View Options

crypto/openssl/providers/implementations/rands/drbg.c

Load File

View Options

crypto/openssl/ssl/bio_ssl.c

Load File

View Options

crypto/openssl/ssl/ssl_lib.c

Load File

View Options

crypto/openssl/ssl/ssl_sess.c

Load File

View Options

crypto/openssl/ssl/statem/extensions.c

Load File

View Options

crypto/openssl/ssl/statem/extensions_clnt.c

Load File

View Options

crypto/openssl/ssl/statem/extensions_srvr.c

Load File

View Options

crypto/openssl/ssl/statem/statem_lib.c

Load File

View Options

crypto/openssl/ssl/t1_lib.c

Load File

View Options

crypto/openssl/test/build.info

Load File

View Options

crypto/openssl/test/crltest.c

Load File

View Options

crypto/openssl/test/endecode_test.c

Load File

View Options

crypto/openssl/test/evp_byname_test.c

Load File

View Options

crypto/openssl/test/evp_extra_test.c

Load File

View Options

crypto/openssl/test/helpers/handshake.c

Load File

View Options

crypto/openssl/test/hexstr_test.c

Load File

View Options

crypto/openssl/test/prov_config_test.c

Load File

View Options

crypto/openssl/test/provider_fallback_test.c

Load File

View Options

crypto/openssl/test/provider_internal_test.c

Load File

View Options

crypto/openssl/test/provider_test.c

Load File

View Options

crypto/openssl/test/recipes/03-test_fipsinstall.t

Load File

View Options

crypto/openssl/test/recipes/04-test_conf.t

Load File

View Options

crypto/openssl/test/recipes/04-test_conf_data/oversized_line.cnf

Load File

View Options

crypto/openssl/test/recipes/04-test_conf_data/oversized_line.txt

Load File

View Options

crypto/openssl/test/recipes/25-test_eai_data.t

Load File

View Options

crypto/openssl/test/recipes/30-test_evp_byname.t

Load File

View Options

crypto/openssl/test/recipes/30-test_evp_data/evppkey_dsa.txt

Load File

View Options

crypto/openssl/test/recipes/30-test_evp_data/evppkey_ecdsa.txt

Load File

View Options

crypto/openssl/test/recipes/30-test_evp_data/evppkey_rsa_common.txt

Load File

View Options

crypto/openssl/test/recipes/70-test_npn.t

Load File

View Options

crypto/openssl/test/ssl-tests/08-npn.cnf

Load File

View Options

crypto/openssl/test/ssl-tests/08-npn.cnf.in

Load File

View Options

crypto/openssl/test/ssl-tests/09-alpn.cnf

Load File

View Options

crypto/openssl/test/ssl-tests/09-alpn.cnf.in

Load File

View Options

crypto/openssl/test/sslapitest.c

Load File

View Options

crypto/openssl/util/check-format-commit.sh

Load File

View Options

crypto/openssl/util/check-format-test-negatives.c

Load File

View Options

crypto/openssl/util/check-format.pl

Load File

View Options

crypto/openssl/util/perl/OpenSSL/Test/Utils.pm

Load File

View Options

crypto/openssl/util/perl/TLSProxy/Message.pm

Load File

View Options

crypto/openssl/util/perl/TLSProxy/NextProto.pm

Load File

View Options

crypto/openssl/util/perl/TLSProxy/Proxy.pm

Load File

openssl: Import OpenSSL 3.0.15.a7148ab39c03Actions

Description

Details

Event Timeline

Merged Changes

Changes (174)Show All Changes

Very Large Commit

rGa7148ab39c03

crypto/openssl/CHANGES.md

crypto/openssl/CONTRIBUTING.md

crypto/openssl/Configurations/10-main.conf

crypto/openssl/Configurations/15-ios.conf

crypto/openssl/Configure

crypto/openssl/FAQ.md

crypto/openssl/INSTALL.md

crypto/openssl/NEWS.md

crypto/openssl/VERSION.dat

crypto/openssl/apps/cms.c

crypto/openssl/apps/dgst.c

crypto/openssl/apps/lib/opt.c

crypto/openssl/apps/lib/s_cb.c

crypto/openssl/apps/smime.c

crypto/openssl/crypto/aes/asm/aesp8-ppc.pl

crypto/openssl/crypto/aes/build.info

crypto/openssl/crypto/asn1/a_d2i_fp.c

crypto/openssl/crypto/asn1/a_mbstr.c

crypto/openssl/crypto/asn1/a_strex.c

crypto/openssl/crypto/asn1/a_verify.c

crypto/openssl/crypto/asn1/tasn_fre.c

crypto/openssl/crypto/bio/bf_readbuff.c

crypto/openssl/crypto/bio/bio_addr.c

crypto/openssl/crypto/cmp/cmp_vfy.c

crypto/openssl/crypto/conf/conf_def.c

crypto/openssl/crypto/conf/conf_lib.c

crypto/openssl/crypto/conf/conf_sap.c

crypto/openssl/crypto/context.c

crypto/openssl/crypto/ec/ecdsa_ossl.c

crypto/openssl/crypto/engine/eng_table.c

crypto/openssl/crypto/evp/ctrl_params_translate.c

crypto/openssl/crypto/evp/digest.c

crypto/openssl/crypto/evp/names.c

crypto/openssl/crypto/evp/pmeth_lib.c

crypto/openssl/crypto/o_str.c

crypto/openssl/crypto/pkcs12/p12_crt.c

crypto/openssl/crypto/pkcs7/pk7_doit.c

crypto/openssl/crypto/property/property.c

crypto/openssl/crypto/rand/randfile.c

crypto/openssl/crypto/rsa/rsa_oaep.c

crypto/openssl/crypto/x509/v3_utl.c

crypto/openssl/crypto/x509/x_name.c

crypto/openssl/doc/HOWTO/certificates.txt

crypto/openssl/doc/fingerprints.txt

crypto/openssl/doc/man1/openssl-enc.pod.in

crypto/openssl/doc/man1/openssl-passphrase-options.pod

crypto/openssl/doc/man1/openssl-s_client.pod.in

crypto/openssl/doc/man1/openssl-s_server.pod.in

crypto/openssl/doc/man1/openssl-verification-options.pod

crypto/openssl/doc/man3/ASN1_INTEGER_new.pod

crypto/openssl/doc/man3/ASYNC_WAIT_CTX_new.pod

crypto/openssl/doc/man3/BIO_ADDR.pod

crypto/openssl/doc/man3/BIO_ADDRINFO.pod

crypto/openssl/doc/man3/BIO_f_base64.pod

crypto/openssl/doc/man3/BIO_meth_new.pod

crypto/openssl/doc/man3/BN_add.pod

crypto/openssl/doc/man3/BN_generate_prime.pod

crypto/openssl/doc/man3/BN_set_bit.pod

crypto/openssl/doc/man3/BUF_MEM_new.pod

crypto/openssl/doc/man3/CRYPTO_THREAD_run_once.pod

crypto/openssl/doc/man3/CTLOG_STORE_new.pod

crypto/openssl/doc/man3/CTLOG_new.pod

crypto/openssl/doc/man3/CT_POLICY_EVAL_CTX_new.pod

crypto/openssl/doc/man3/DH_meth_new.pod

crypto/openssl/doc/man3/DSA_SIG_new.pod

crypto/openssl/doc/man3/DSA_meth_new.pod

crypto/openssl/doc/man3/ECDSA_SIG_new.pod

crypto/openssl/doc/man3/ENGINE_add.pod

crypto/openssl/doc/man3/EVP_ASYM_CIPHER_free.pod

crypto/openssl/doc/man3/EVP_CIPHER_meth_new.pod

crypto/openssl/doc/man3/EVP_DigestInit.pod

crypto/openssl/doc/man3/EVP_EncodeInit.pod

openssl: Import OpenSSL 3.0.15.
a7148ab39c03
Actions

Changes (174)
Show All Changes