forked from rpms/openssl
c015bd1b1e
- add important patches from upstream CVS
104 lines
3.8 KiB
Diff
104 lines
3.8 KiB
Diff
diff -up openssl-1.0.1c/apps/cms.c.backports2 openssl-1.0.1c/apps/cms.c
|
|
--- openssl-1.0.1c/apps/cms.c.backports2 2012-01-05 14:46:27.000000000 +0100
|
|
+++ openssl-1.0.1c/apps/cms.c 2012-09-07 10:34:42.000000000 +0200
|
|
@@ -233,6 +233,8 @@ int MAIN(int argc, char **argv)
|
|
else if (!strcmp(*args,"-camellia256"))
|
|
cipher = EVP_camellia_256_cbc();
|
|
#endif
|
|
+ else if (!strcmp (*args, "-debug_decrypt"))
|
|
+ flags |= CMS_DEBUG_DECRYPT;
|
|
else if (!strcmp (*args, "-text"))
|
|
flags |= CMS_TEXT;
|
|
else if (!strcmp (*args, "-nointern"))
|
|
@@ -1039,6 +1041,8 @@ int MAIN(int argc, char **argv)
|
|
ret = 4;
|
|
if (operation == SMIME_DECRYPT)
|
|
{
|
|
+ if (flags & CMS_DEBUG_DECRYPT)
|
|
+ CMS_decrypt(cms, NULL, NULL, NULL, NULL, flags);
|
|
|
|
if (secret_key)
|
|
{
|
|
diff -up openssl-1.0.1c/crypto/bn/bn_lcl.h.backports2 openssl-1.0.1c/crypto/bn/bn_lcl.h
|
|
--- openssl-1.0.1c/crypto/bn/bn_lcl.h.backports2 2012-09-06 17:25:22.000000000 +0200
|
|
+++ openssl-1.0.1c/crypto/bn/bn_lcl.h 2012-09-07 10:22:43.000000000 +0200
|
|
@@ -282,16 +282,23 @@ extern "C" {
|
|
# endif
|
|
# elif defined(__mips) && (defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG))
|
|
# if defined(__GNUC__) && __GNUC__>=2
|
|
-# define BN_UMULT_HIGH(a,b) ({ \
|
|
+# if __GNUC__>=4 && __GNUC_MINOR__>=4 /* "h" constraint is no more since 4.4 */
|
|
+# define BN_UMULT_HIGH(a,b) (((__uint128_t)(a)*(b))>>64)
|
|
+# define BN_UMULT_LOHI(low,high,a,b) ({ \
|
|
+ __uint128_t ret=(__uint128_t)(a)*(b); \
|
|
+ (high)=ret>>64; (low)=ret; })
|
|
+# else
|
|
+# define BN_UMULT_HIGH(a,b) ({ \
|
|
register BN_ULONG ret; \
|
|
asm ("dmultu %1,%2" \
|
|
: "=h"(ret) \
|
|
: "r"(a), "r"(b) : "l"); \
|
|
ret; })
|
|
-# define BN_UMULT_LOHI(low,high,a,b) \
|
|
+# define BN_UMULT_LOHI(low,high,a,b)\
|
|
asm ("dmultu %2,%3" \
|
|
: "=l"(low),"=h"(high) \
|
|
: "r"(a), "r"(b));
|
|
+# endif
|
|
# endif
|
|
# endif /* cpu */
|
|
#endif /* OPENSSL_NO_ASM */
|
|
diff -up openssl-1.0.1c/crypto/modes/gcm128.c.backports2 openssl-1.0.1c/crypto/modes/gcm128.c
|
|
--- openssl-1.0.1c/crypto/modes/gcm128.c.backports2 2012-01-25 18:56:24.000000000 +0100
|
|
+++ openssl-1.0.1c/crypto/modes/gcm128.c 2012-09-07 10:24:56.000000000 +0200
|
|
@@ -1398,7 +1398,7 @@ int CRYPTO_gcm128_finish(GCM128_CONTEXT
|
|
void (*gcm_gmult_p)(u64 Xi[2],const u128 Htable[16]) = ctx->gmult;
|
|
#endif
|
|
|
|
- if (ctx->mres)
|
|
+ if (ctx->mres || ctx->ares)
|
|
GCM_MUL(ctx,Xi);
|
|
|
|
if (is_endian.little) {
|
|
diff -up openssl-1.0.1c/ssl/ssl_cert.c.backports2 openssl-1.0.1c/ssl/ssl_cert.c
|
|
--- openssl-1.0.1c/ssl/ssl_cert.c.backports2 2011-05-11 15:37:52.000000000 +0200
|
|
+++ openssl-1.0.1c/ssl/ssl_cert.c 2012-09-07 10:33:54.000000000 +0200
|
|
@@ -164,14 +164,14 @@ static void ssl_cert_set_default_md(CERT
|
|
{
|
|
/* Set digest values to defaults */
|
|
#ifndef OPENSSL_NO_DSA
|
|
- cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_dss1();
|
|
+ cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
|
|
#endif
|
|
#ifndef OPENSSL_NO_RSA
|
|
cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
|
|
cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
|
|
#endif
|
|
#ifndef OPENSSL_NO_ECDSA
|
|
- cert->pkeys[SSL_PKEY_ECC].digest = EVP_ecdsa();
|
|
+ cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
|
|
#endif
|
|
}
|
|
|
|
diff -up openssl-1.0.1c/ssl/t1_lib.c.backports2 openssl-1.0.1c/ssl/t1_lib.c
|
|
--- openssl-1.0.1c/ssl/t1_lib.c.backports2 2012-03-21 22:32:57.000000000 +0100
|
|
+++ openssl-1.0.1c/ssl/t1_lib.c 2012-09-07 10:33:54.000000000 +0200
|
|
@@ -2414,7 +2414,7 @@ int tls1_process_sigalgs(SSL *s, const u
|
|
*/
|
|
#ifndef OPENSSL_NO_DSA
|
|
if (!c->pkeys[SSL_PKEY_DSA_SIGN].digest)
|
|
- c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_dss1();
|
|
+ c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
|
|
#endif
|
|
#ifndef OPENSSL_NO_RSA
|
|
if (!c->pkeys[SSL_PKEY_RSA_SIGN].digest)
|
|
@@ -2425,7 +2425,7 @@ int tls1_process_sigalgs(SSL *s, const u
|
|
#endif
|
|
#ifndef OPENSSL_NO_ECDSA
|
|
if (!c->pkeys[SSL_PKEY_ECC].digest)
|
|
- c->pkeys[SSL_PKEY_ECC].digest = EVP_ecdsa();
|
|
+ c->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
|
|
#endif
|
|
return 1;
|
|
}
|