deps: upgrade to openssl 1.0.1q

Contains fixes for:

* CVE-2015-3194 Certificate verify crash with missing PSS parameter
* CVE-2015-3195 X509_ATTRIBUTE memory leak

fixup! character encoding noise

fixup! update opensslconf.h

PR-URL: #4133
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

Author: bnoordhuis

deps/openssl/asm/arm-elf-gas/bn/armv4-gf2m.S

@@ -11,13 +11,13 @@
 mul_1x1_neon:
 	vshl.u64	d2,d16,#8	@ q1-q3 are slided
 
-	vmull.p8	q0,d16,d17	@ a·bb
+	vmull.p8	q0,d16,d17	@ a·bb
 	vshl.u64	d4,d16,#16
-	vmull.p8	q1,d2,d17	@ a<<8·bb
+	vmull.p8	q1,d2,d17	@ a<<8·bb
 	vshl.u64	d6,d16,#24
-	vmull.p8	q2,d4,d17	@ a<<16·bb
+	vmull.p8	q2,d4,d17	@ a<<16·bb
 	vshr.u64	d2,#8
-	vmull.p8	q3,d6,d17	@ a<<24·bb
+	vmull.p8	q3,d6,d17	@ a<<24·bb
 	vshl.u64	d3,#24
 	veor		d0,d2
 	vshr.u64	d4,#16
@@ -132,20 +132,20 @@ bn_GF2m_mul_2x2:
 
 	vmov	d16,d18
 	vmov	d17,d19
-	bl	mul_1x1_neon		@ a1·b1
+	bl	mul_1x1_neon		@ a1·b1
 	vmov	d22,d0
 
 	vmov	d16,d20
 	vmov	d17,d21
-	bl	mul_1x1_neon		@ a0·b0
+	bl	mul_1x1_neon		@ a0·b0
 	vmov	d23,d0
 
 	veor	d16,d20,d18
 	veor	d17,d21,d19
 	veor	d20,d23,d22
-	bl	mul_1x1_neon		@ (a0+a1)·(b0+b1)
+	bl	mul_1x1_neon		@ (a0+a1)·(b0+b1)
 
-	veor	d0,d20			@ (a0+a1)·(b0+b1)-a0·b0-a1·b1
+	veor	d0,d20			@ (a0+a1)·(b0+b1)-a0·b0-a1·b1
 	vshl.u64 d1,d0,#32
 	vshr.u64 d0,d0,#32
 	veor	d23,d1
@@ -165,7 +165,7 @@ bn_GF2m_mul_2x2:
 	mov	r12,#7<<2
 	sub	sp,sp,#32		@ allocate tab[8]
 
-	bl	mul_1x1_ialu		@ a1·b1
+	bl	mul_1x1_ialu		@ a1·b1
 	str	r5,[r10,#8]
 	str	r4,[r10,#12]
 
@@ -175,13 +175,13 @@ bn_GF2m_mul_2x2:
 	 eor	r2,r2,r1
 	eor	r0,r0,r3
 	 eor	r1,r1,r2
-	bl	mul_1x1_ialu		@ a0·b0
+	bl	mul_1x1_ialu		@ a0·b0
 	str	r5,[r10]
 	str	r4,[r10,#4]
 
 	eor	r1,r1,r2
 	eor	r0,r0,r3
-	bl	mul_1x1_ialu		@ (a1+a0)·(b1+b0)
+	bl	mul_1x1_ialu		@ (a1+a0)·(b1+b0)
 	ldmia	r10,{r6-r9}
 	eor	r5,r5,r4
 	eor	r4,r4,r7

deps/openssl/asm/arm-elf-gas/modes/ghash-armv4.S

@@ -368,8 +368,8 @@ gcm_ghash_neon:
 	vdup.8		d4,d28[0]	@ broadcast lowest byte
 .Linner_neon:
 	subs		r1,r1,#1
-	vmull.p8	q9,d1,d4		@ H.lo·Xi[i]
-	vmull.p8	q8,d0,d4		@ H.hi·Xi[i]
+	vmull.p8	q9,d1,d4		@ H.lo·Xi[i]
+	vmull.p8	q8,d0,d4		@ H.hi·Xi[i]
 	vext.8		q14,q12,#1		@ IN>>=8
 
 	veor		q10,q13		@ modulo-scheduled part
@@ -382,7 +382,7 @@ gcm_ghash_neon:
 	vsli.8		d2,d3,#1		@ compose the "carry" byte
 	vext.8		q10,q12,#1		@ Z>>=8
 
-	vmull.p8	q11,d2,d5		@ "carry"·0xe1
+	vmull.p8	q11,d2,d5		@ "carry"·0xe1
 	vshr.u8		d2,d3,#7		@ save Z's bottom bit
 	vext.8		q13,q9,q12,#1	@ Qlo>>=8
 	veor		q10,q8

deps/openssl/config/opensslconf.h

@@ -299,7 +299,7 @@
       even newer MIPS CPU's, but at the moment one size fits all for
       optimization options.  Older Sparc's work better with only UNROLL, but
       there's no way to tell at compile time what it is you're running on */
-#  if defined( sun )		/* Newer Sparc's */
+#  if defined( __sun ) || defined ( sun )		/* Newer Sparc's */
 #    define DES_PTR
 #    define DES_RISC1
 #    define DES_UNROLL

deps/openssl/openssl/apps/Makefile

@@ -135,7 +135,7 @@ update: openssl-vms.cnf local_depend
 depend: local_depend
 	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
 local_depend:
-	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
+	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
 
 dclean:
 	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new

deps/openssl/openssl/apps/apps.c

@@ -119,9 +119,6 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#if !defined(OPENSSL_SYSNAME_WIN32) && !defined(NETWARE_CLIB)
-# include <strings.h>
-#endif
 #include <sys/types.h>
 #include <ctype.h>
 #include <errno.h>
@@ -1247,7 +1244,11 @@ int set_name_ex(unsigned long *flags, const char *arg)
         {"ca_default", XN_FLAG_MULTILINE, 0xffffffffL},
         {NULL, 0, 0}
     };
-    return set_multi_opts(flags, arg, ex_tbl);
+    if (set_multi_opts(flags, arg, ex_tbl) == 0)
+        return 0;
+    if ((*flags & XN_FLAG_SEP_MASK) == 0)
+        *flags |= XN_FLAG_SEP_CPLUS_SPC;
+    return 1;
 }
 
 int set_ext_copy(int *copy_type, const char *arg)

deps/openssl/openssl/apps/asn1pars.c

@@ -313,9 +313,9 @@ int MAIN(int argc, char **argv)
             }
             typ = ASN1_TYPE_get(at);
             if ((typ == V_ASN1_OBJECT)
+                || (typ == V_ASN1_BOOLEAN)
                 || (typ == V_ASN1_NULL)) {
-                BIO_printf(bio_err, "Can't parse %s type\n",
-                           typ == V_ASN1_NULL ? "NULL" : "OBJECT");
+                BIO_printf(bio_err, "Can't parse %s type\n", ASN1_tag2str(typ));
                 ERR_print_errors(bio_err);
                 goto end;
             }

deps/openssl/openssl/apps/ca.c

@@ -99,25 +99,19 @@
 #undef PROG
 #define PROG ca_main
 
-#define BASE_SECTION    "ca"
-#define CONFIG_FILE "openssl.cnf"
+#define BASE_SECTION            "ca"
+#define CONFIG_FILE             "openssl.cnf"
 
 #define ENV_DEFAULT_CA          "default_ca"
 
-#define STRING_MASK     "string_mask"
+#define STRING_MASK             "string_mask"
 #define UTF8_IN                 "utf8"
 
-#define ENV_DIR                 "dir"
-#define ENV_CERTS               "certs"
-#define ENV_CRL_DIR             "crl_dir"
-#define ENV_CA_DB               "CA_DB"
 #define ENV_NEW_CERTS_DIR       "new_certs_dir"
 #define ENV_CERTIFICATE         "certificate"
 #define ENV_SERIAL              "serial"
 #define ENV_CRLNUMBER           "crlnumber"
-#define ENV_CRL                 "crl"
 #define ENV_PRIVATE_KEY         "private_key"
-#define ENV_RANDFILE            "RANDFILE"
 #define ENV_DEFAULT_DAYS        "default_days"
 #define ENV_DEFAULT_STARTDATE   "default_startdate"
 #define ENV_DEFAULT_ENDDATE     "default_enddate"
@@ -2520,6 +2514,8 @@ static int do_updatedb(CA_DB *db)
     char **rrow, *a_tm_s;
 
     a_tm = ASN1_UTCTIME_new();
+    if (a_tm == NULL)
+        return -1;
 
     /* get actual time and make a string */
     a_tm = X509_gmtime_adj(a_tm, 0);

deps/openssl/openssl/apps/ecparam.c

@@ -413,14 +413,13 @@ int MAIN(int argc, char **argv)
     }
 
     if (check) {
-        if (group == NULL)
-            BIO_printf(bio_err, "no elliptic curve parameters\n");
         BIO_printf(bio_err, "checking elliptic curve parameters: ");
         if (!EC_GROUP_check(group, NULL)) {
             BIO_printf(bio_err, "failed\n");
             ERR_print_errors(bio_err);
-        } else
-            BIO_printf(bio_err, "ok\n");
+            goto end;
+        }
+        BIO_printf(bio_err, "ok\n");
 
     }
 

deps/openssl/openssl/apps/engine.c

@@ -99,8 +99,6 @@ static void identity(char *ptr)
 
 static int append_buf(char **buf, const char *s, int *size, int step)
 {
-    int l = strlen(s);
-
     if (*buf == NULL) {
         *size = step;
         *buf = OPENSSL_malloc(*size);
@@ -109,9 +107,6 @@ static int append_buf(char **buf, const char *s, int *size, int step)
         **buf = '\0';
     }
 
-    if (**buf != '\0')
-        l += 2;                 /* ", " */
-
     if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
         *size += step;
         *buf = OPENSSL_realloc(*buf, *size);

deps/openssl/openssl/apps/md4.c

@@ -1 +1 @@
-../crypto/md4/md4.c
+openssl-1.0.1q/../crypto/md4/md4.c

deps/openssl/openssl/apps/ocsp.c

@@ -1220,8 +1220,8 @@ static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path,
         return NULL;
     }
 
-    if (BIO_get_fd(cbio, &fd) <= 0) {
-        BIO_puts(err, "Can't get connection fd\n");
+    if (BIO_get_fd(cbio, &fd) < 0) {
+        BIO_puts(bio_err, "Can't get connection fd\n");
         goto err;
     }
 

deps/openssl/openssl/apps/pkcs12.c

@@ -134,20 +134,20 @@ int MAIN(int argc, char **argv)
 
     apps_startup();
 
-# ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-    else
-# endif
-        cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
-
     enc = EVP_des_ede3_cbc();
     if (bio_err == NULL)
         bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
 
     if (!load_config(bio_err, NULL))
         goto end;
 
+# ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+    else
+# endif
+        cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+
     args = argv + 1;
 
     while (*args) {

deps/openssl/openssl/apps/s_client.c

@@ -1899,6 +1899,9 @@ int MAIN(int argc, char **argv)
         EVP_PKEY_free(key);
     if (pass)
         OPENSSL_free(pass);
+#ifndef OPENSSL_NO_SRP
+    OPENSSL_free(srp_arg.srppassin);
+#endif
     if (vpm)
         X509_VERIFY_PARAM_free(vpm);
     if (cbuf != NULL) {

deps/openssl/openssl/apps/s_server.c

@@ -2654,6 +2654,21 @@ static int www_body(char *hostname, int s, unsigned char *context)
                 goto err;
             } else {
                 BIO_printf(bio_s_out, "read R BLOCK\n");
+#ifndef OPENSSL_NO_SRP
+                if (BIO_should_io_special(io)
+                    && BIO_get_retry_reason(io) == BIO_RR_SSL_X509_LOOKUP) {
+                    BIO_printf(bio_s_out, "LOOKUP renego during read\n");
+                    srp_callback_parm.user =
+                        SRP_VBASE_get_by_user(srp_callback_parm.vb,
+                                              srp_callback_parm.login);
+                    if (srp_callback_parm.user)
+                        BIO_printf(bio_s_out, "LOOKUP done %s\n",
+                                   srp_callback_parm.user->info);
+                    else
+                        BIO_printf(bio_s_out, "LOOKUP not successful\n");
+                    continue;
+                }
+#endif
 #if defined(OPENSSL_SYS_NETWARE)
                 delay(1000);
 #elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__)

deps/openssl/openssl/crypto/aes/asm/aes-586.pl

@@ -45,7 +45,7 @@
 # the undertaken effort was that it appeared that in tight IA-32
 # register window little-endian flavor could achieve slightly higher
 # Instruction Level Parallelism, and it indeed resulted in up to 15%
-# better performance on most recent µ-archs...
+# better performance on most recent µ-archs...
 #
 # Third version adds AES_cbc_encrypt implementation, which resulted in
 # up to 40% performance imrovement of CBC benchmark results. 40% was
@@ -223,7 +223,7 @@
 $speed_limit=512;	# chunks smaller than $speed_limit are
 			# processed with compact routine in CBC mode
 $small_footprint=1;	# $small_footprint=1 code is ~5% slower [on
-			# recent µ-archs], but ~5 times smaller!
+			# recent µ-archs], but ~5 times smaller!
 			# I favor compact code to minimize cache
 			# contention and in hope to "collect" 5% back
 			# in real-life applications...
@@ -562,7 +562,7 @@ ()
 # Performance is not actually extraordinary in comparison to pure
 # x86 code. In particular encrypt performance is virtually the same.
 # Decrypt performance on the other hand is 15-20% better on newer
-# µ-archs [but we're thankful for *any* improvement here], and ~50%
+# µ-archs [but we're thankful for *any* improvement here], and ~50%
 # better on PIII:-) And additionally on the pros side this code
 # eliminates redundant references to stack and thus relieves/
 # minimizes the pressure on the memory bus.

deps/openssl/openssl/crypto/aes/asm/aesni-x86.pl

@@ -74,7 +74,7 @@
 $inout4="xmm6";	$in0="xmm6";
 $inout5="xmm7";	$ivec="xmm7";
 
-# AESNI extenstion
+# AESNI extension
 sub aeskeygenassist
 { my($dst,$src,$imm)=@_;
     if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)

deps/openssl/openssl/crypto/asn1/asn1_par.c

@@ -62,6 +62,10 @@
 #include <openssl/objects.h>
 #include <openssl/asn1.h>
 
+#ifndef ASN1_PARSE_MAXDEPTH
+#define ASN1_PARSE_MAXDEPTH 128
+#endif
+
 static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
                            int indent);
 static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
@@ -128,6 +132,12 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
 #else
     dump_indent = 6;            /* Because we know BIO_dump_indent() */
 #endif
+
+    if (depth > ASN1_PARSE_MAXDEPTH) {
+            BIO_puts(bp, "BAD RECURSION DEPTH\n");
+            return 0;
+    }
+
     p = *pp;
     tot = p + length;
     op = p - 1;