hsist
/
freifunkist-firmware
6
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

openssl: update to v0.9.8n, thanks Peter Wagner

Browse Source 
SVN-Revision: 21382
master
Jo-Philipp Wich 15 years ago
parent 89ba5f098e
commit 731983969a
3 changed files with 3 additions and 38 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      package/openssl/Makefile
  2. 20
      package/openssl/patches/200-ocf-20100325.patch
  3. 15
      package/openssl/patches/400-cve-2010-0740.patch

6
package/openssl/Makefile
Unescape View File

@ -8,15 +8,15 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=openssl PKG_NAME:=openssl
PKG_VERSION:=0.9.8m PKG_VERSION:=0.9.8n
PKG_RELEASE:=4 PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.openssl.org/source/ \ PKG_SOURCE_URL:=http://www.openssl.org/source/ \
ftp://ftp.funet.fi/pub/crypt/cryptography/libs/openssl/source/ \ ftp://ftp.funet.fi/pub/crypt/cryptography/libs/openssl/source/ \
ftp://ftp.webmonster.de/pub/openssl/source/ \ ftp://ftp.webmonster.de/pub/openssl/source/ \
ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/ ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/
PKG_MD5SUM:=898bf125370926d5f692a2201124f8ec PKG_MD5SUM:=076d8efc3ed93646bd01f04e23c07066
PKG_BUILD_DEPENDS:=ocf-crypto-headers PKG_BUILD_DEPENDS:=ocf-crypto-headers
PKG_CONFIG_DEPENDS:=CONFIG_OPENSSL_ENGINE PKG_CONFIG_DEPENDS:=CONFIG_OPENSSL_ENGINE

20
package/openssl/patches/200-ocf-20100325.patch
Unescape View File

@ -1121,16 +1121,6 @@
if (kop->crk_param[i].crp_p) if (kop->crk_param[i].crp_p)
free(kop->crk_param[i].crp_p); free(kop->crk_param[i].crp_p);
kop->crk_param[i].crp_p = NULL; kop->crk_param[i].crp_p = NULL;
@@ -757,6 +1025,9 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BI
if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+ fprintf(stderr, "cryptodev_asym: CRK_MOD_EXP %s failed, "
+ "Running in software\n", errno==kop.crk_status ?
+ "hardware operation" : "asym process");
ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
}
err:
@@ -768,7 +1039,6 @@ static int @@ -768,7 +1039,6 @@ static int
cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
{ {
@ -1139,16 +1129,6 @@
r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL); r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
return (r); return (r);
} }
@@ -803,6 +1073,9 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const
if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+ fprintf(stderr, "cryptodev_asym: CRK_MOD_EXP_CRT %s failed, "
+ "Running in software\n", errno==kop.crk_status ?
+ "hardware operation" : "asym process");
ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
}
err:
@@ -904,6 +1177,9 @@ cryptodev_dsa_do_sign(const unsigned cha @@ -904,6 +1177,9 @@ cryptodev_dsa_do_sign(const unsigned cha
const DSA_METHOD *meth = DSA_OpenSSL(); const DSA_METHOD *meth = DSA_OpenSSL();
BN_free(r); BN_free(r);

15
package/openssl/patches/400-cve-2010-0740.patch
Unescape View File

@ -1,15 +0,0 @@
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -291,9 +291,9 @@ again:
if (version != s->version)
{
SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
- /* Send back error using their
- * version number :-) */
- s->version=version;
+ if ((s->version & 0xFF00) == (version & 0xFF00))
+ /* Send back error using their minor version number :-) */
+ s->version = (unsigned short)version;
al=SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
Write Preview
Loading…
Cancel
Save