diff --git a/0001-Axe-builtin-printf-implementation-use-glibc-instead.patch b/0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
index 252ace0..c3732db 100644
--- a/0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
+++ b/0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
@@ -4,10 +4,10 @@ Date: Sun, 4 May 2014 23:36:54 -0400
Subject: [PATCH] Axe builtin printf implementation, use glibc instead
-Index: openssl-1.0.2a/crypto/bio/b_print.c
+Index: openssl-1.0.2b/crypto/bio/b_print.c
===================================================================
---- openssl-1.0.2a.orig/crypto/bio/b_print.c 2015-05-24 13:30:38.744606756 +0200
-+++ openssl-1.0.2a/crypto/bio/b_print.c 2015-05-24 13:41:38.708200825 +0200
+--- openssl-1.0.2b.orig/crypto/bio/b_print.c 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/bio/b_print.c 2015-06-11 17:50:00.893823977 +0200
@@ -56,17 +56,10 @@
* [including the GNU Public Licence.]
*/
@@ -28,7 +28,7 @@ Index: openssl-1.0.2a/crypto/bio/b_print.c
#include <stdio.h>
#include <string.h>
#include <ctype.h>
-@@ -79,671 +72,6 @@
+@@ -79,668 +72,6 @@
#include <openssl/bn.h> /* To get BN_LLONG properly defined */
#include <openssl/bio.h>
@@ -657,32 +657,29 @@ Index: openssl-1.0.2a/crypto/bio/b_print.c
- /* If we haven't at least one buffer, someone has doe a big booboo */
- assert(*sbuffer != NULL || buffer != NULL);
-
-- if (buffer) {
-- while (*currlen >= *maxlen) {
-- if (*buffer == NULL) {
-- if (*maxlen == 0)
-- *maxlen = 1024;
-- *buffer = OPENSSL_malloc(*maxlen);
-- if(!*buffer) {
-- /* Panic! Can't really do anything sensible. Just return */
-- return;
-- }
-- if (*currlen > 0) {
-- assert(*sbuffer != NULL);
-- memcpy(*buffer, *sbuffer, *currlen);
-- }
-- *sbuffer = NULL;
-- } else {
-- *maxlen += 1024;
-- *buffer = OPENSSL_realloc(*buffer, *maxlen);
-- if(!*buffer) {
-- /* Panic! Can't really do anything sensible. Just return */
-- return;
-- }
+- /* |currlen| must always be <= |*maxlen| */
+- assert(*currlen <= *maxlen);
+-
+- if (buffer && *currlen == *maxlen) {
+- *maxlen += 1024;
+- if (*buffer == NULL) {
+- *buffer = OPENSSL_malloc(*maxlen);
+- if (!*buffer) {
+- /* Panic! Can't really do anything sensible. Just return */
+- return;
+- }
+- if (*currlen > 0) {
+- assert(*sbuffer != NULL);
+- memcpy(*buffer, *sbuffer, *currlen);
+- }
+- *sbuffer = NULL;
+- } else {
+- *buffer = OPENSSL_realloc(*buffer, *maxlen);
+- if (!*buffer) {
+- /* Panic! Can't really do anything sensible. Just return */
+- return;
- }
- }
-- /* What to do if *buffer is NULL? */
-- assert(*sbuffer != NULL || *buffer != NULL);
- }
-
- if (*currlen < *maxlen) {
@@ -700,7 +697,7 @@ Index: openssl-1.0.2a/crypto/bio/b_print.c
int BIO_printf(BIO *bio, const char *format, ...)
{
va_list args;
-@@ -757,28 +85,36 @@ int BIO_printf(BIO *bio, const char *for
+@@ -754,28 +85,36 @@ int BIO_printf(BIO *bio, const char *for
return (ret);
}
@@ -756,7 +753,7 @@ Index: openssl-1.0.2a/crypto/bio/b_print.c
return (ret);
}
-@@ -794,28 +130,22 @@ int BIO_snprintf(char *buf, size_t n, co
+@@ -791,28 +130,22 @@ int BIO_snprintf(char *buf, size_t n, co
int ret;
va_start(args, format);
diff --git a/0001-libcrypto-Hide-library-private-symbols.patch b/0001-libcrypto-Hide-library-private-symbols.patch
index 64b5c74..023ce2f 100644
--- a/0001-libcrypto-Hide-library-private-symbols.patch
+++ b/0001-libcrypto-Hide-library-private-symbols.patch
@@ -37,10 +37,10 @@ Subject: [PATCH] libcrypto: Hide library-private symbols
crypto/x509v3/pcy_int.h | 3 +++
31 files changed, 85 insertions(+), 17 deletions(-)
-Index: openssl-1.0.2a/apps/Makefile
+Index: openssl-1.0.2b/apps/Makefile
===================================================================
---- openssl-1.0.2a.orig/apps/Makefile 2015-05-29 13:57:01.496491593 +0200
-+++ openssl-1.0.2a/apps/Makefile 2015-05-29 13:58:53.830777136 +0200
+--- openssl-1.0.2b.orig/apps/Makefile 2015-06-11 15:55:38.000000000 +0200
++++ openssl-1.0.2b/apps/Makefile 2015-06-11 17:50:03.669860202 +0200
@@ -20,7 +20,7 @@ EXE_EXT=
SHLIB_TARGET=
@@ -50,10 +50,10 @@ Index: openssl-1.0.2a/apps/Makefile
GENERAL=Makefile makeapps.com install.com
-Index: openssl-1.0.2a/crypto/asn1/asn1_locl.h
+Index: openssl-1.0.2b/crypto/asn1/asn1_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/asn1/asn1_locl.h 2015-05-29 13:57:01.496491593 +0200
-+++ openssl-1.0.2a/crypto/asn1/asn1_locl.h 2015-05-29 13:59:35.960258988 +0200
+--- openssl-1.0.2b.orig/crypto/asn1/asn1_locl.h 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/asn1/asn1_locl.h 2015-06-11 17:50:03.670860215 +0200
@@ -62,6 +62,8 @@
int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d);
int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d);
@@ -69,10 +69,10 @@ Index: openssl-1.0.2a/crypto/asn1/asn1_locl.h
};
+
+#pragma GCC visibility pop
-Index: openssl-1.0.2a/crypto/bn/bn_lcl.h
+Index: openssl-1.0.2b/crypto/bn/bn_lcl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/bn/bn_lcl.h 2015-05-29 13:57:01.497491605 +0200
-+++ openssl-1.0.2a/crypto/bn/bn_lcl.h 2015-05-29 14:00:30.503883360 +0200
+--- openssl-1.0.2b.orig/crypto/bn/bn_lcl.h 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/bn/bn_lcl.h 2015-06-11 17:50:03.670860215 +0200
@@ -505,6 +505,8 @@ unsigned __int64 _umul128(unsigned __int
# undef bn_div_words
# endif
@@ -91,10 +91,10 @@ Index: openssl-1.0.2a/crypto/bn/bn_lcl.h
#ifdef __cplusplus
}
#endif
-Index: openssl-1.0.2a/crypto/cast/cast_lcl.h
+Index: openssl-1.0.2b/crypto/cast/cast_lcl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/cast/cast_lcl.h 2015-05-29 13:57:01.497491605 +0200
-+++ openssl-1.0.2a/crypto/cast/cast_lcl.h 2015-05-29 13:58:53.831777147 +0200
+--- openssl-1.0.2b.orig/crypto/cast/cast_lcl.h 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/cast/cast_lcl.h 2015-06-11 17:50:03.670860215 +0200
@@ -217,6 +217,7 @@
}
#endif
@@ -108,10 +108,10 @@ Index: openssl-1.0.2a/crypto/cast/cast_lcl.h
extern const CAST_LONG CAST_S_table6[256];
extern const CAST_LONG CAST_S_table7[256];
+#pragma GCC visibility pop
-Index: openssl-1.0.2a/crypto/cms/cms_lcl.h
+Index: openssl-1.0.2b/crypto/cms/cms_lcl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/cms/cms_lcl.h 2015-05-29 13:57:01.498491617 +0200
-+++ openssl-1.0.2a/crypto/cms/cms_lcl.h 2015-05-29 14:02:50.582486082 +0200
+--- openssl-1.0.2b.orig/crypto/cms/cms_lcl.h 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/cms/cms_lcl.h 2015-06-11 17:50:03.670860215 +0200
@@ -410,6 +410,8 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerA
# define CMS_OIK_KEYIDENTIFIER 1
# define CMS_OIK_PUBKEY 2
@@ -130,10 +130,10 @@ Index: openssl-1.0.2a/crypto/cms/cms_lcl.h
#ifdef __cplusplus
}
#endif
-Index: openssl-1.0.2a/crypto/des/des_locl.h
+Index: openssl-1.0.2b/crypto/des/des_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/des/des_locl.h 2015-05-29 13:58:53.832777158 +0200
-+++ openssl-1.0.2a/crypto/des/des_locl.h 2015-05-29 14:03:58.545263671 +0200
+--- openssl-1.0.2b.orig/crypto/des/des_locl.h 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/des/des_locl.h 2015-06-11 17:50:03.670860215 +0200
@@ -432,10 +432,12 @@
PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
}
@@ -147,10 +147,10 @@ Index: openssl-1.0.2a/crypto/des/des_locl.h
# ifdef OPENSSL_SMALL_FOOTPRINT
# undef DES_UNROLL
-Index: openssl-1.0.2a/crypto/dsa/dsa_locl.h
+Index: openssl-1.0.2b/crypto/dsa/dsa_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsa_locl.h 2015-05-29 13:58:53.832777158 +0200
-+++ openssl-1.0.2a/crypto/dsa/dsa_locl.h 2015-05-29 14:05:14.177128917 +0200
+--- openssl-1.0.2b.orig/crypto/dsa/dsa_locl.h 2015-06-11 17:41:59.488534507 +0200
++++ openssl-1.0.2b/crypto/dsa/dsa_locl.h 2015-06-11 17:50:03.670860215 +0200
@@ -58,7 +58,7 @@ int dsa_builtin_paramgen(DSA *ret, size_
const EVP_MD *evpmd, const unsigned char *seed_in,
size_t seed_len,
@@ -160,10 +160,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_locl.h
int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
const EVP_MD *evpmd, const unsigned char *seed_in,
-Index: openssl-1.0.2a/crypto/ec/ec_lcl.h
+Index: openssl-1.0.2b/crypto/ec/ec_lcl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/ec/ec_lcl.h 2015-05-29 13:57:01.499491629 +0200
-+++ openssl-1.0.2a/crypto/ec/ec_lcl.h 2015-05-29 13:58:53.833777170 +0200
+--- openssl-1.0.2b.orig/crypto/ec/ec_lcl.h 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/ec/ec_lcl.h 2015-06-11 17:50:03.671860227 +0200
@@ -89,6 +89,8 @@
* change in future versions.
*/
@@ -173,16 +173,16 @@ Index: openssl-1.0.2a/crypto/ec/ec_lcl.h
struct ec_method_st {
/* Various method flags */
int flags;
-@@ -574,3 +576,5 @@ EC_GROUP *FIPS_ec_group_new_curve_gf2m(c
+@@ -566,3 +568,5 @@ EC_GROUP *FIPS_ec_group_new_curve_gf2m(c
const BIGNUM *b, BN_CTX *ctx);
EC_GROUP *FIPS_ec_group_new_by_curve_name(int nid);
#endif
+
+#pragma GCC visibility pop
-Index: openssl-1.0.2a/crypto/ecdh/ech_locl.h
+Index: openssl-1.0.2b/crypto/ecdh/ech_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/ecdh/ech_locl.h 2015-05-29 13:57:01.499491629 +0200
-+++ openssl-1.0.2a/crypto/ecdh/ech_locl.h 2015-05-29 14:06:06.800730916 +0200
+--- openssl-1.0.2b.orig/crypto/ecdh/ech_locl.h 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/ecdh/ech_locl.h 2015-06-11 17:50:03.671860227 +0200
@@ -58,6 +58,8 @@
# include <openssl/ecdh.h>
@@ -198,10 +198,10 @@ Index: openssl-1.0.2a/crypto/ecdh/ech_locl.h
+#pragma GCC visibility pop
#endif /* HEADER_ECH_LOCL_H */
-Index: openssl-1.0.2a/crypto/ecdsa/ecs_locl.h
+Index: openssl-1.0.2b/crypto/ecdsa/ecs_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/ecdsa/ecs_locl.h 2015-05-29 13:57:01.499491629 +0200
-+++ openssl-1.0.2a/crypto/ecdsa/ecs_locl.h 2015-05-29 14:06:33.641037950 +0200
+--- openssl-1.0.2b.orig/crypto/ecdsa/ecs_locl.h 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/ecdsa/ecs_locl.h 2015-06-11 17:50:03.671860227 +0200
@@ -61,6 +61,8 @@
# include <openssl/ecdsa.h>
@@ -217,10 +217,10 @@ Index: openssl-1.0.2a/crypto/ecdsa/ecs_locl.h
+#pragma GCC visibility pop
#endif /* HEADER_ECS_LOCL_H */
-Index: openssl-1.0.2a/crypto/engine/eng_int.h
+Index: openssl-1.0.2b/crypto/engine/eng_int.h
===================================================================
---- openssl-1.0.2a.orig/crypto/engine/eng_int.h 2015-05-29 13:57:01.499491629 +0200
-+++ openssl-1.0.2a/crypto/engine/eng_int.h 2015-05-29 14:07:02.552368670 +0200
+--- openssl-1.0.2b.orig/crypto/engine/eng_int.h 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/engine/eng_int.h 2015-06-11 17:50:03.671860227 +0200
@@ -69,6 +69,8 @@
/* Take public definitions from engine.h */
# include <openssl/engine.h>
@@ -236,11 +236,11 @@ Index: openssl-1.0.2a/crypto/engine/eng_int.h
+#pragma GCC visibility pop
#endif /* HEADER_ENGINE_INT_H */
-Index: openssl-1.0.2a/crypto/evp/e_aes.c
+Index: openssl-1.0.2b/crypto/evp/e_aes.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/e_aes.c 2015-05-29 13:57:01.501491652 +0200
-+++ openssl-1.0.2a/crypto/evp/e_aes.c 2015-05-29 14:08:41.561501841 +0200
-@@ -115,6 +115,8 @@ typedef struct {
+--- openssl-1.0.2b.orig/crypto/evp/e_aes.c 2015-06-11 17:41:59.490534533 +0200
++++ openssl-1.0.2b/crypto/evp/e_aes.c 2015-06-11 17:50:03.671860227 +0200
+@@ -116,6 +116,8 @@ typedef struct {
# define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4))
@@ -249,7 +249,7 @@ Index: openssl-1.0.2a/crypto/evp/e_aes.c
# ifdef VPAES_ASM
int vpaes_set_encrypt_key(const unsigned char *userKey, int bits,
AES_KEY *key);
-@@ -145,6 +147,7 @@ void bsaes_xts_decrypt(const unsigned ch
+@@ -146,6 +148,7 @@ void bsaes_xts_decrypt(const unsigned ch
size_t len, const AES_KEY *key1,
const AES_KEY *key2, const unsigned char iv[16]);
# endif
@@ -257,7 +257,7 @@ Index: openssl-1.0.2a/crypto/evp/e_aes.c
# ifdef AES_CTR_ASM
void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key,
-@@ -193,6 +196,8 @@ extern unsigned int OPENSSL_ia32cap_P[];
+@@ -194,6 +197,8 @@ extern unsigned int OPENSSL_ia32cap_P[];
*/
# define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
@@ -266,7 +266,7 @@ Index: openssl-1.0.2a/crypto/evp/e_aes.c
int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
AES_KEY *key);
int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
-@@ -262,6 +267,8 @@ void gcm_ghash_avx(u64 Xi[2], const u128
+@@ -263,6 +268,8 @@ void gcm_ghash_avx(u64 Xi[2], const u128
# undef AES_GCM_ASM2 /* minor size optimization */
# endif
@@ -275,12 +275,12 @@ Index: openssl-1.0.2a/crypto/evp/e_aes.c
static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
-Index: openssl-1.0.2a/crypto/evp/e_aes_cbc_hmac_sha1.c
+Index: openssl-1.0.2b/crypto/evp/e_aes_cbc_hmac_sha1.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/e_aes_cbc_hmac_sha1.c 2015-05-29 13:57:01.501491652 +0200
-+++ openssl-1.0.2a/crypto/evp/e_aes_cbc_hmac_sha1.c 2015-05-29 14:09:13.009860938 +0200
+--- openssl-1.0.2b.orig/crypto/evp/e_aes_cbc_hmac_sha1.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/evp/e_aes_cbc_hmac_sha1.c 2015-06-11 17:50:03.672860241 +0200
@@ -97,6 +97,8 @@ typedef struct {
- extern unsigned int OPENSSL_ia32cap_P[3];
+ extern unsigned int OPENSSL_ia32cap_P[];
# define AESNI_CAPABLE (1<<(57-32))
+#pragma GCC visibility push(hidden)
@@ -297,10 +297,10 @@ Index: openssl-1.0.2a/crypto/evp/e_aes_cbc_hmac_sha1.c
# define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
-Index: openssl-1.0.2a/crypto/evp/evp_locl.h
+Index: openssl-1.0.2b/crypto/evp/evp_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/evp_locl.h 2015-05-29 13:57:01.502491662 +0200
-+++ openssl-1.0.2a/crypto/evp/evp_locl.h 2015-05-29 14:09:56.939363434 +0200
+--- openssl-1.0.2b.orig/crypto/evp/evp_locl.h 2015-06-11 17:41:59.492534560 +0200
++++ openssl-1.0.2b/crypto/evp/evp_locl.h 2015-06-11 17:50:03.672860241 +0200
@@ -261,6 +261,8 @@ const EVP_CIPHER *EVP_##cname##_ecb(void
EVP_CIPH_FLAG_DEFAULT_ASN1, \
cipher##_init_key, NULL, NULL, NULL, NULL)
@@ -319,10 +319,10 @@ Index: openssl-1.0.2a/crypto/evp/evp_locl.h
#ifdef OPENSSL_FIPS
# ifdef OPENSSL_DOING_MAKEDEPEND
-Index: openssl-1.0.2a/crypto/md4/md4_locl.h
+Index: openssl-1.0.2b/crypto/md4/md4_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/md4/md4_locl.h 2015-05-29 13:58:53.836777204 +0200
-+++ openssl-1.0.2a/crypto/md4/md4_locl.h 2015-05-29 14:10:54.331025396 +0200
+--- openssl-1.0.2b.orig/crypto/md4/md4_locl.h 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/md4/md4_locl.h 2015-06-11 17:50:03.672860241 +0200
@@ -65,7 +65,7 @@
# define MD4_LONG_LOG2 2 /* default to 32 bits */
#endif
@@ -332,10 +332,10 @@ Index: openssl-1.0.2a/crypto/md4/md4_locl.h
#define DATA_ORDER_IS_LITTLE_ENDIAN
-Index: openssl-1.0.2a/crypto/md5/md5_locl.h
+Index: openssl-1.0.2b/crypto/md5/md5_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/md5/md5_locl.h 2015-05-29 13:58:53.836777204 +0200
-+++ openssl-1.0.2a/crypto/md5/md5_locl.h 2015-05-29 14:11:40.218580180 +0200
+--- openssl-1.0.2b.orig/crypto/md5/md5_locl.h 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/md5/md5_locl.h 2015-06-11 17:50:03.672860241 +0200
@@ -76,7 +76,7 @@
# endif
#endif
@@ -345,10 +345,10 @@ Index: openssl-1.0.2a/crypto/md5/md5_locl.h
#define DATA_ORDER_IS_LITTLE_ENDIAN
-Index: openssl-1.0.2a/crypto/modes/modes_lcl.h
+Index: openssl-1.0.2b/crypto/modes/modes_lcl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/modes/modes_lcl.h 2015-05-29 13:58:53.836777204 +0200
-+++ openssl-1.0.2a/crypto/modes/modes_lcl.h 2015-05-29 14:12:47.352391628 +0200
+--- openssl-1.0.2b.orig/crypto/modes/modes_lcl.h 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/modes/modes_lcl.h 2015-06-11 17:50:03.672860241 +0200
@@ -89,6 +89,9 @@ _asm mov eax, val _asm bswap eax}
# define GETU32(p) ((u32)(p)[0]<<24|(u32)(p)[1]<<16|(u32)(p)[2]<<8|(u32)(p)[3])
# define PUTU32(p,v) ((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v))
@@ -365,10 +365,10 @@ Index: openssl-1.0.2a/crypto/modes/modes_lcl.h
};
+
+#pragma GCC visibility pop
-Index: openssl-1.0.2a/crypto/o_str.h
+Index: openssl-1.0.2b/crypto/o_str.h
===================================================================
---- openssl-1.0.2a.orig/crypto/o_str.h 2015-05-29 13:58:53.836777204 +0200
-+++ openssl-1.0.2a/crypto/o_str.h 2015-05-29 14:13:21.018798729 +0200
+--- openssl-1.0.2b.orig/crypto/o_str.h 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/o_str.h 2015-06-11 17:50:03.672860241 +0200
@@ -61,9 +61,11 @@
# define HEADER_O_STR_H
@@ -381,10 +381,10 @@ Index: openssl-1.0.2a/crypto/o_str.h
+#pragma GCC visibility pop
#endif
-Index: openssl-1.0.2a/crypto/o_time.h
+Index: openssl-1.0.2b/crypto/o_time.h
===================================================================
---- openssl-1.0.2a.orig/crypto/o_time.h 2015-05-29 13:58:53.836777204 +0200
-+++ openssl-1.0.2a/crypto/o_time.h 2015-05-29 14:14:00.740278452 +0200
+--- openssl-1.0.2b.orig/crypto/o_time.h 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/o_time.h 2015-06-11 17:50:03.672860241 +0200
@@ -61,10 +61,12 @@
# define HEADER_O_TIME_H
@@ -398,10 +398,10 @@ Index: openssl-1.0.2a/crypto/o_time.h
+#pragma GCC visibility pop
#endif
-Index: openssl-1.0.2a/crypto/ripemd/rmd_locl.h
+Index: openssl-1.0.2b/crypto/ripemd/rmd_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/ripemd/rmd_locl.h 2015-05-29 13:58:53.837777216 +0200
-+++ openssl-1.0.2a/crypto/ripemd/rmd_locl.h 2015-05-29 14:14:42.587783890 +0200
+--- openssl-1.0.2b.orig/crypto/ripemd/rmd_locl.h 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/ripemd/rmd_locl.h 2015-06-11 17:50:03.673860254 +0200
@@ -76,7 +76,7 @@
# endif
#endif
@@ -411,20 +411,20 @@ Index: openssl-1.0.2a/crypto/ripemd/rmd_locl.h
#define DATA_ORDER_IS_LITTLE_ENDIAN
-Index: openssl-1.0.2a/crypto/rsa/rsa_locl.h
+Index: openssl-1.0.2b/crypto/rsa/rsa_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/rsa/rsa_locl.h 2015-05-29 13:58:53.837777216 +0200
-+++ openssl-1.0.2a/crypto/rsa/rsa_locl.h 2015-05-29 14:15:18.372216267 +0200
+--- openssl-1.0.2b.orig/crypto/rsa/rsa_locl.h 2015-06-11 15:00:12.000000000 +0200
++++ openssl-1.0.2b/crypto/rsa/rsa_locl.h 2015-06-11 17:50:03.673860254 +0200
@@ -1,4 +1,4 @@
extern int int_rsa_verify(int dtype, const unsigned char *m,
unsigned int m_len, unsigned char *rm,
size_t *prm_len, const unsigned char *sigbuf,
- size_t siglen, RSA *rsa);
+ size_t siglen, RSA *rsa) __attribute__ ((visibility ("hidden")));
-Index: openssl-1.0.2a/crypto/sha/sha256.c
+Index: openssl-1.0.2b/crypto/sha/sha256.c
===================================================================
---- openssl-1.0.2a.orig/crypto/sha/sha256.c 2015-05-29 13:58:53.837777216 +0200
-+++ openssl-1.0.2a/crypto/sha/sha256.c 2015-05-29 14:16:36.509166160 +0200
+--- openssl-1.0.2b.orig/crypto/sha/sha256.c 2015-06-11 17:41:59.509534778 +0200
++++ openssl-1.0.2b/crypto/sha/sha256.c 2015-06-11 17:50:03.673860254 +0200
@@ -135,7 +135,7 @@ int SHA224_Final(unsigned char *md, SHA2
# ifndef SHA256_ASM
static
@@ -434,10 +434,10 @@ Index: openssl-1.0.2a/crypto/sha/sha256.c
# include "md32_common.h"
-Index: openssl-1.0.2a/crypto/sha/sha512.c
+Index: openssl-1.0.2b/crypto/sha/sha512.c
===================================================================
---- openssl-1.0.2a.orig/crypto/sha/sha512.c 2015-05-29 13:58:53.837777216 +0200
-+++ openssl-1.0.2a/crypto/sha/sha512.c 2015-05-29 14:17:13.260611799 +0200
+--- openssl-1.0.2b.orig/crypto/sha/sha512.c 2015-06-11 17:41:59.509534778 +0200
++++ openssl-1.0.2b/crypto/sha/sha512.c 2015-06-11 17:50:03.673860254 +0200
@@ -109,7 +109,7 @@ fips_md_init(SHA512)
# ifndef SHA512_ASM
static
@@ -447,10 +447,10 @@ Index: openssl-1.0.2a/crypto/sha/sha512.c
int SHA512_Final(unsigned char *md, SHA512_CTX *c)
{
-Index: openssl-1.0.2a/crypto/sha/sha_locl.h
+Index: openssl-1.0.2b/crypto/sha/sha_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/sha/sha_locl.h 2015-05-29 13:58:53.838777227 +0200
-+++ openssl-1.0.2a/crypto/sha/sha_locl.h 2015-05-29 14:17:59.773173925 +0200
+--- openssl-1.0.2b.orig/crypto/sha/sha_locl.h 2015-06-11 17:41:59.509534778 +0200
++++ openssl-1.0.2b/crypto/sha/sha_locl.h 2015-06-11 17:50:03.673860254 +0200
@@ -108,7 +108,7 @@ static void sha_block_data_order(SHA_CTX
# ifndef SHA1_ASM
static
@@ -460,10 +460,10 @@ Index: openssl-1.0.2a/crypto/sha/sha_locl.h
#else
# error "Either SHA_0 or SHA_1 must be defined."
-Index: openssl-1.0.2a/crypto/store/str_locl.h
+Index: openssl-1.0.2b/crypto/store/str_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/store/str_locl.h 2015-05-29 13:57:01.505491696 +0200
-+++ openssl-1.0.2a/crypto/store/str_locl.h 2015-05-29 13:58:53.838777227 +0200
+--- openssl-1.0.2b.orig/crypto/store/str_locl.h 2015-03-19 15:02:02.000000000 +0100
++++ openssl-1.0.2b/crypto/store/str_locl.h 2015-06-11 17:50:03.673860254 +0200
@@ -63,6 +63,8 @@
# include <openssl/crypto.h>
# include <openssl/store.h>
@@ -480,10 +480,10 @@ Index: openssl-1.0.2a/crypto/store/str_locl.h
-
+#pragma GCC visibility pop
#endif
-Index: openssl-1.0.2a/crypto/ui/ui_locl.h
+Index: openssl-1.0.2b/crypto/ui/ui_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/ui/ui_locl.h 2015-05-29 13:58:53.838777227 +0200
-+++ openssl-1.0.2a/crypto/ui/ui_locl.h 2015-05-29 14:18:44.460717716 +0200
+--- openssl-1.0.2b.orig/crypto/ui/ui_locl.h 2015-03-19 15:02:02.000000000 +0100
++++ openssl-1.0.2b/crypto/ui/ui_locl.h 2015-06-11 17:50:03.673860254 +0200
@@ -67,6 +67,8 @@
# undef _
# endif
@@ -499,19 +499,19 @@ Index: openssl-1.0.2a/crypto/ui/ui_locl.h
+#pragma GCC visibility pop
#endif
-Index: openssl-1.0.2a/crypto/whrlpool/wp_locl.h
+Index: openssl-1.0.2b/crypto/whrlpool/wp_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/whrlpool/wp_locl.h 2015-05-29 13:58:53.838777227 +0200
-+++ openssl-1.0.2a/crypto/whrlpool/wp_locl.h 2015-05-29 14:19:16.174102106 +0200
+--- openssl-1.0.2b.orig/crypto/whrlpool/wp_locl.h 2015-06-11 15:00:12.000000000 +0200
++++ openssl-1.0.2b/crypto/whrlpool/wp_locl.h 2015-06-11 17:50:03.673860254 +0200
@@ -1,3 +1,3 @@
#include <openssl/whrlpool.h>
-void whirlpool_block(WHIRLPOOL_CTX *, const void *, size_t);
+void whirlpool_block(WHIRLPOOL_CTX *, const void *, size_t) __attribute__ ((visibility ("hidden")));
-Index: openssl-1.0.2a/crypto/x509v3/ext_dat.h
+Index: openssl-1.0.2b/crypto/x509v3/ext_dat.h
===================================================================
---- openssl-1.0.2a.orig/crypto/x509v3/ext_dat.h 2015-05-29 13:57:01.505491696 +0200
-+++ openssl-1.0.2a/crypto/x509v3/ext_dat.h 2015-05-29 13:58:53.839777239 +0200
+--- openssl-1.0.2b.orig/crypto/x509v3/ext_dat.h 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/x509v3/ext_dat.h 2015-06-11 17:50:03.674860267 +0200
@@ -58,6 +58,8 @@
*/
/* This file contains a table of "standard" extensions */
@@ -529,10 +529,10 @@ Index: openssl-1.0.2a/crypto/x509v3/ext_dat.h
/* Number of standard extensions */
#define STANDARD_EXTENSION_COUNT (sizeof(standard_exts)/sizeof(X509V3_EXT_METHOD *))
-Index: openssl-1.0.2a/crypto/x509v3/pcy_int.h
+Index: openssl-1.0.2b/crypto/x509v3/pcy_int.h
===================================================================
---- openssl-1.0.2a.orig/crypto/x509v3/pcy_int.h 2015-05-29 13:57:01.506491709 +0200
-+++ openssl-1.0.2a/crypto/x509v3/pcy_int.h 2015-05-29 14:19:55.941583947 +0200
+--- openssl-1.0.2b.orig/crypto/x509v3/pcy_int.h 2015-06-11 15:00:12.000000000 +0200
++++ openssl-1.0.2b/crypto/x509v3/pcy_int.h 2015-06-11 17:50:03.674860267 +0200
@@ -57,6 +57,8 @@
*
*/
@@ -548,10 +548,10 @@ Index: openssl-1.0.2a/crypto/x509v3/pcy_int.h
const X509_POLICY_CACHE *policy_cache_set(X509 *x);
+
+#pragma GCC visibility pop
-Index: openssl-1.0.2a/crypto/modes/gcm128.c
+Index: openssl-1.0.2b/crypto/modes/gcm128.c
===================================================================
---- openssl-1.0.2a.orig/crypto/modes/gcm128.c 2015-05-29 13:58:53.840777250 +0200
-+++ openssl-1.0.2a/crypto/modes/gcm128.c 2015-05-29 14:21:51.614984305 +0200
+--- openssl-1.0.2b.orig/crypto/modes/gcm128.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/modes/gcm128.c 2015-06-11 17:50:03.674860267 +0200
@@ -602,9 +602,9 @@ static void gcm_ghash_4bit(u64 Xi[2], co
}
# endif
@@ -566,7 +566,7 @@ Index: openssl-1.0.2a/crypto/modes/gcm128.c
# define GCM_MUL(ctx,Xi) gcm_gmult_4bit(ctx->Xi.u,ctx->Htable)
@@ -696,10 +696,10 @@ static void gcm_gmult_1bit(u64 Xi[2], co
# define GCM_FUNCREF_4BIT
- extern unsigned int OPENSSL_ia32cap_P[2];
+ extern unsigned int OPENSSL_ia32cap_P[];
-void gcm_init_clmul(u128 Htable[16], const u64 Xi[2]);
-void gcm_gmult_clmul(u64 Xi[2], const u128 Htable[16]);
@@ -578,11 +578,11 @@ Index: openssl-1.0.2a/crypto/modes/gcm128.c
# if defined(__i386) || defined(__i386__) || defined(_M_IX86)
# define gcm_init_avx gcm_init_clmul
-Index: openssl-1.0.2a/crypto/evp/e_rc4_hmac_md5.c
+Index: openssl-1.0.2b/crypto/evp/e_rc4_hmac_md5.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/e_rc4_hmac_md5.c 2015-05-29 13:58:53.840777250 +0200
-+++ openssl-1.0.2a/crypto/evp/e_rc4_hmac_md5.c 2015-05-29 14:22:20.495333738 +0200
-@@ -77,7 +77,7 @@ typedef struct {
+--- openssl-1.0.2b.orig/crypto/evp/e_rc4_hmac_md5.c 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/evp/e_rc4_hmac_md5.c 2015-06-11 17:50:03.674860267 +0200
+@@ -78,7 +78,7 @@ typedef struct {
# define NO_PAYLOAD_LENGTH ((size_t)-1)
void rc4_md5_enc(RC4_KEY *key, const void *in0, void *out,
@@ -591,10 +591,10 @@ Index: openssl-1.0.2a/crypto/evp/e_rc4_hmac_md5.c
# define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data)
-Index: openssl-1.0.2a/crypto/cmac/cm_ameth.c
+Index: openssl-1.0.2b/crypto/cmac/cm_ameth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/cmac/cm_ameth.c 2015-05-29 13:58:53.840777250 +0200
-+++ openssl-1.0.2a/crypto/cmac/cm_ameth.c 2015-05-29 14:23:02.278839089 +0200
+--- openssl-1.0.2b.orig/crypto/cmac/cm_ameth.c 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/cmac/cm_ameth.c 2015-06-11 17:50:03.674860267 +0200
@@ -73,7 +73,7 @@ static void cmac_key_free(EVP_PKEY *pkey
if (cmctx)
CMAC_CTX_free(cmctx);
@@ -604,10 +604,10 @@ Index: openssl-1.0.2a/crypto/cmac/cm_ameth.c
const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = {
EVP_PKEY_CMAC,
EVP_PKEY_CMAC,
-Index: openssl-1.0.2a/crypto/evp/pmeth_lib.c
+Index: openssl-1.0.2b/crypto/evp/pmeth_lib.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/pmeth_lib.c 2015-05-29 13:57:01.507491720 +0200
-+++ openssl-1.0.2a/crypto/evp/pmeth_lib.c 2015-05-29 13:58:53.841777261 +0200
+--- openssl-1.0.2b.orig/crypto/evp/pmeth_lib.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/evp/pmeth_lib.c 2015-06-11 17:50:03.675860280 +0200
@@ -71,7 +71,7 @@
typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
@@ -617,10 +617,10 @@ Index: openssl-1.0.2a/crypto/evp/pmeth_lib.c
extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
-Index: openssl-1.0.2a/crypto/cmac/cm_pmeth.c
+Index: openssl-1.0.2b/crypto/cmac/cm_pmeth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/cmac/cm_pmeth.c 2015-05-29 13:58:53.841777261 +0200
-+++ openssl-1.0.2a/crypto/cmac/cm_pmeth.c 2015-05-29 14:23:33.695219495 +0200
+--- openssl-1.0.2b.orig/crypto/cmac/cm_pmeth.c 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/cmac/cm_pmeth.c 2015-06-11 17:50:03.675860280 +0200
@@ -182,6 +182,7 @@ static int pkey_cmac_ctrl_str(EVP_PKEY_C
return -2;
}
@@ -629,10 +629,10 @@ Index: openssl-1.0.2a/crypto/cmac/cm_pmeth.c
const EVP_PKEY_METHOD cmac_pkey_meth = {
EVP_PKEY_CMAC,
EVP_PKEY_FLAG_SIGCTX_CUSTOM,
-Index: openssl-1.0.2a/crypto/rand/md_rand.c
+Index: openssl-1.0.2b/crypto/rand/md_rand.c
===================================================================
---- openssl-1.0.2a.orig/crypto/rand/md_rand.c 2015-05-29 13:58:53.841777261 +0200
-+++ openssl-1.0.2a/crypto/rand/md_rand.c 2015-05-29 14:24:04.870595846 +0200
+--- openssl-1.0.2b.orig/crypto/rand/md_rand.c 2015-06-11 17:41:59.506534739 +0200
++++ openssl-1.0.2b/crypto/rand/md_rand.c 2015-06-11 17:50:03.675860280 +0200
@@ -164,7 +164,7 @@ static int ssleay_rand_nopseudo_bytes(un
static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
static int ssleay_rand_status(void);
@@ -642,10 +642,10 @@ Index: openssl-1.0.2a/crypto/rand/md_rand.c
ssleay_rand_seed,
ssleay_rand_nopseudo_bytes,
ssleay_rand_cleanup,
-Index: openssl-1.0.2a/crypto/dh/dh_ameth.c
+Index: openssl-1.0.2b/crypto/dh/dh_ameth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dh/dh_ameth.c 2015-05-29 13:58:53.842777273 +0200
-+++ openssl-1.0.2a/crypto/dh/dh_ameth.c 2015-05-29 14:24:30.526905527 +0200
+--- openssl-1.0.2b.orig/crypto/dh/dh_ameth.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/dh/dh_ameth.c 2015-06-11 17:50:03.675860280 +0200
@@ -584,6 +584,7 @@ static int dh_pkey_ctrl(EVP_PKEY *pkey,
}
@@ -654,10 +654,10 @@ Index: openssl-1.0.2a/crypto/dh/dh_ameth.c
const EVP_PKEY_ASN1_METHOD dh_asn1_meth = {
EVP_PKEY_DH,
EVP_PKEY_DH,
-Index: openssl-1.0.2a/crypto/dh/dh_pmeth.c
+Index: openssl-1.0.2b/crypto/dh/dh_pmeth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dh/dh_pmeth.c 2015-05-29 13:58:53.842777273 +0200
-+++ openssl-1.0.2a/crypto/dh/dh_pmeth.c 2015-05-29 14:25:02.208288551 +0200
+--- openssl-1.0.2b.orig/crypto/dh/dh_pmeth.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/dh/dh_pmeth.c 2015-06-11 17:50:03.675860280 +0200
@@ -482,6 +482,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX *
return 1;
}
@@ -666,10 +666,10 @@ Index: openssl-1.0.2a/crypto/dh/dh_pmeth.c
const EVP_PKEY_METHOD dh_pkey_meth = {
EVP_PKEY_DH,
0,
-Index: openssl-1.0.2a/crypto/dsa/dsa_ameth.c
+Index: openssl-1.0.2b/crypto/dsa/dsa_ameth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsa_ameth.c 2015-05-29 13:58:53.842777273 +0200
-+++ openssl-1.0.2a/crypto/dsa/dsa_ameth.c 2015-05-29 14:25:24.527557694 +0200
+--- openssl-1.0.2b.orig/crypto/dsa/dsa_ameth.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/dsa/dsa_ameth.c 2015-06-11 17:50:03.676860293 +0200
@@ -620,6 +620,7 @@ static int dsa_pkey_ctrl(EVP_PKEY *pkey,
/* NB these are sorted in pkey_id order, lowest first */
@@ -678,10 +678,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_ameth.c
const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = {
{
-Index: openssl-1.0.2a/crypto/dsa/dsa_pmeth.c
+Index: openssl-1.0.2b/crypto/dsa/dsa_pmeth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsa_pmeth.c 2015-05-29 13:58:53.843777284 +0200
-+++ openssl-1.0.2a/crypto/dsa/dsa_pmeth.c 2015-05-29 14:25:50.943876979 +0200
+--- openssl-1.0.2b.orig/crypto/dsa/dsa_pmeth.c 2015-06-11 17:41:59.488534507 +0200
++++ openssl-1.0.2b/crypto/dsa/dsa_pmeth.c 2015-06-11 17:50:03.676860293 +0200
@@ -278,6 +278,7 @@ static int pkey_dsa_keygen(EVP_PKEY_CTX
return DSA_generate_key(pkey->pkey.dsa);
}
@@ -690,10 +690,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_pmeth.c
const EVP_PKEY_METHOD dsa_pkey_meth = {
EVP_PKEY_DSA,
EVP_PKEY_FLAG_AUTOARGLEN,
-Index: openssl-1.0.2a/crypto/ec/ec_ameth.c
+Index: openssl-1.0.2b/crypto/ec/ec_ameth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/ec/ec_ameth.c 2015-05-29 13:58:53.843777284 +0200
-+++ openssl-1.0.2a/crypto/ec/ec_ameth.c 2015-05-29 14:26:15.256170382 +0200
+--- openssl-1.0.2b.orig/crypto/ec/ec_ameth.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/ec/ec_ameth.c 2015-06-11 17:50:03.676860293 +0200
@@ -608,6 +608,7 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey,
}
@@ -702,10 +702,10 @@ Index: openssl-1.0.2a/crypto/ec/ec_ameth.c
const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = {
EVP_PKEY_EC,
EVP_PKEY_EC,
-Index: openssl-1.0.2a/crypto/ec/ec_pmeth.c
+Index: openssl-1.0.2b/crypto/ec/ec_pmeth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/ec/ec_pmeth.c 2015-05-29 13:58:53.843777284 +0200
-+++ openssl-1.0.2a/crypto/ec/ec_pmeth.c 2015-05-29 14:26:42.183495689 +0200
+--- openssl-1.0.2b.orig/crypto/ec/ec_pmeth.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/ec/ec_pmeth.c 2015-06-11 17:50:03.676860293 +0200
@@ -491,6 +491,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *
return EC_KEY_generate_key(pkey->pkey.ec);
}
@@ -714,10 +714,10 @@ Index: openssl-1.0.2a/crypto/ec/ec_pmeth.c
const EVP_PKEY_METHOD ec_pkey_meth = {
EVP_PKEY_EC,
0,
-Index: openssl-1.0.2a/crypto/hmac/hm_ameth.c
+Index: openssl-1.0.2b/crypto/hmac/hm_ameth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/hmac/hm_ameth.c 2015-05-29 13:58:53.844777296 +0200
-+++ openssl-1.0.2a/crypto/hmac/hm_ameth.c 2015-05-29 14:27:00.087711757 +0200
+--- openssl-1.0.2b.orig/crypto/hmac/hm_ameth.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/hmac/hm_ameth.c 2015-06-11 17:50:03.676860293 +0200
@@ -135,6 +135,7 @@ static int old_hmac_encode(const EVP_PKE
#endif
@@ -726,10 +726,10 @@ Index: openssl-1.0.2a/crypto/hmac/hm_ameth.c
const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {
EVP_PKEY_HMAC,
EVP_PKEY_HMAC,
-Index: openssl-1.0.2a/crypto/hmac/hm_pmeth.c
+Index: openssl-1.0.2b/crypto/hmac/hm_pmeth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/hmac/hm_pmeth.c 2015-05-29 13:58:53.844777296 +0200
-+++ openssl-1.0.2a/crypto/hmac/hm_pmeth.c 2015-05-29 14:27:18.207930409 +0200
+--- openssl-1.0.2b.orig/crypto/hmac/hm_pmeth.c 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/hmac/hm_pmeth.c 2015-06-11 17:50:03.676860293 +0200
@@ -228,6 +228,7 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_C
return -2;
}
@@ -738,10 +738,10 @@ Index: openssl-1.0.2a/crypto/hmac/hm_pmeth.c
const EVP_PKEY_METHOD hmac_pkey_meth = {
EVP_PKEY_HMAC,
0,
-Index: openssl-1.0.2a/crypto/rsa/rsa_ameth.c
+Index: openssl-1.0.2b/crypto/rsa/rsa_ameth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/rsa/rsa_ameth.c 2015-05-29 13:58:53.844777296 +0200
-+++ openssl-1.0.2a/crypto/rsa/rsa_ameth.c 2015-05-29 14:27:55.153376094 +0200
+--- openssl-1.0.2b.orig/crypto/rsa/rsa_ameth.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/rsa/rsa_ameth.c 2015-06-11 17:50:03.677860306 +0200
@@ -921,6 +921,7 @@ static int rsa_cms_encrypt(CMS_Recipient
return rv;
}
@@ -750,11 +750,11 @@ Index: openssl-1.0.2a/crypto/rsa/rsa_ameth.c
const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = {
{
EVP_PKEY_RSA,
-Index: openssl-1.0.2a/crypto/rsa/rsa_pmeth.c
+Index: openssl-1.0.2b/crypto/rsa/rsa_pmeth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/rsa/rsa_pmeth.c 2015-05-29 13:58:53.845777307 +0200
-+++ openssl-1.0.2a/crypto/rsa/rsa_pmeth.c 2015-05-29 14:28:12.111582149 +0200
-@@ -717,6 +717,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX
+--- openssl-1.0.2b.orig/crypto/rsa/rsa_pmeth.c 2015-06-11 17:41:59.508534765 +0200
++++ openssl-1.0.2b/crypto/rsa/rsa_pmeth.c 2015-06-11 17:50:03.677860306 +0200
+@@ -723,6 +723,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX
return ret;
}
@@ -762,10 +762,10 @@ Index: openssl-1.0.2a/crypto/rsa/rsa_pmeth.c
const EVP_PKEY_METHOD rsa_pkey_meth = {
EVP_PKEY_RSA,
EVP_PKEY_FLAG_AUTOARGLEN,
-Index: openssl-1.0.2a/crypto/objects/obj_xref.c
+Index: openssl-1.0.2b/crypto/objects/obj_xref.c
===================================================================
---- openssl-1.0.2a.orig/crypto/objects/obj_xref.c 2015-05-29 13:57:01.511491765 +0200
-+++ openssl-1.0.2a/crypto/objects/obj_xref.c 2015-05-29 13:58:53.845777307 +0200
+--- openssl-1.0.2b.orig/crypto/objects/obj_xref.c 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/objects/obj_xref.c 2015-06-11 17:50:03.677860306 +0200
@@ -61,7 +61,7 @@
#include "obj_xref.h"
@@ -775,10 +775,10 @@ Index: openssl-1.0.2a/crypto/objects/obj_xref.c
static int sig_cmp(const nid_triple *a, const nid_triple *b)
{
-Index: openssl-1.0.2a/crypto/pem/pem_lib.c
+Index: openssl-1.0.2b/crypto/pem/pem_lib.c
===================================================================
---- openssl-1.0.2a.orig/crypto/pem/pem_lib.c 2015-05-29 13:57:01.512491776 +0200
-+++ openssl-1.0.2a/crypto/pem/pem_lib.c 2015-05-29 13:58:53.845777307 +0200
+--- openssl-1.0.2b.orig/crypto/pem/pem_lib.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/pem/pem_lib.c 2015-06-11 17:50:03.677860306 +0200
@@ -80,7 +80,7 @@ const char PEM_version[] = "PEM" OPENSSL
static int load_iv(char **fromp, unsigned char *to, int num);
@@ -788,10 +788,10 @@ Index: openssl-1.0.2a/crypto/pem/pem_lib.c
int PEM_def_callback(char *buf, int num, int w, void *key)
{
-Index: openssl-1.0.2a/crypto/asn1/tasn_prn.c
+Index: openssl-1.0.2b/crypto/asn1/tasn_prn.c
===================================================================
---- openssl-1.0.2a.orig/crypto/asn1/tasn_prn.c 2015-05-29 13:58:53.845777307 +0200
-+++ openssl-1.0.2a/crypto/asn1/tasn_prn.c 2015-05-29 14:28:41.568929701 +0200
+--- openssl-1.0.2b.orig/crypto/asn1/tasn_prn.c 2015-06-11 15:01:06.000000000 +0200
++++ openssl-1.0.2b/crypto/asn1/tasn_prn.c 2015-06-11 17:50:03.677860306 +0200
@@ -73,7 +73,7 @@
/* ASN1_PCTX routines */
@@ -801,10 +801,10 @@ Index: openssl-1.0.2a/crypto/asn1/tasn_prn.c
ASN1_PCTX_FLAGS_SHOW_ABSENT, /* flags */
0, /* nm_flags */
0, /* cert_flags */
-Index: openssl-1.0.2a/crypto/bn/bn_exp.c
+Index: openssl-1.0.2b/crypto/bn/bn_exp.c
===================================================================
---- openssl-1.0.2a.orig/crypto/bn/bn_exp.c 2015-05-29 13:58:53.846777318 +0200
-+++ openssl-1.0.2a/crypto/bn/bn_exp.c 2015-05-29 14:29:50.256737750 +0200
+--- openssl-1.0.2b.orig/crypto/bn/bn_exp.c 2015-06-11 15:50:11.000000000 +0200
++++ openssl-1.0.2b/crypto/bn/bn_exp.c 2015-06-11 17:50:03.678860319 +0200
@@ -947,10 +947,10 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr
*/
void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap,
@@ -819,10 +819,10 @@ Index: openssl-1.0.2a/crypto/bn/bn_exp.c
void bn_power5(BN_ULONG *rp, const BN_ULONG *ap,
const void *table, const BN_ULONG *np,
const BN_ULONG *n0, int num, int power);
-Index: openssl-1.0.2a/crypto/bn/bn_gf2m.c
+Index: openssl-1.0.2b/crypto/bn/bn_gf2m.c
===================================================================
---- openssl-1.0.2a.orig/crypto/bn/bn_gf2m.c 2015-05-29 13:58:53.846777318 +0200
-+++ openssl-1.0.2a/crypto/bn/bn_gf2m.c 2015-05-29 14:31:03.496598921 +0200
+--- openssl-1.0.2b.orig/crypto/bn/bn_gf2m.c 2015-06-11 15:52:57.000000000 +0200
++++ openssl-1.0.2b/crypto/bn/bn_gf2m.c 2015-06-11 17:50:03.678860319 +0200
@@ -321,7 +321,7 @@ static void bn_GF2m_mul_2x2(BN_ULONG *r,
}
# else
diff --git a/bsc936563_hack.patch b/bsc936563_hack.patch
new file mode 100644
index 0000000..ce27bf0
--- /dev/null
+++ b/bsc936563_hack.patch
@@ -0,0 +1,13 @@
+Index: openssl-1.0.2c/crypto/ec/Makefile
+===================================================================
+--- openssl-1.0.2c.orig/crypto/ec/Makefile
++++ openssl-1.0.2c/crypto/ec/Makefile
+@@ -10,7 +10,7 @@ CFLAG=-g
+ MAKEFILE= Makefile
+ AR= ar r
+
+-CFLAGS= $(INCLUDES) $(CFLAG)
++CFLAGS= $(INCLUDES) $(CFLAG) -O0
+ ASFLAGS= $(INCLUDES) $(ASFLAG)
+ AFLAGS= $(ASFLAGS)
+
diff --git a/compression_methods_switch.patch b/compression_methods_switch.patch
index 916adce..5ffd9b0 100644
--- a/compression_methods_switch.patch
+++ b/compression_methods_switch.patch
@@ -1,10 +1,10 @@
-Index: openssl-1.0.2a/doc/ssl/SSL_COMP_add_compression_method.pod
+Index: openssl-1.0.2b/doc/ssl/SSL_COMP_add_compression_method.pod
===================================================================
---- openssl-1.0.2a.orig/doc/ssl/SSL_COMP_add_compression_method.pod 2015-04-03 22:10:19.262805732 +0200
-+++ openssl-1.0.2a/doc/ssl/SSL_COMP_add_compression_method.pod 2015-04-03 22:10:28.958939879 +0200
-@@ -41,6 +41,24 @@ of compression methods supported on a pe
- The OpenSSL library has the compression methods B<COMP_rle()> and (when
- especially enabled during compilation) B<COMP_zlib()> available.
+--- openssl-1.0.2b.orig/doc/ssl/SSL_COMP_add_compression_method.pod 2015-06-11 20:11:49.353667505 +0200
++++ openssl-1.0.2b/doc/ssl/SSL_COMP_add_compression_method.pod 2015-06-11 20:11:51.183689314 +0200
+@@ -47,6 +47,24 @@ of compression methods supported on a pe
+ If enabled during compilation, the OpenSSL library will have the
+ COMP_zlib() compression method available.
+And, there is an environment variable to switch the compression
+methods off and on. In default the compression is off to mitigate
@@ -27,10 +27,10 @@ Index: openssl-1.0.2a/doc/ssl/SSL_COMP_add_compression_method.pod
=head1 WARNINGS
Once the identities of the compression methods for the TLS protocol have
-Index: openssl-1.0.2a/ssl/ssl_ciph.c
+Index: openssl-1.0.2b/ssl/ssl_ciph.c
===================================================================
---- openssl-1.0.2a.orig/ssl/ssl_ciph.c 2015-04-03 22:10:28.959939893 +0200
-+++ openssl-1.0.2a/ssl/ssl_ciph.c 2015-04-03 22:12:33.425662139 +0200
+--- openssl-1.0.2b.orig/ssl/ssl_ciph.c 2015-06-11 20:11:49.353667505 +0200
++++ openssl-1.0.2b/ssl/ssl_ciph.c 2015-06-11 20:11:51.183689314 +0200
@@ -478,10 +478,16 @@ static void load_builtin_compressions(vo
if (ssl_comp_methods == NULL) {
diff --git a/merge_from_0.9.8k.patch b/merge_from_0.9.8k.patch
index b2cb2b1..d188315 100644
--- a/merge_from_0.9.8k.patch
+++ b/merge_from_0.9.8k.patch
@@ -1,8 +1,13 @@
+---
+ Configure | 4 ++--
+ config | 23 +++++++++++++++--------
+ 2 files changed, 17 insertions(+), 10 deletions(-)
+
Index: openssl-1.0.2a/Configure
===================================================================
---- openssl-1.0.2a.orig/Configure 2015-05-30 21:58:49.358278076 +0200
-+++ openssl-1.0.2a/Configure 2015-05-30 21:58:52.830317683 +0200
-@@ -996,7 +996,7 @@ PROCESS_ARGS:
+--- openssl-1.0.2a.orig/Configure
++++ openssl-1.0.2a/Configure
+@@ -978,7 +978,7 @@ PROCESS_ARGS:
}
else
{
@@ -11,7 +16,7 @@ Index: openssl-1.0.2a/Configure
$target=$_;
}
-@@ -1276,7 +1276,7 @@ if ($target =~ /linux.*\-mips/ && !$no_a
+@@ -1258,7 +1258,7 @@ if ($target =~ /linux.*\-mips/ && !$no_a
my $no_shared_warn=0;
my $no_user_cflags=0;
@@ -22,8 +27,8 @@ Index: openssl-1.0.2a/Configure
# Kerberos settings. The flavor must be provided from outside, either through
Index: openssl-1.0.2a/config
===================================================================
---- openssl-1.0.2a.orig/config 2015-05-30 21:58:49.358278076 +0200
-+++ openssl-1.0.2a/config 2015-05-30 21:58:52.830317683 +0200
+--- openssl-1.0.2a.orig/config
++++ openssl-1.0.2a/config
@@ -573,7 +573,8 @@ case "$GUESSOS" in
options="$options -arch%20${MACHINE}"
OUT="iphoneos-cross" ;;
@@ -34,17 +39,19 @@ Index: openssl-1.0.2a/config
case ${ISA:-generic} in
*[678]) OUT="linux-alpha+bwx-$CC" ;;
*) OUT="linux-alpha-$CC" ;;
-@@ -598,7 +599,9 @@ case "$GUESSOS" in
+@@ -598,8 +599,10 @@ case "$GUESSOS" in
if [ "$KERNEL_BITS" = "64" ]; then
OUT="linux-ppc64"
else
- OUT="linux-ppc"
+- (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null) || options="$options -m32"
+# OUT="linux-ppc"
+ # we have the target and force it here
+ OUT="linux-ppc64"
- (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null) || options="$options -m32"
++ (echo "__LP64" | gcc -E -x c - 2>/dev/null | grep "^__LP64" 2>&1 > /dev/null) || options="$options -m32"
fi
;;
+ ppc64le-*-linux2) OUT="linux-ppc64le" ;;
@@ -632,10 +635,10 @@ case "$GUESSOS" in
sparc-*-linux2)
KARCH=`awk '/^type/{print$3;exit(0);}' /proc/cpuinfo`
diff --git a/openssl-1.0.1e-add-test-suse-default-cipher-suite.patch b/openssl-1.0.1e-add-test-suse-default-cipher-suite.patch
index dfdd05b..af00b70 100644
--- a/openssl-1.0.1e-add-test-suse-default-cipher-suite.patch
+++ b/openssl-1.0.1e-add-test-suse-default-cipher-suite.patch
@@ -1,9 +1,9 @@
-Index: openssl-1.0.2a/test/testssl
+Index: openssl-1.0.2b/test/testssl
===================================================================
---- openssl-1.0.2a.orig/test/testssl 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/test/testssl 2015-05-24 14:06:02.038506053 +0200
-@@ -138,6 +138,25 @@ for protocol in TLSv1.2 SSLv3; do
- done
+--- openssl-1.0.2b.orig/test/testssl 2015-06-11 20:11:36.398513121 +0200
++++ openssl-1.0.2b/test/testssl 2015-06-11 20:15:40.833426946 +0200
+@@ -192,6 +192,25 @@ for protocol in TLSv1.2 SSLv3; do
+ fi
done
+echo "Testing default ciphersuites"
diff --git a/openssl-1.0.2a-default-paths.patch b/openssl-1.0.2a-default-paths.patch
index a6f665d..7623ca9 100644
--- a/openssl-1.0.2a-default-paths.patch
+++ b/openssl-1.0.2a-default-paths.patch
@@ -1,25 +1,9 @@
-diff -up openssl-1.0.2a/apps/s_client.c.default-paths openssl-1.0.2a/apps/s_client.c
---- openssl-1.0.2a/apps/s_client.c.default-paths 2015-04-20 14:48:31.462166971 +0200
-+++ openssl-1.0.2a/apps/s_client.c 2015-04-20 14:52:55.125316170 +0200
-@@ -1336,19 +1336,16 @@ int MAIN(int argc, char **argv)
-
- SSL_CTX_set_verify(ctx, verify, verify_callback);
-
-- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
-- (!SSL_CTX_set_default_verify_paths(ctx))) {
-- /*
-- * BIO_printf(bio_err,"error setting default verify locations\n");
-- */
-- ERR_print_errors(bio_err);
-- /* goto end; */
-+ if (CAfile == NULL && CApath == NULL) {
-+ if (!SSL_CTX_set_default_verify_paths(ctx)) {
-+ ERR_print_errors(bio_err);
-+ }
-+ } else {
-+ if (!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) {
-+ ERR_print_errors(bio_err);
-+ }
+Index: openssl-1.0.2b/apps/s_client.c
+===================================================================
+--- openssl-1.0.2b.orig/apps/s_client.c 2015-06-11 17:28:32.039203737 +0200
++++ openssl-1.0.2b/apps/s_client.c 2015-06-11 17:39:40.138741521 +0200
+@@ -1346,10 +1346,6 @@ int MAIN(int argc, char **argv)
+ ERR_print_errors(bio_err);
}
- ssl_ctx_add_crls(ctx, crls, crl_download);
@@ -29,10 +13,11 @@ diff -up openssl-1.0.2a/apps/s_client.c.default-paths openssl-1.0.2a/apps/s_clie
#ifndef OPENSSL_NO_TLSEXT
if (servername != NULL) {
tlsextcbp.biodebug = bio_err;
-diff -up openssl-1.0.2a/apps/s_server.c.default-paths openssl-1.0.2a/apps/s_server.c
---- openssl-1.0.2a/apps/s_server.c.default-paths 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/apps/s_server.c 2015-04-20 14:48:31.462166971 +0200
-@@ -1768,12 +1768,16 @@ int MAIN(int argc, char *argv[])
+Index: openssl-1.0.2b/apps/s_server.c
+===================================================================
+--- openssl-1.0.2b.orig/apps/s_server.c 2015-06-11 17:28:04.879854931 +0200
++++ openssl-1.0.2b/apps/s_server.c 2015-06-11 17:28:32.040203749 +0200
+@@ -1788,12 +1788,16 @@ int MAIN(int argc, char *argv[])
}
#endif
@@ -54,7 +39,7 @@ diff -up openssl-1.0.2a/apps/s_server.c.default-paths openssl-1.0.2a/apps/s_serv
if (vpm)
SSL_CTX_set1_param(ctx, vpm);
-@@ -1830,8 +1834,10 @@ int MAIN(int argc, char *argv[])
+@@ -1850,8 +1854,10 @@ int MAIN(int argc, char *argv[])
else
SSL_CTX_sess_set_cache_size(ctx2, 128);
@@ -67,9 +52,10 @@ diff -up openssl-1.0.2a/apps/s_server.c.default-paths openssl-1.0.2a/apps/s_serv
ERR_print_errors(bio_err);
}
if (vpm)
-diff -up openssl-1.0.2a/apps/s_time.c.default-paths openssl-1.0.2a/apps/s_time.c
---- openssl-1.0.2a/apps/s_time.c.default-paths 2015-04-20 14:48:31.462166971 +0200
-+++ openssl-1.0.2a/apps/s_time.c 2015-04-20 14:55:14.232542738 +0200
+Index: openssl-1.0.2b/apps/s_time.c
+===================================================================
+--- openssl-1.0.2b.orig/apps/s_time.c 2015-06-11 17:28:04.879854931 +0200
++++ openssl-1.0.2b/apps/s_time.c 2015-06-11 17:28:32.040203749 +0200
@@ -381,13 +381,14 @@ int MAIN(int argc, char **argv)
SSL_load_error_strings();
diff --git a/openssl-1.0.2a-fips.patch b/openssl-1.0.2a-fips.patch
index e42921a..c4169bc 100644
--- a/openssl-1.0.2a-fips.patch
+++ b/openssl-1.0.2a-fips.patch
@@ -1,7 +1,7 @@
-Index: openssl-1.0.2a/apps/speed.c
+Index: openssl-1.0.2c/apps/speed.c
===================================================================
---- openssl-1.0.2a.orig/apps/speed.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/apps/speed.c 2015-05-24 12:53:19.134111196 +0200
+--- openssl-1.0.2c.orig/apps/speed.c 2015-06-12 23:20:59.468588414 +0200
++++ openssl-1.0.2c/apps/speed.c 2015-06-12 23:21:28.252934111 +0200
@@ -197,7 +197,6 @@
# ifdef OPENSSL_DOING_MAKEDEPEND
# undef AES_set_encrypt_key
@@ -134,11 +134,11 @@ Index: openssl-1.0.2a/apps/speed.c
HMAC_Init_ex(&hctx, (unsigned char *)"This is a key...",
16, EVP_md5(), NULL);
-Index: openssl-1.0.2a/Configure
+Index: openssl-1.0.2c/Configure
===================================================================
---- openssl-1.0.2a.orig/Configure 2015-05-24 12:53:19.089110545 +0200
-+++ openssl-1.0.2a/Configure 2015-05-24 12:53:19.134111196 +0200
-@@ -1053,11 +1053,6 @@ if (defined($disabled{"md5"}) || defined
+--- openssl-1.0.2c.orig/Configure 2015-06-12 23:20:49.250465706 +0200
++++ openssl-1.0.2c/Configure 2015-06-12 23:21:28.253934123 +0200
+@@ -1070,11 +1070,6 @@ if (defined($disabled{"md5"}) || defined
$disabled{"ssl2"} = "forced";
}
@@ -150,7 +150,7 @@ Index: openssl-1.0.2a/Configure
# RSAX ENGINE sets default non-FIPS RSA method.
if ($fips)
{
-@@ -1545,7 +1540,6 @@ $cflags.=" -DOPENSSL_BN_ASM_GF2m" if ($b
+@@ -1563,7 +1558,6 @@ $cflags.=" -DOPENSSL_BN_ASM_GF2m" if ($b
if ($fips)
{
$openssl_other_defines.="#define OPENSSL_FIPS\n";
@@ -158,7 +158,7 @@ Index: openssl-1.0.2a/Configure
}
$cpuid_obj="mem_clr.o" unless ($cpuid_obj =~ /\.o$/);
-@@ -1737,9 +1731,12 @@ while (<IN>)
+@@ -1764,9 +1758,12 @@ while (<IN>)
s/^FIPSDIR=.*/FIPSDIR=$fipsdir/;
s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
@@ -172,10 +172,10 @@ Index: openssl-1.0.2a/Configure
s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
-Index: openssl-1.0.2a/crypto/aes/aes_misc.c
+Index: openssl-1.0.2c/crypto/aes/aes_misc.c
===================================================================
---- openssl-1.0.2a.orig/crypto/aes/aes_misc.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/aes/aes_misc.c 2015-05-24 12:53:19.134111196 +0200
+--- openssl-1.0.2c.orig/crypto/aes/aes_misc.c 2015-06-12 23:20:59.469588427 +0200
++++ openssl-1.0.2c/crypto/aes/aes_misc.c 2015-06-12 23:21:28.253934123 +0200
@@ -70,17 +70,11 @@ const char *AES_options(void)
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key)
@@ -194,10 +194,10 @@ Index: openssl-1.0.2a/crypto/aes/aes_misc.c
-#endif
return private_AES_set_decrypt_key(userKey, bits, key);
}
-Index: openssl-1.0.2a/crypto/cmac/cmac.c
+Index: openssl-1.0.2c/crypto/cmac/cmac.c
===================================================================
---- openssl-1.0.2a.orig/crypto/cmac/cmac.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/cmac/cmac.c 2015-05-24 12:53:19.135111211 +0200
+--- openssl-1.0.2c.orig/crypto/cmac/cmac.c 2015-06-12 23:20:59.469588427 +0200
++++ openssl-1.0.2c/crypto/cmac/cmac.c 2015-06-12 23:21:28.253934123 +0200
@@ -105,12 +105,6 @@ CMAC_CTX *CMAC_CTX_new(void)
void CMAC_CTX_cleanup(CMAC_CTX *ctx)
@@ -211,7 +211,7 @@ Index: openssl-1.0.2a/crypto/cmac/cmac.c
EVP_CIPHER_CTX_cleanup(&ctx->cctx);
OPENSSL_cleanse(ctx->tbl, EVP_MAX_BLOCK_LENGTH);
OPENSSL_cleanse(ctx->k1, EVP_MAX_BLOCK_LENGTH);
-@@ -158,12 +152,6 @@ int CMAC_Init(CMAC_CTX *ctx, const void
+@@ -160,12 +154,6 @@ int CMAC_Init(CMAC_CTX *ctx, const void
EVPerr(EVP_F_CMAC_INIT, EVP_R_DISABLED_FOR_FIPS);
return 0;
}
@@ -224,7 +224,7 @@ Index: openssl-1.0.2a/crypto/cmac/cmac.c
}
#endif
/* All zeros means restart */
-@@ -209,10 +197,6 @@ int CMAC_Update(CMAC_CTX *ctx, const voi
+@@ -211,10 +199,6 @@ int CMAC_Update(CMAC_CTX *ctx, const voi
{
const unsigned char *data = in;
size_t bl;
@@ -235,7 +235,7 @@ Index: openssl-1.0.2a/crypto/cmac/cmac.c
if (ctx->nlast_block == -1)
return 0;
if (dlen == 0)
-@@ -252,10 +236,6 @@ int CMAC_Update(CMAC_CTX *ctx, const voi
+@@ -254,10 +238,6 @@ int CMAC_Update(CMAC_CTX *ctx, const voi
int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
{
int i, bl, lb;
@@ -246,10 +246,10 @@ Index: openssl-1.0.2a/crypto/cmac/cmac.c
if (ctx->nlast_block == -1)
return 0;
bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
-Index: openssl-1.0.2a/crypto/crypto.h
+Index: openssl-1.0.2c/crypto/crypto.h
===================================================================
---- openssl-1.0.2a.orig/crypto/crypto.h 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/crypto.h 2015-05-24 12:53:19.135111211 +0200
+--- openssl-1.0.2c.orig/crypto/crypto.h 2015-06-12 23:20:59.470588438 +0200
++++ openssl-1.0.2c/crypto/crypto.h 2015-06-12 23:21:28.254934135 +0200
@@ -600,24 +600,29 @@ int FIPS_mode_set(int r);
void OPENSSL_init(void);
@@ -295,10 +295,10 @@ Index: openssl-1.0.2a/crypto/crypto.h
/* Error codes for the CRYPTO functions. */
/* Function codes. */
-Index: openssl-1.0.2a/crypto/des/des.h
+Index: openssl-1.0.2c/crypto/des/des.h
===================================================================
---- openssl-1.0.2a.orig/crypto/des/des.h 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/des/des.h 2015-05-24 12:53:19.135111211 +0200
+--- openssl-1.0.2c.orig/crypto/des/des.h 2015-06-12 23:20:59.470588438 +0200
++++ openssl-1.0.2c/crypto/des/des.h 2015-06-12 23:21:28.254934135 +0200
@@ -231,10 +231,6 @@ int DES_set_key(const_DES_cblock *key, D
int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
@@ -310,10 +310,10 @@ Index: openssl-1.0.2a/crypto/des/des.h
void DES_string_to_key(const char *str, DES_cblock *key);
void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-Index: openssl-1.0.2a/crypto/des/set_key.c
+Index: openssl-1.0.2c/crypto/des/set_key.c
===================================================================
---- openssl-1.0.2a.orig/crypto/des/set_key.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/des/set_key.c 2015-05-24 12:53:19.135111211 +0200
+--- openssl-1.0.2c.orig/crypto/des/set_key.c 2015-06-12 23:20:59.470588438 +0200
++++ openssl-1.0.2c/crypto/des/set_key.c 2015-06-12 23:21:28.254934135 +0200
@@ -359,15 +359,6 @@ int DES_set_key_checked(const_DES_cblock
}
@@ -330,10 +330,10 @@ Index: openssl-1.0.2a/crypto/des/set_key.c
{
static const int shifts2[16] =
{ 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0 };
-Index: openssl-1.0.2a/crypto/dh/dh_gen.c
+Index: openssl-1.0.2c/crypto/dh/dh_gen.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dh/dh_gen.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/dh/dh_gen.c 2015-05-24 12:53:19.135111211 +0200
+--- openssl-1.0.2c.orig/crypto/dh/dh_gen.c 2015-06-12 23:20:59.470588438 +0200
++++ openssl-1.0.2c/crypto/dh/dh_gen.c 2015-06-12 23:21:28.254934135 +0200
@@ -85,10 +85,6 @@ int DH_generate_parameters_ex(DH *ret, i
#endif
if (ret->meth->generate_params)
@@ -364,10 +364,10 @@ Index: openssl-1.0.2a/crypto/dh/dh_gen.c
ctx = BN_CTX_new();
if (ctx == NULL)
goto err;
-Index: openssl-1.0.2a/crypto/dh/dh.h
+Index: openssl-1.0.2c/crypto/dh/dh.h
===================================================================
---- openssl-1.0.2a.orig/crypto/dh/dh.h 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/dh/dh.h 2015-05-24 12:53:19.135111211 +0200
+--- openssl-1.0.2c.orig/crypto/dh/dh.h 2015-06-12 23:20:59.470588438 +0200
++++ openssl-1.0.2c/crypto/dh/dh.h 2015-06-12 23:21:28.254934135 +0200
@@ -77,6 +77,8 @@
# define OPENSSL_DH_MAX_MODULUS_BITS 10000
# endif
@@ -377,10 +377,10 @@ Index: openssl-1.0.2a/crypto/dh/dh.h
# define DH_FLAG_CACHE_MONT_P 0x01
/*
-Index: openssl-1.0.2a/crypto/dh/dh_key.c
+Index: openssl-1.0.2c/crypto/dh/dh_key.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dh/dh_key.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/dh/dh_key.c 2015-05-24 12:53:19.135111211 +0200
+--- openssl-1.0.2c.orig/crypto/dh/dh_key.c 2015-06-12 23:20:59.471588450 +0200
++++ openssl-1.0.2c/crypto/dh/dh_key.c 2015-06-12 23:21:28.254934135 +0200
@@ -61,6 +61,9 @@
#include <openssl/bn.h>
#include <openssl/rand.h>
@@ -448,10 +448,10 @@ Index: openssl-1.0.2a/crypto/dh/dh_key.c
dh->flags |= DH_FLAG_CACHE_MONT_P;
return (1);
}
-Index: openssl-1.0.2a/crypto/dh/dh_lib.c
+Index: openssl-1.0.2c/crypto/dh/dh_lib.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dh/dh_lib.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/dh/dh_lib.c 2015-05-24 12:53:19.135111211 +0200
+--- openssl-1.0.2c.orig/crypto/dh/dh_lib.c 2015-06-12 23:20:59.471588450 +0200
++++ openssl-1.0.2c/crypto/dh/dh_lib.c 2015-06-12 23:21:28.255934147 +0200
@@ -80,14 +80,7 @@ void DH_set_default_method(const DH_METH
const DH_METHOD *DH_get_default_method(void)
{
@@ -467,10 +467,10 @@ Index: openssl-1.0.2a/crypto/dh/dh_lib.c
}
return default_DH_method;
}
-Index: openssl-1.0.2a/crypto/dsa/dsa_err.c
+Index: openssl-1.0.2c/crypto/dsa/dsa_err.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsa_err.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/dsa/dsa_err.c 2015-05-24 12:53:19.135111211 +0200
+--- openssl-1.0.2c.orig/crypto/dsa/dsa_err.c 2015-06-12 23:20:59.471588450 +0200
++++ openssl-1.0.2c/crypto/dsa/dsa_err.c 2015-06-12 23:21:28.255934147 +0200
@@ -74,6 +74,8 @@ static ERR_STRING_DATA DSA_str_functs[]
{ERR_FUNC(DSA_F_DO_DSA_PRINT), "DO_DSA_PRINT"},
{ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
@@ -489,10 +489,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_err.c
{ERR_REASON(DSA_R_MISSING_PARAMETERS), "missing parameters"},
{ERR_REASON(DSA_R_MODULUS_TOO_LARGE), "modulus too large"},
{ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
-Index: openssl-1.0.2a/crypto/dsa/dsa_gen.c
+Index: openssl-1.0.2c/crypto/dsa/dsa_gen.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsa_gen.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/dsa/dsa_gen.c 2015-05-24 12:53:19.136111225 +0200
+--- openssl-1.0.2c.orig/crypto/dsa/dsa_gen.c 2015-06-12 16:51:21.000000000 +0200
++++ openssl-1.0.2c/crypto/dsa/dsa_gen.c 2015-06-12 23:21:28.255934147 +0200
@@ -91,6 +91,16 @@
# include <openssl/fips.h>
# endif
@@ -716,7 +716,7 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_gen.c
if (!BN_GENCB_call(cb, 0, m++))
goto err;
-@@ -212,29 +291,18 @@ int dsa_builtin_paramgen(DSA *ret, size_
+@@ -213,29 +292,18 @@ int dsa_builtin_paramgen(DSA *ret, size_
* be bad */
}
memcpy(buf, seed, qsize);
@@ -749,7 +749,7 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_gen.c
r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
seed_is_random, cb);
if (r > 0)
-@@ -242,8 +310,6 @@ int dsa_builtin_paramgen(DSA *ret, size_
+@@ -243,8 +311,6 @@ int dsa_builtin_paramgen(DSA *ret, size_
if (r != 0)
goto err;
@@ -758,7 +758,7 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_gen.c
}
if (!BN_GENCB_call(cb, 2, 0))
-@@ -251,19 +317,16 @@ int dsa_builtin_paramgen(DSA *ret, size_
+@@ -252,19 +318,16 @@ int dsa_builtin_paramgen(DSA *ret, size_
if (!BN_GENCB_call(cb, 3, 0))
goto err;
@@ -781,7 +781,7 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_gen.c
for (k = 0; k <= n; k++) {
/*
* obtain "SEED + offset + k" by incrementing:
-@@ -277,36 +340,37 @@ int dsa_builtin_paramgen(DSA *ret, size_
+@@ -278,36 +341,37 @@ int dsa_builtin_paramgen(DSA *ret, size_
if (!EVP_Digest(buf, qsize, md, NULL, evpmd, NULL))
goto err;
@@ -827,7 +827,7 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_gen.c
r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, ctx, 1, cb);
if (r > 0)
goto end; /* found it */
-@@ -314,12 +378,12 @@ int dsa_builtin_paramgen(DSA *ret, size_
+@@ -315,12 +379,12 @@ int dsa_builtin_paramgen(DSA *ret, size_
goto err;
}
@@ -843,7 +843,7 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_gen.c
break;
}
}
-@@ -327,7 +391,33 @@ int dsa_builtin_paramgen(DSA *ret, size_
+@@ -328,7 +392,33 @@ int dsa_builtin_paramgen(DSA *ret, size_
if (!BN_GENCB_call(cb, 2, 1))
goto err;
@@ -878,7 +878,7 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_gen.c
/* Set r0=(p-1)/q */
if (!BN_sub(test, p, BN_value_one()))
goto err;
-@@ -356,46 +446,14 @@ int dsa_builtin_paramgen(DSA *ret, size_
+@@ -357,46 +447,14 @@ int dsa_builtin_paramgen(DSA *ret, size_
ok = 1;
err:
if (ok) {
@@ -925,7 +925,7 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_gen.c
/*
* This is a parameter generation algorithm for the DSA2 algorithm as
* described in FIPS 186-3.
-@@ -421,14 +479,6 @@ int dsa_builtin_paramgen2(DSA *ret, size
+@@ -422,14 +480,6 @@ int dsa_builtin_paramgen2(DSA *ret, size
EVP_MD_CTX mctx;
unsigned int h = 2;
@@ -940,10 +940,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_gen.c
EVP_MD_CTX_init(&mctx);
if (evpmd == NULL) {
-Index: openssl-1.0.2a/crypto/dsa/dsa.h
+Index: openssl-1.0.2c/crypto/dsa/dsa.h
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsa.h 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/dsa/dsa.h 2015-05-24 12:53:19.136111225 +0200
+--- openssl-1.0.2c.orig/crypto/dsa/dsa.h 2015-06-12 23:20:59.472588462 +0200
++++ openssl-1.0.2c/crypto/dsa/dsa.h 2015-06-12 23:21:28.255934147 +0200
@@ -88,6 +88,8 @@
# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
# endif
@@ -1011,10 +1011,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsa.h
# define DSA_R_PARAMETER_ENCODING_ERROR 105
# define DSA_R_Q_NOT_PRIME 113
-Index: openssl-1.0.2a/crypto/dsa/dsa_key.c
+Index: openssl-1.0.2c/crypto/dsa/dsa_key.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsa_key.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/dsa/dsa_key.c 2015-05-24 12:53:19.136111225 +0200
+--- openssl-1.0.2c.orig/crypto/dsa/dsa_key.c 2015-06-12 23:20:59.472588462 +0200
++++ openssl-1.0.2c/crypto/dsa/dsa_key.c 2015-06-12 23:21:28.256934159 +0200
@@ -66,6 +66,34 @@
# ifdef OPENSSL_FIPS
@@ -1090,10 +1090,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_key.c
ok = 1;
err:
-Index: openssl-1.0.2a/crypto/dsa/dsa_lib.c
+Index: openssl-1.0.2c/crypto/dsa/dsa_lib.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsa_lib.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/dsa/dsa_lib.c 2015-05-24 12:53:19.136111225 +0200
+--- openssl-1.0.2c.orig/crypto/dsa/dsa_lib.c 2015-06-12 23:20:59.472588462 +0200
++++ openssl-1.0.2c/crypto/dsa/dsa_lib.c 2015-06-12 23:21:28.256934159 +0200
@@ -86,14 +86,7 @@ void DSA_set_default_method(const DSA_ME
const DSA_METHOD *DSA_get_default_method(void)
{
@@ -1109,10 +1109,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_lib.c
}
return default_DSA_method;
}
-Index: openssl-1.0.2a/crypto/dsa/dsa_locl.h
+Index: openssl-1.0.2c/crypto/dsa/dsa_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsa_locl.h 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/dsa/dsa_locl.h 2015-05-24 12:53:19.136111225 +0200
+--- openssl-1.0.2c.orig/crypto/dsa/dsa_locl.h 2015-06-12 23:20:59.472588462 +0200
++++ openssl-1.0.2c/crypto/dsa/dsa_locl.h 2015-06-12 23:21:28.256934159 +0200
@@ -56,7 +56,7 @@
int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
@@ -1122,10 +1122,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_locl.h
int *counter_ret, unsigned long *h_ret,
BN_GENCB *cb);
-Index: openssl-1.0.2a/crypto/dsa/dsa_ossl.c
+Index: openssl-1.0.2c/crypto/dsa/dsa_ossl.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsa_ossl.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/dsa/dsa_ossl.c 2015-05-24 12:53:19.136111225 +0200
+--- openssl-1.0.2c.orig/crypto/dsa/dsa_ossl.c 2015-06-12 23:20:59.472588462 +0200
++++ openssl-1.0.2c/crypto/dsa/dsa_ossl.c 2015-06-12 23:21:28.256934159 +0200
@@ -65,6 +65,9 @@
#include <openssl/dsa.h>
#include <openssl/rand.h>
@@ -1194,10 +1194,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_ossl.c
dsa->flags |= DSA_FLAG_CACHE_MONT_P;
return (1);
}
-Index: openssl-1.0.2a/crypto/dsa/dsa_pmeth.c
+Index: openssl-1.0.2c/crypto/dsa/dsa_pmeth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsa_pmeth.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/dsa/dsa_pmeth.c 2015-05-24 12:53:19.136111225 +0200
+--- openssl-1.0.2c.orig/crypto/dsa/dsa_pmeth.c 2015-06-12 23:20:59.473588474 +0200
++++ openssl-1.0.2c/crypto/dsa/dsa_pmeth.c 2015-06-12 23:21:28.256934159 +0200
@@ -253,7 +253,7 @@ static int pkey_dsa_paramgen(EVP_PKEY_CT
if (!dsa)
return 0;
@@ -1207,10 +1207,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsa_pmeth.c
if (ret)
EVP_PKEY_assign_DSA(pkey, dsa);
else
-Index: openssl-1.0.2a/crypto/dsa/dsatest.c
+Index: openssl-1.0.2c/crypto/dsa/dsatest.c
===================================================================
---- openssl-1.0.2a.orig/crypto/dsa/dsatest.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/dsa/dsatest.c 2015-05-24 12:53:19.136111225 +0200
+--- openssl-1.0.2c.orig/crypto/dsa/dsatest.c 2015-06-12 23:20:59.473588474 +0200
++++ openssl-1.0.2c/crypto/dsa/dsatest.c 2015-06-12 23:21:28.256934159 +0200
@@ -100,36 +100,41 @@ static int MS_CALLBACK dsa_cb(int p, int
* PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1
*/
@@ -1294,10 +1294,10 @@ Index: openssl-1.0.2a/crypto/dsa/dsatest.c
goto end;
}
if (h != 2) {
-Index: openssl-1.0.2a/crypto/engine/eng_all.c
+Index: openssl-1.0.2c/crypto/engine/eng_all.c
===================================================================
---- openssl-1.0.2a.orig/crypto/engine/eng_all.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/engine/eng_all.c 2015-05-24 12:53:19.137111240 +0200
+--- openssl-1.0.2c.orig/crypto/engine/eng_all.c 2015-06-12 23:20:59.473588474 +0200
++++ openssl-1.0.2c/crypto/engine/eng_all.c 2015-06-12 23:21:28.256934159 +0200
@@ -59,11 +59,25 @@
#include "cryptlib.h"
@@ -1324,10 +1324,10 @@ Index: openssl-1.0.2a/crypto/engine/eng_all.c
#if 0
/*
* There's no longer any need for an "openssl" ENGINE unless, one day, it
-Index: openssl-1.0.2a/crypto/evp/c_allc.c
+Index: openssl-1.0.2c/crypto/evp/c_allc.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/c_allc.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/c_allc.c 2015-05-24 12:53:19.137111240 +0200
+--- openssl-1.0.2c.orig/crypto/evp/c_allc.c 2015-06-12 23:20:59.473588474 +0200
++++ openssl-1.0.2c/crypto/evp/c_allc.c 2015-06-12 23:21:28.257934171 +0200
@@ -65,6 +65,10 @@
void OpenSSL_add_all_ciphers(void)
{
@@ -1404,10 +1404,10 @@ Index: openssl-1.0.2a/crypto/evp/c_allc.c
+ }
+#endif
}
-Index: openssl-1.0.2a/crypto/evp/c_alld.c
+Index: openssl-1.0.2c/crypto/evp/c_alld.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/c_alld.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/c_alld.c 2015-05-24 12:53:19.137111240 +0200
+--- openssl-1.0.2c.orig/crypto/evp/c_alld.c 2015-06-12 23:20:59.473588474 +0200
++++ openssl-1.0.2c/crypto/evp/c_alld.c 2015-06-12 23:21:28.257934171 +0200
@@ -64,51 +64,81 @@
void OpenSSL_add_all_digests(void)
@@ -1513,10 +1513,10 @@ Index: openssl-1.0.2a/crypto/evp/c_alld.c
+ }
#endif
}
-Index: openssl-1.0.2a/crypto/evp/digest.c
+Index: openssl-1.0.2c/crypto/evp/digest.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/digest.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/digest.c 2015-05-24 12:53:19.137111240 +0200
+--- openssl-1.0.2c.orig/crypto/evp/digest.c 2015-06-12 16:51:21.000000000 +0200
++++ openssl-1.0.2c/crypto/evp/digest.c 2015-06-12 23:21:28.257934171 +0200
@@ -143,18 +143,55 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, cons
return EVP_DigestInit_ex(ctx, type, NULL);
}
@@ -1675,11 +1675,11 @@ Index: openssl-1.0.2a/crypto/evp/digest.c
memset(ctx, '\0', sizeof *ctx);
return 1;
-Index: openssl-1.0.2a/crypto/evp/e_aes.c
+Index: openssl-1.0.2c/crypto/evp/e_aes.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/e_aes.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/e_aes.c 2015-05-24 12:53:19.137111240 +0200
-@@ -59,9 +59,6 @@
+--- openssl-1.0.2c.orig/crypto/evp/e_aes.c 2015-06-12 16:51:21.000000000 +0200
++++ openssl-1.0.2c/crypto/evp/e_aes.c 2015-06-12 23:21:28.257934171 +0200
+@@ -60,9 +60,6 @@
# include "modes_lcl.h"
# include <openssl/rand.h>
@@ -1689,7 +1689,7 @@ Index: openssl-1.0.2a/crypto/evp/e_aes.c
typedef struct {
union {
double align;
-@@ -1158,6 +1155,11 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *
+@@ -1159,6 +1156,11 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *
case EVP_CTRL_GCM_SET_IVLEN:
if (arg <= 0)
return 0;
@@ -1701,7 +1701,7 @@ Index: openssl-1.0.2a/crypto/evp/e_aes.c
/* Allocate memory for IV if needed */
if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) {
if (gctx->iv != c->iv)
-@@ -1726,6 +1728,14 @@ static int aes_xts_cipher(EVP_CIPHER_CTX
+@@ -1727,6 +1729,14 @@ static int aes_xts_cipher(EVP_CIPHER_CTX
return 0;
if (!out || !in || len < AES_BLOCK_SIZE)
return 0;
@@ -1716,10 +1716,10 @@ Index: openssl-1.0.2a/crypto/evp/e_aes.c
if (xctx->stream)
(*xctx->stream) (in, out, len,
xctx->xts.key1, xctx->xts.key2, ctx->iv);
-Index: openssl-1.0.2a/crypto/evp/e_des3.c
+Index: openssl-1.0.2c/crypto/evp/e_des3.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/e_des3.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/e_des3.c 2015-05-24 12:53:19.137111240 +0200
+--- openssl-1.0.2c.orig/crypto/evp/e_des3.c 2015-06-12 16:51:21.000000000 +0200
++++ openssl-1.0.2c/crypto/evp/e_des3.c 2015-06-12 23:21:28.258934183 +0200
@@ -65,10 +65,6 @@
# include <openssl/des.h>
# include <openssl/rand.h>
@@ -1731,10 +1731,10 @@ Index: openssl-1.0.2a/crypto/evp/e_des3.c
typedef struct {
union {
double align;
-Index: openssl-1.0.2a/crypto/evp/e_null.c
+Index: openssl-1.0.2c/crypto/evp/e_null.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/e_null.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/e_null.c 2015-05-24 12:53:19.137111240 +0200
+--- openssl-1.0.2c.orig/crypto/evp/e_null.c 2015-06-12 23:20:59.474588486 +0200
++++ openssl-1.0.2c/crypto/evp/e_null.c 2015-06-12 23:21:28.258934183 +0200
@@ -68,7 +68,7 @@ static int null_cipher(EVP_CIPHER_CTX *c
static const EVP_CIPHER n_cipher = {
NID_undef,
@@ -1744,10 +1744,10 @@ Index: openssl-1.0.2a/crypto/evp/e_null.c
null_init_key,
null_cipher,
NULL,
-Index: openssl-1.0.2a/crypto/evp/evp_enc.c
+Index: openssl-1.0.2c/crypto/evp/evp_enc.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/evp_enc.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/evp_enc.c 2015-05-24 12:53:19.138111254 +0200
+--- openssl-1.0.2c.orig/crypto/evp/evp_enc.c 2015-06-12 16:51:21.000000000 +0200
++++ openssl-1.0.2c/crypto/evp/evp_enc.c 2015-06-12 23:21:28.258934183 +0200
@@ -69,16 +69,73 @@
#endif
#include "evp_locl.h"
@@ -1915,11 +1915,11 @@ Index: openssl-1.0.2a/crypto/evp/evp_enc.c
memset(c, 0, sizeof(EVP_CIPHER_CTX));
return 1;
}
-Index: openssl-1.0.2a/crypto/evp/evp.h
+Index: openssl-1.0.2c/crypto/evp/evp.h
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/evp.h 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/evp.h 2015-05-24 12:53:19.138111254 +0200
-@@ -123,6 +123,10 @@
+--- openssl-1.0.2c.orig/crypto/evp/evp.h 2015-06-12 23:20:59.475588498 +0200
++++ openssl-1.0.2c/crypto/evp/evp.h 2015-06-12 23:21:28.258934183 +0200
+@@ -122,6 +122,10 @@
extern "C" {
#endif
@@ -1930,7 +1930,7 @@ Index: openssl-1.0.2a/crypto/evp/evp.h
/*
* Type needs to be a bit field Sub-type needs to be for variations on the
* method, as in, can it do arbitrary encryption....
-@@ -286,11 +290,6 @@ struct env_md_ctx_st {
+@@ -285,11 +289,6 @@ struct env_md_ctx_st {
* cleaned */
# define EVP_MD_CTX_FLAG_REUSE 0x0004/* Don't free up ctx->md_data
* in EVP_MD_CTX_cleanup */
@@ -1942,7 +1942,7 @@ Index: openssl-1.0.2a/crypto/evp/evp.h
# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008/* Allow use of non FIPS
* digest in FIPS mode */
-@@ -303,6 +302,10 @@ struct env_md_ctx_st {
+@@ -302,6 +301,10 @@ struct env_md_ctx_st {
# define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00/* PKCS#1 v1.5 mode */
# define EVP_MD_CTX_FLAG_PAD_X931 0x10/* X9.31 mode */
# define EVP_MD_CTX_FLAG_PAD_PSS 0x20/* PSS mode */
@@ -1953,7 +1953,7 @@ Index: openssl-1.0.2a/crypto/evp/evp.h
# define EVP_MD_CTX_FLAG_NO_INIT 0x0100/* Don't initialize md_data */
-@@ -364,15 +367,15 @@ struct evp_cipher_st {
+@@ -363,15 +366,15 @@ struct evp_cipher_st {
/* cipher handles random key generation */
# define EVP_CIPH_RAND_KEY 0x200
/* cipher has its own additional copying logic */
@@ -1972,10 +1972,10 @@ Index: openssl-1.0.2a/crypto/evp/evp.h
/*
* Cipher handles any and all padding logic as well as finalisation.
*/
-Index: openssl-1.0.2a/crypto/evp/evp_lib.c
+Index: openssl-1.0.2c/crypto/evp/evp_lib.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/evp_lib.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/evp_lib.c 2015-05-24 12:53:19.138111254 +0200
+--- openssl-1.0.2c.orig/crypto/evp/evp_lib.c 2015-06-12 23:20:59.475588498 +0200
++++ openssl-1.0.2c/crypto/evp/evp_lib.c 2015-06-12 23:21:28.258934183 +0200
@@ -60,10 +60,6 @@
#include "cryptlib.h"
#include <openssl/evp.h>
@@ -2061,10 +2061,10 @@ Index: openssl-1.0.2a/crypto/evp/evp_lib.c
return md->flags;
}
-Index: openssl-1.0.2a/crypto/evp/evp_locl.h
+Index: openssl-1.0.2c/crypto/evp/evp_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/evp_locl.h 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/evp_locl.h 2015-05-24 12:53:19.138111254 +0200
+--- openssl-1.0.2c.orig/crypto/evp/evp_locl.h 2015-06-12 23:20:59.476588510 +0200
++++ openssl-1.0.2c/crypto/evp/evp_locl.h 2015-06-12 23:21:28.259934195 +0200
@@ -258,10 +258,8 @@ const EVP_CIPHER *EVP_##cname##_ecb(void
BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
@@ -2098,10 +2098,10 @@ Index: openssl-1.0.2a/crypto/evp/evp_locl.h
# define Camellia_set_key private_Camellia_set_key
#endif
-Index: openssl-1.0.2a/crypto/evp/m_dss.c
+Index: openssl-1.0.2c/crypto/evp/m_dss.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/m_dss.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/m_dss.c 2015-05-24 12:53:19.138111254 +0200
+--- openssl-1.0.2c.orig/crypto/evp/m_dss.c 2015-06-12 23:20:59.476588510 +0200
++++ openssl-1.0.2c/crypto/evp/m_dss.c 2015-06-12 23:21:28.259934195 +0200
@@ -86,7 +86,7 @@ static const EVP_MD dsa_md = {
NID_dsaWithSHA,
NID_dsaWithSHA,
@@ -2111,10 +2111,10 @@ Index: openssl-1.0.2a/crypto/evp/m_dss.c
init,
update,
final,
-Index: openssl-1.0.2a/crypto/evp/m_dss1.c
+Index: openssl-1.0.2c/crypto/evp/m_dss1.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/m_dss1.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/m_dss1.c 2015-05-24 12:53:19.138111254 +0200
+--- openssl-1.0.2c.orig/crypto/evp/m_dss1.c 2015-06-12 23:20:59.476588510 +0200
++++ openssl-1.0.2c/crypto/evp/m_dss1.c 2015-06-12 23:21:28.259934195 +0200
@@ -87,7 +87,7 @@ static const EVP_MD dss1_md = {
NID_dsa,
NID_dsaWithSHA1,
@@ -2124,10 +2124,10 @@ Index: openssl-1.0.2a/crypto/evp/m_dss1.c
init,
update,
final,
-Index: openssl-1.0.2a/crypto/evp/m_md2.c
+Index: openssl-1.0.2c/crypto/evp/m_md2.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/m_md2.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/m_md2.c 2015-05-24 12:53:19.138111254 +0200
+--- openssl-1.0.2c.orig/crypto/evp/m_md2.c 2015-06-12 23:20:59.476588510 +0200
++++ openssl-1.0.2c/crypto/evp/m_md2.c 2015-06-12 23:21:28.259934195 +0200
@@ -68,6 +68,7 @@
# ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
@@ -2136,10 +2136,10 @@ Index: openssl-1.0.2a/crypto/evp/m_md2.c
static int init(EVP_MD_CTX *ctx)
{
-Index: openssl-1.0.2a/crypto/evp/m_sha1.c
+Index: openssl-1.0.2c/crypto/evp/m_sha1.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/m_sha1.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/m_sha1.c 2015-05-24 12:53:19.138111254 +0200
+--- openssl-1.0.2c.orig/crypto/evp/m_sha1.c 2015-06-12 23:20:59.476588510 +0200
++++ openssl-1.0.2c/crypto/evp/m_sha1.c 2015-06-12 23:21:28.259934195 +0200
@@ -87,7 +87,8 @@ static const EVP_MD sha1_md = {
NID_sha1,
NID_sha1WithRSAEncryption,
@@ -2190,10 +2190,10 @@ Index: openssl-1.0.2a/crypto/evp/m_sha1.c
init512,
update512,
final512,
-Index: openssl-1.0.2a/crypto/evp/p_sign.c
+Index: openssl-1.0.2c/crypto/evp/p_sign.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/p_sign.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/p_sign.c 2015-05-24 12:53:19.138111254 +0200
+--- openssl-1.0.2c.orig/crypto/evp/p_sign.c 2015-06-12 23:20:59.476588510 +0200
++++ openssl-1.0.2c/crypto/evp/p_sign.c 2015-06-12 23:21:28.259934195 +0200
@@ -61,6 +61,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
@@ -2225,10 +2225,10 @@ Index: openssl-1.0.2a/crypto/evp/p_sign.c
if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
goto err;
*siglen = sltmp;
-Index: openssl-1.0.2a/crypto/evp/p_verify.c
+Index: openssl-1.0.2c/crypto/evp/p_verify.c
===================================================================
---- openssl-1.0.2a.orig/crypto/evp/p_verify.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/evp/p_verify.c 2015-05-24 12:53:19.139111269 +0200
+--- openssl-1.0.2c.orig/crypto/evp/p_verify.c 2015-06-12 23:20:59.476588510 +0200
++++ openssl-1.0.2c/crypto/evp/p_verify.c 2015-06-12 23:21:28.259934195 +0200
@@ -61,6 +61,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
@@ -2260,10 +2260,10 @@ Index: openssl-1.0.2a/crypto/evp/p_verify.c
i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
err:
EVP_PKEY_CTX_free(pkctx);
-Index: openssl-1.0.2a/crypto/fips/fips_aes_selftest.c
+Index: openssl-1.0.2c/crypto/fips/fips_aes_selftest.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_aes_selftest.c 2015-05-24 12:53:19.139111269 +0200
++++ openssl-1.0.2c/crypto/fips/fips_aes_selftest.c 2015-06-12 23:21:28.260934207 +0200
@@ -0,0 +1,365 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -2630,10 +2630,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_aes_selftest.c
+}
+
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips.c
+Index: openssl-1.0.2c/crypto/fips/fips.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips.c 2015-05-24 12:53:19.139111269 +0200
++++ openssl-1.0.2c/crypto/fips/fips.c 2015-06-12 23:21:28.260934207 +0200
@@ -0,0 +1,483 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -3118,10 +3118,10 @@ Index: openssl-1.0.2a/crypto/fips/fips.c
+# endif
+
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_cmac_selftest.c
+Index: openssl-1.0.2c/crypto/fips/fips_cmac_selftest.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_cmac_selftest.c 2015-05-24 12:53:19.139111269 +0200
++++ openssl-1.0.2c/crypto/fips/fips_cmac_selftest.c 2015-06-12 23:21:28.260934207 +0200
@@ -0,0 +1,156 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
@@ -3279,10 +3279,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_cmac_selftest.c
+ return rv;
+}
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_des_selftest.c
+Index: openssl-1.0.2c/crypto/fips/fips_des_selftest.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_des_selftest.c 2015-05-24 12:53:19.139111269 +0200
++++ openssl-1.0.2c/crypto/fips/fips_des_selftest.c 2015-06-12 23:21:28.260934207 +0200
@@ -0,0 +1,138 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -3422,10 +3422,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_des_selftest.c
+ return ret;
+}
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_drbg_ctr.c
+Index: openssl-1.0.2c/crypto/fips/fips_drbg_ctr.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_drbg_ctr.c 2015-05-24 12:53:19.139111269 +0200
++++ openssl-1.0.2c/crypto/fips/fips_drbg_ctr.c 2015-06-12 23:21:28.261934219 +0200
@@ -0,0 +1,415 @@
+/* fips/rand/fips_drbg_ctr.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -3842,10 +3842,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_drbg_ctr.c
+
+ return 1;
+}
-Index: openssl-1.0.2a/crypto/fips/fips_drbg_hash.c
+Index: openssl-1.0.2c/crypto/fips/fips_drbg_hash.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_drbg_hash.c 2015-05-24 12:53:19.139111269 +0200
++++ openssl-1.0.2c/crypto/fips/fips_drbg_hash.c 2015-06-12 23:21:28.261934219 +0200
@@ -0,0 +1,358 @@
+/* fips/rand/fips_drbg_hash.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -4205,10 +4205,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_drbg_hash.c
+
+ return 1;
+}
-Index: openssl-1.0.2a/crypto/fips/fips_drbg_hmac.c
+Index: openssl-1.0.2c/crypto/fips/fips_drbg_hmac.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_drbg_hmac.c 2015-05-24 12:53:19.140111283 +0200
++++ openssl-1.0.2c/crypto/fips/fips_drbg_hmac.c 2015-06-12 23:21:28.261934219 +0200
@@ -0,0 +1,270 @@
+/* fips/rand/fips_drbg_hmac.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -4480,10 +4480,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_drbg_hmac.c
+
+ return 1;
+}
-Index: openssl-1.0.2a/crypto/fips/fips_drbg_lib.c
+Index: openssl-1.0.2c/crypto/fips/fips_drbg_lib.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_drbg_lib.c 2015-05-24 12:53:19.140111283 +0200
++++ openssl-1.0.2c/crypto/fips/fips_drbg_lib.c 2015-06-12 23:21:28.261934219 +0200
@@ -0,0 +1,553 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
@@ -5038,10 +5038,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_drbg_lib.c
+ memcpy(dctx->lb, out, dctx->blocklength);
+ return 1;
+}
-Index: openssl-1.0.2a/crypto/fips/fips_drbg_rand.c
+Index: openssl-1.0.2c/crypto/fips/fips_drbg_rand.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_drbg_rand.c 2015-05-24 12:53:19.140111283 +0200
++++ openssl-1.0.2c/crypto/fips/fips_drbg_rand.c 2015-06-12 23:21:28.262934231 +0200
@@ -0,0 +1,166 @@
+/* fips/rand/fips_drbg_rand.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -5209,10 +5209,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_drbg_rand.c
+{
+ return &rand_drbg_meth;
+}
-Index: openssl-1.0.2a/crypto/fips/fips_drbg_selftest.c
+Index: openssl-1.0.2c/crypto/fips/fips_drbg_selftest.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_drbg_selftest.c 2015-05-24 12:53:19.140111283 +0200
++++ openssl-1.0.2c/crypto/fips/fips_drbg_selftest.c 2015-06-12 23:21:28.262934231 +0200
@@ -0,0 +1,827 @@
+/* fips/rand/fips_drbg_selftest.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -6041,10 +6041,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_drbg_selftest.c
+ FIPS_drbg_free(dctx);
+ return rv;
+}
-Index: openssl-1.0.2a/crypto/fips/fips_drbg_selftest.h
+Index: openssl-1.0.2c/crypto/fips/fips_drbg_selftest.h
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_drbg_selftest.h 2015-05-24 12:53:19.141111297 +0200
++++ openssl-1.0.2c/crypto/fips/fips_drbg_selftest.h 2015-06-12 23:21:28.263934243 +0200
@@ -0,0 +1,1791 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
@@ -7837,10 +7837,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_drbg_selftest.h
+ 0xef, 0x05, 0x9e, 0xb8, 0xc7, 0x52, 0xe4, 0x0e, 0x42, 0xaa, 0x7c, 0x79,
+ 0xc2, 0xd6, 0xfd, 0xa5
+};
-Index: openssl-1.0.2a/crypto/fips/fips_dsa_selftest.c
+Index: openssl-1.0.2c/crypto/fips/fips_dsa_selftest.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_dsa_selftest.c 2015-05-24 12:53:19.141111297 +0200
++++ openssl-1.0.2c/crypto/fips/fips_dsa_selftest.c 2015-06-12 23:21:28.263934243 +0200
@@ -0,0 +1,192 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
@@ -8034,10 +8034,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_dsa_selftest.c
+ return ret;
+}
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_enc.c
+Index: openssl-1.0.2c/crypto/fips/fips_enc.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_enc.c 2015-05-24 12:53:19.141111297 +0200
++++ openssl-1.0.2c/crypto/fips/fips_enc.c 2015-06-12 23:21:28.264934255 +0200
@@ -0,0 +1,189 @@
+/* fipe/evp/fips_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@@ -8228,10 +8228,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_enc.c
+
+ }
+}
-Index: openssl-1.0.2a/crypto/fips/fips.h
+Index: openssl-1.0.2c/crypto/fips/fips.h
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips.h 2015-05-24 12:53:19.141111297 +0200
++++ openssl-1.0.2c/crypto/fips/fips.h 2015-06-12 23:21:28.264934255 +0200
@@ -0,0 +1,278 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -8511,10 +8511,10 @@ Index: openssl-1.0.2a/crypto/fips/fips.h
+}
+# endif
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_hmac_selftest.c
+Index: openssl-1.0.2c/crypto/fips/fips_hmac_selftest.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_hmac_selftest.c 2015-05-24 12:53:19.141111297 +0200
++++ openssl-1.0.2c/crypto/fips/fips_hmac_selftest.c 2015-06-12 23:21:28.264934255 +0200
@@ -0,0 +1,134 @@
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
@@ -8650,10 +8650,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_hmac_selftest.c
+ return 1;
+}
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_locl.h
+Index: openssl-1.0.2c/crypto/fips/fips_locl.h
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_locl.h 2015-05-24 12:53:19.142111312 +0200
++++ openssl-1.0.2c/crypto/fips/fips_locl.h 2015-06-12 23:21:28.264934255 +0200
@@ -0,0 +1,71 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
@@ -8726,10 +8726,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_locl.h
+}
+# endif
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_md.c
+Index: openssl-1.0.2c/crypto/fips/fips_md.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_md.c 2015-05-24 12:53:19.142111312 +0200
++++ openssl-1.0.2c/crypto/fips/fips_md.c 2015-06-12 23:21:28.264934255 +0200
@@ -0,0 +1,144 @@
+/* fips/evp/fips_md.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@@ -8875,10 +8875,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_md.c
+ return NULL;
+ }
+}
-Index: openssl-1.0.2a/crypto/fips/fips_post.c
+Index: openssl-1.0.2c/crypto/fips/fips_post.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_post.c 2015-05-24 12:53:19.142111312 +0200
++++ openssl-1.0.2c/crypto/fips/fips_post.c 2015-06-12 23:21:28.264934255 +0200
@@ -0,0 +1,201 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
@@ -9081,10 +9081,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_post.c
+ return 1;
+}
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_rand.c
+Index: openssl-1.0.2c/crypto/fips/fips_rand.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_rand.c 2015-05-24 12:53:19.142111312 +0200
++++ openssl-1.0.2c/crypto/fips/fips_rand.c 2015-06-12 23:21:28.265934267 +0200
@@ -0,0 +1,428 @@
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
@@ -9514,10 +9514,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_rand.c
+}
+
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_rand.h
+Index: openssl-1.0.2c/crypto/fips/fips_rand.h
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_rand.h 2015-05-24 12:53:19.142111312 +0200
++++ openssl-1.0.2c/crypto/fips/fips_rand.h 2015-06-12 23:21:28.265934267 +0200
@@ -0,0 +1,163 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -9682,10 +9682,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_rand.h
+# endif
+# endif
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_rand_lcl.h
+Index: openssl-1.0.2c/crypto/fips/fips_rand_lcl.h
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_rand_lcl.h 2015-05-24 12:53:19.142111312 +0200
++++ openssl-1.0.2c/crypto/fips/fips_rand_lcl.h 2015-06-12 23:21:28.265934267 +0200
@@ -0,0 +1,213 @@
+/* fips/rand/fips_rand_lcl.h */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -9900,10 +9900,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_rand_lcl.h
+#define FIPS_digestupdate EVP_DigestUpdate
+#define FIPS_digestfinal EVP_DigestFinal
+#define M_EVP_MD_size EVP_MD_size
-Index: openssl-1.0.2a/crypto/fips/fips_rand_lib.c
+Index: openssl-1.0.2c/crypto/fips/fips_rand_lib.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_rand_lib.c 2015-05-24 12:53:19.142111312 +0200
++++ openssl-1.0.2c/crypto/fips/fips_rand_lib.c 2015-06-12 23:21:28.265934267 +0200
@@ -0,0 +1,181 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
@@ -10086,10 +10086,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_rand_lib.c
+ }
+ return 0;
+}
-Index: openssl-1.0.2a/crypto/fips/fips_rand_selftest.c
+Index: openssl-1.0.2c/crypto/fips/fips_rand_selftest.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_rand_selftest.c 2015-05-24 12:53:19.142111312 +0200
++++ openssl-1.0.2c/crypto/fips/fips_rand_selftest.c 2015-06-12 23:21:28.266934279 +0200
@@ -0,0 +1,176 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -10267,10 +10267,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_rand_selftest.c
+}
+
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_randtest.c
+Index: openssl-1.0.2c/crypto/fips/fips_randtest.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_randtest.c 2015-05-24 12:53:19.143111326 +0200
++++ openssl-1.0.2c/crypto/fips/fips_randtest.c 2015-06-12 23:21:28.266934279 +0200
@@ -0,0 +1,247 @@
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
@@ -10519,10 +10519,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_randtest.c
+}
+
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_rsa_selftest.c
+Index: openssl-1.0.2c/crypto/fips/fips_rsa_selftest.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_rsa_selftest.c 2015-05-24 12:53:19.143111326 +0200
++++ openssl-1.0.2c/crypto/fips/fips_rsa_selftest.c 2015-06-12 23:21:28.266934279 +0200
@@ -0,0 +1,444 @@
+/* ====================================================================
+ * Copyright (c) 2003-2007 The OpenSSL Project. All rights reserved.
@@ -10968,10 +10968,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_rsa_selftest.c
+}
+
+#endif /* def OPENSSL_FIPS */
-Index: openssl-1.0.2a/crypto/fips/fips_rsa_x931g.c
+Index: openssl-1.0.2c/crypto/fips/fips_rsa_x931g.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_rsa_x931g.c 2015-05-24 12:53:19.143111326 +0200
++++ openssl-1.0.2c/crypto/fips/fips_rsa_x931g.c 2015-06-12 23:21:28.266934279 +0200
@@ -0,0 +1,273 @@
+/* crypto/rsa/rsa_gen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@@ -11246,10 +11246,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_rsa_x931g.c
+ return 0;
+
+}
-Index: openssl-1.0.2a/crypto/fips/fips_sha_selftest.c
+Index: openssl-1.0.2c/crypto/fips/fips_sha_selftest.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_sha_selftest.c 2015-05-24 12:53:19.143111326 +0200
++++ openssl-1.0.2c/crypto/fips/fips_sha_selftest.c 2015-06-12 23:21:28.266934279 +0200
@@ -0,0 +1,145 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -11396,10 +11396,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_sha_selftest.c
+}
+
+#endif
-Index: openssl-1.0.2a/crypto/fips/fips_standalone_hmac.c
+Index: openssl-1.0.2c/crypto/fips/fips_standalone_hmac.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_standalone_hmac.c 2015-05-24 12:53:19.143111326 +0200
++++ openssl-1.0.2c/crypto/fips/fips_standalone_hmac.c 2015-06-12 23:21:28.267934291 +0200
@@ -0,0 +1,268 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -11669,10 +11669,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_standalone_hmac.c
+#endif
+ return 0;
+}
-Index: openssl-1.0.2a/crypto/fips/fips_test_suite.c
+Index: openssl-1.0.2c/crypto/fips/fips_test_suite.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/fips_test_suite.c 2015-05-24 12:53:19.143111326 +0200
++++ openssl-1.0.2c/crypto/fips/fips_test_suite.c 2015-06-12 23:21:28.267934291 +0200
@@ -0,0 +1,639 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -12313,10 +12313,10 @@ Index: openssl-1.0.2a/crypto/fips/fips_test_suite.c
+}
+
+#endif
-Index: openssl-1.0.2a/crypto/fips/Makefile
+Index: openssl-1.0.2c/crypto/fips/Makefile
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-1.0.2a/crypto/fips/Makefile 2015-05-24 12:53:19.144111341 +0200
++++ openssl-1.0.2c/crypto/fips/Makefile 2015-06-12 23:21:28.267934291 +0200
@@ -0,0 +1,341 @@
+#
+# OpenSSL/crypto/fips/Makefile
@@ -12659,10 +12659,10 @@ Index: openssl-1.0.2a/crypto/fips/Makefile
+fips_sha_selftest.o: ../../include/openssl/safestack.h
+fips_sha_selftest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+fips_sha_selftest.o: ../../include/openssl/symhacks.h fips_sha_selftest.c
-Index: openssl-1.0.2a/crypto/hmac/hmac.c
+Index: openssl-1.0.2c/crypto/hmac/hmac.c
===================================================================
---- openssl-1.0.2a.orig/crypto/hmac/hmac.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/hmac/hmac.c 2015-05-24 12:53:19.144111341 +0200
+--- openssl-1.0.2c.orig/crypto/hmac/hmac.c 2015-06-12 16:51:27.000000000 +0200
++++ openssl-1.0.2c/crypto/hmac/hmac.c 2015-06-12 23:22:24.640611438 +0200
@@ -89,12 +89,6 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo
EVPerr(EVP_F_HMAC_INIT_EX, EVP_R_DISABLED_FOR_FIPS);
return 0;
@@ -12675,9 +12675,9 @@ Index: openssl-1.0.2a/crypto/hmac/hmac.c
- return FIPS_hmac_init_ex(ctx, key, len, md, NULL);
}
#endif
-
-@@ -105,6 +99,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo
- md = ctx->md;
+ /* If we are changing MD then we must have a key */
+@@ -111,6 +105,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo
+ }
if (key != NULL) {
+#ifdef OPENSSL_FIPS
@@ -12690,7 +12690,7 @@ Index: openssl-1.0.2a/crypto/hmac/hmac.c
reset = 1;
j = EVP_MD_block_size(md);
OPENSSL_assert(j <= (int)sizeof(ctx->key));
-@@ -157,10 +158,6 @@ int HMAC_Init(HMAC_CTX *ctx, const void
+@@ -164,10 +165,6 @@ int HMAC_Init(HMAC_CTX *ctx, const void
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
{
@@ -12698,10 +12698,10 @@ Index: openssl-1.0.2a/crypto/hmac/hmac.c
- if (FIPS_mode() && !ctx->i_ctx.engine)
- return FIPS_hmac_update(ctx, data, len);
-#endif
- return EVP_DigestUpdate(&ctx->md_ctx, data, len);
- }
+ if (!ctx->md)
+ return 0;
-@@ -168,10 +165,6 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned c
+@@ -178,10 +175,6 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned c
{
unsigned int i;
unsigned char buf[EVP_MAX_MD_SIZE];
@@ -12710,9 +12710,9 @@ Index: openssl-1.0.2a/crypto/hmac/hmac.c
- return FIPS_hmac_final(ctx, md, len);
-#endif
- if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i))
+ if (!ctx->md)
goto err;
-@@ -211,12 +204,6 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_C
+@@ -225,12 +218,6 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_C
void HMAC_CTX_cleanup(HMAC_CTX *ctx)
{
@@ -12725,10 +12725,10 @@ Index: openssl-1.0.2a/crypto/hmac/hmac.c
EVP_MD_CTX_cleanup(&ctx->i_ctx);
EVP_MD_CTX_cleanup(&ctx->o_ctx);
EVP_MD_CTX_cleanup(&ctx->md_ctx);
-Index: openssl-1.0.2a/crypto/mdc2/mdc2dgst.c
+Index: openssl-1.0.2c/crypto/mdc2/mdc2dgst.c
===================================================================
---- openssl-1.0.2a.orig/crypto/mdc2/mdc2dgst.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/mdc2/mdc2dgst.c 2015-05-24 12:53:19.144111341 +0200
+--- openssl-1.0.2c.orig/crypto/mdc2/mdc2dgst.c 2015-06-12 23:20:59.483588594 +0200
++++ openssl-1.0.2c/crypto/mdc2/mdc2dgst.c 2015-06-12 23:21:28.268934303 +0200
@@ -76,7 +76,7 @@
*((c)++)=(unsigned char)(((l)>>24L)&0xff))
@@ -12738,10 +12738,10 @@ Index: openssl-1.0.2a/crypto/mdc2/mdc2dgst.c
{
c->num = 0;
c->pad_type = 1;
-Index: openssl-1.0.2a/crypto/md2/md2_dgst.c
+Index: openssl-1.0.2c/crypto/md2/md2_dgst.c
===================================================================
---- openssl-1.0.2a.orig/crypto/md2/md2_dgst.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/md2/md2_dgst.c 2015-05-24 12:53:19.144111341 +0200
+--- openssl-1.0.2c.orig/crypto/md2/md2_dgst.c 2015-06-12 23:20:59.483588594 +0200
++++ openssl-1.0.2c/crypto/md2/md2_dgst.c 2015-06-12 23:21:28.268934303 +0200
@@ -62,6 +62,11 @@
#include <openssl/md2.h>
#include <openssl/opensslv.h>
@@ -12763,10 +12763,10 @@ Index: openssl-1.0.2a/crypto/md2/md2_dgst.c
{
c->num = 0;
memset(c->state, 0, sizeof c->state);
-Index: openssl-1.0.2a/crypto/md4/md4_dgst.c
+Index: openssl-1.0.2c/crypto/md4/md4_dgst.c
===================================================================
---- openssl-1.0.2a.orig/crypto/md4/md4_dgst.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/md4/md4_dgst.c 2015-05-24 12:53:19.144111341 +0200
+--- openssl-1.0.2c.orig/crypto/md4/md4_dgst.c 2015-06-12 23:20:59.483588594 +0200
++++ openssl-1.0.2c/crypto/md4/md4_dgst.c 2015-06-12 23:21:28.268934303 +0200
@@ -72,7 +72,7 @@ const char MD4_version[] = "MD4" OPENSSL
#define INIT_DATA_C (unsigned long)0x98badcfeL
#define INIT_DATA_D (unsigned long)0x10325476L
@@ -12776,10 +12776,10 @@ Index: openssl-1.0.2a/crypto/md4/md4_dgst.c
{
memset(c, 0, sizeof(*c));
c->A = INIT_DATA_A;
-Index: openssl-1.0.2a/crypto/md5/md5_dgst.c
+Index: openssl-1.0.2c/crypto/md5/md5_dgst.c
===================================================================
---- openssl-1.0.2a.orig/crypto/md5/md5_dgst.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/md5/md5_dgst.c 2015-05-24 12:53:19.144111341 +0200
+--- openssl-1.0.2c.orig/crypto/md5/md5_dgst.c 2015-06-12 23:20:59.483588594 +0200
++++ openssl-1.0.2c/crypto/md5/md5_dgst.c 2015-06-12 23:21:28.268934303 +0200
@@ -72,7 +72,7 @@ const char MD5_version[] = "MD5" OPENSSL
#define INIT_DATA_C (unsigned long)0x98badcfeL
#define INIT_DATA_D (unsigned long)0x10325476L
@@ -12789,10 +12789,10 @@ Index: openssl-1.0.2a/crypto/md5/md5_dgst.c
{
memset(c, 0, sizeof(*c));
c->A = INIT_DATA_A;
-Index: openssl-1.0.2a/crypto/o_fips.c
+Index: openssl-1.0.2c/crypto/o_fips.c
===================================================================
---- openssl-1.0.2a.orig/crypto/o_fips.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/o_fips.c 2015-05-24 12:53:19.144111341 +0200
+--- openssl-1.0.2c.orig/crypto/o_fips.c 2015-06-12 23:20:59.484588606 +0200
++++ openssl-1.0.2c/crypto/o_fips.c 2015-06-12 23:21:28.268934303 +0200
@@ -80,6 +80,8 @@ int FIPS_mode_set(int r)
# ifndef FIPS_AUTH_USER_PASS
# define FIPS_AUTH_USER_PASS "Default FIPS Crypto User Password"
@@ -12802,10 +12802,10 @@ Index: openssl-1.0.2a/crypto/o_fips.c
if (!FIPS_module_mode_set(r, FIPS_AUTH_USER_PASS))
return 0;
if (r)
-Index: openssl-1.0.2a/crypto/o_init.c
+Index: openssl-1.0.2c/crypto/o_init.c
===================================================================
---- openssl-1.0.2a.orig/crypto/o_init.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/o_init.c 2015-05-24 12:53:19.144111341 +0200
+--- openssl-1.0.2c.orig/crypto/o_init.c 2015-06-12 23:20:59.484588606 +0200
++++ openssl-1.0.2c/crypto/o_init.c 2015-06-12 23:21:28.268934303 +0200
@@ -56,8 +56,37 @@
#include <e_os.h>
#include <openssl/err.h>
@@ -12875,10 +12875,10 @@ Index: openssl-1.0.2a/crypto/o_init.c
+{
+ OPENSSL_init_library();
+}
-Index: openssl-1.0.2a/crypto/opensslconf.h.in
+Index: openssl-1.0.2c/crypto/opensslconf.h.in
===================================================================
---- openssl-1.0.2a.orig/crypto/opensslconf.h.in 2015-01-20 13:33:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/opensslconf.h.in 2015-05-24 12:53:19.144111341 +0200
+--- openssl-1.0.2c.orig/crypto/opensslconf.h.in 2015-06-12 23:20:59.484588606 +0200
++++ openssl-1.0.2c/crypto/opensslconf.h.in 2015-06-12 23:21:28.268934303 +0200
@@ -1,5 +1,20 @@
/* crypto/opensslconf.h.in */
@@ -12900,10 +12900,10 @@ Index: openssl-1.0.2a/crypto/opensslconf.h.in
/* Generate 80386 code? */
#undef I386_ONLY
-Index: openssl-1.0.2a/crypto/rand/md_rand.c
+Index: openssl-1.0.2c/crypto/rand/md_rand.c
===================================================================
---- openssl-1.0.2a.orig/crypto/rand/md_rand.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/rand/md_rand.c 2015-05-24 12:53:19.145111355 +0200
+--- openssl-1.0.2c.orig/crypto/rand/md_rand.c 2015-06-12 23:20:59.484588606 +0200
++++ openssl-1.0.2c/crypto/rand/md_rand.c 2015-06-12 23:21:28.269934315 +0200
@@ -391,7 +391,10 @@ int ssleay_rand_bytes(unsigned char *buf
CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
crypto_lock_rand = 1;
@@ -12916,10 +12916,10 @@ Index: openssl-1.0.2a/crypto/rand/md_rand.c
RAND_poll();
initialized = 1;
}
-Index: openssl-1.0.2a/crypto/rand/rand.h
+Index: openssl-1.0.2c/crypto/rand/rand.h
===================================================================
---- openssl-1.0.2a.orig/crypto/rand/rand.h 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/rand/rand.h 2015-05-24 12:53:19.145111355 +0200
+--- openssl-1.0.2c.orig/crypto/rand/rand.h 2015-06-12 23:20:59.484588606 +0200
++++ openssl-1.0.2c/crypto/rand/rand.h 2015-06-12 23:21:28.269934315 +0200
@@ -133,16 +133,34 @@ void ERR_load_RAND_strings(void);
/* Error codes for the RAND functions. */
@@ -12960,10 +12960,10 @@ Index: openssl-1.0.2a/crypto/rand/rand.h
#ifdef __cplusplus
}
-Index: openssl-1.0.2a/crypto/ripemd/rmd_dgst.c
+Index: openssl-1.0.2c/crypto/ripemd/rmd_dgst.c
===================================================================
---- openssl-1.0.2a.orig/crypto/ripemd/rmd_dgst.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/ripemd/rmd_dgst.c 2015-05-24 12:53:19.145111355 +0200
+--- openssl-1.0.2c.orig/crypto/ripemd/rmd_dgst.c 2015-06-12 23:20:59.484588606 +0200
++++ openssl-1.0.2c/crypto/ripemd/rmd_dgst.c 2015-06-12 23:21:28.269934315 +0200
@@ -70,7 +70,7 @@ void ripemd160_block_x86(RIPEMD160_CTX *
void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p, size_t num);
#endif
@@ -12973,10 +12973,10 @@ Index: openssl-1.0.2a/crypto/ripemd/rmd_dgst.c
{
memset(c, 0, sizeof(*c));
c->A = RIPEMD160_A;
-Index: openssl-1.0.2a/crypto/rsa/rsa_crpt.c
+Index: openssl-1.0.2c/crypto/rsa/rsa_crpt.c
===================================================================
---- openssl-1.0.2a.orig/crypto/rsa/rsa_crpt.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/rsa/rsa_crpt.c 2015-05-24 12:53:19.145111355 +0200
+--- openssl-1.0.2c.orig/crypto/rsa/rsa_crpt.c 2015-06-12 23:20:59.485588618 +0200
++++ openssl-1.0.2c/crypto/rsa/rsa_crpt.c 2015-06-12 23:21:28.269934315 +0200
@@ -89,9 +89,9 @@ int RSA_private_encrypt(int flen, const
unsigned char *to, RSA *rsa, int padding)
{
@@ -13003,10 +13003,10 @@ Index: openssl-1.0.2a/crypto/rsa/rsa_crpt.c
return -1;
}
#endif
-Index: openssl-1.0.2a/crypto/rsa/rsa_eay.c
+Index: openssl-1.0.2c/crypto/rsa/rsa_eay.c
===================================================================
---- openssl-1.0.2a.orig/crypto/rsa/rsa_eay.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/rsa/rsa_eay.c 2015-05-24 12:53:19.145111355 +0200
+--- openssl-1.0.2c.orig/crypto/rsa/rsa_eay.c 2015-06-12 23:20:59.485588618 +0200
++++ openssl-1.0.2c/crypto/rsa/rsa_eay.c 2015-06-12 23:21:28.269934315 +0200
@@ -114,6 +114,10 @@
#include <openssl/bn.h>
#include <openssl/rsa.h>
@@ -13129,10 +13129,10 @@ Index: openssl-1.0.2a/crypto/rsa/rsa_eay.c
rsa->flags |= RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE;
return (1);
}
-Index: openssl-1.0.2a/crypto/rsa/rsa_err.c
+Index: openssl-1.0.2c/crypto/rsa/rsa_err.c
===================================================================
---- openssl-1.0.2a.orig/crypto/rsa/rsa_err.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/rsa/rsa_err.c 2015-05-24 12:53:19.145111355 +0200
+--- openssl-1.0.2c.orig/crypto/rsa/rsa_err.c 2015-06-12 23:20:59.485588618 +0200
++++ openssl-1.0.2c/crypto/rsa/rsa_err.c 2015-06-12 23:21:28.270934327 +0200
@@ -136,6 +136,8 @@ static ERR_STRING_DATA RSA_str_functs[]
{ERR_FUNC(RSA_F_RSA_PUBLIC_ENCRYPT), "RSA_public_encrypt"},
{ERR_FUNC(RSA_F_RSA_PUB_DECODE), "RSA_PUB_DECODE"},
@@ -13142,10 +13142,10 @@ Index: openssl-1.0.2a/crypto/rsa/rsa_err.c
{ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
{ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),
"RSA_sign_ASN1_OCTET_STRING"},
-Index: openssl-1.0.2a/crypto/rsa/rsa_gen.c
+Index: openssl-1.0.2c/crypto/rsa/rsa_gen.c
===================================================================
---- openssl-1.0.2a.orig/crypto/rsa/rsa_gen.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/rsa/rsa_gen.c 2015-05-24 12:53:19.145111355 +0200
+--- openssl-1.0.2c.orig/crypto/rsa/rsa_gen.c 2015-06-12 23:20:59.485588618 +0200
++++ openssl-1.0.2c/crypto/rsa/rsa_gen.c 2015-06-12 23:21:28.270934327 +0200
@@ -69,6 +69,80 @@
#include <openssl/rsa.h>
#ifdef OPENSSL_FIPS
@@ -13285,10 +13285,10 @@ Index: openssl-1.0.2a/crypto/rsa/rsa_gen.c
ok = 1;
err:
if (ok == -1) {
-Index: openssl-1.0.2a/crypto/rsa/rsa.h
+Index: openssl-1.0.2c/crypto/rsa/rsa.h
===================================================================
---- openssl-1.0.2a.orig/crypto/rsa/rsa.h 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/rsa/rsa.h 2015-05-24 12:53:19.145111355 +0200
+--- openssl-1.0.2c.orig/crypto/rsa/rsa.h 2015-06-12 23:20:59.486588631 +0200
++++ openssl-1.0.2c/crypto/rsa/rsa.h 2015-06-12 23:21:28.270934327 +0200
@@ -168,6 +168,8 @@ struct rsa_st {
# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
# endif
@@ -13385,10 +13385,10 @@ Index: openssl-1.0.2a/crypto/rsa/rsa.h
# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
# define RSA_R_PADDING_CHECK_FAILED 114
# define RSA_R_PKCS_DECODING_ERROR 159
-Index: openssl-1.0.2a/crypto/rsa/rsa_lib.c
+Index: openssl-1.0.2c/crypto/rsa/rsa_lib.c
===================================================================
---- openssl-1.0.2a.orig/crypto/rsa/rsa_lib.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/rsa/rsa_lib.c 2015-05-24 12:53:19.146111370 +0200
+--- openssl-1.0.2c.orig/crypto/rsa/rsa_lib.c 2015-06-12 23:20:59.486588631 +0200
++++ openssl-1.0.2c/crypto/rsa/rsa_lib.c 2015-06-12 23:21:28.270934327 +0200
@@ -84,23 +84,22 @@ RSA *RSA_new(void)
void RSA_set_default_method(const RSA_METHOD *meth)
@@ -13461,10 +13461,10 @@ Index: openssl-1.0.2a/crypto/rsa/rsa_lib.c
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
#ifndef OPENSSL_NO_ENGINE
if (ret->engine)
-Index: openssl-1.0.2a/crypto/rsa/rsa_pmeth.c
+Index: openssl-1.0.2c/crypto/rsa/rsa_pmeth.c
===================================================================
---- openssl-1.0.2a.orig/crypto/rsa/rsa_pmeth.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/rsa/rsa_pmeth.c 2015-05-24 12:53:19.146111370 +0200
+--- openssl-1.0.2c.orig/crypto/rsa/rsa_pmeth.c 2015-06-12 23:20:59.486588631 +0200
++++ openssl-1.0.2c/crypto/rsa/rsa_pmeth.c 2015-06-12 23:21:28.271934339 +0200
@@ -228,20 +228,6 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *c
RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_INVALID_DIGEST_LENGTH);
return -1;
@@ -13486,7 +13486,7 @@ Index: openssl-1.0.2a/crypto/rsa/rsa_pmeth.c
if (EVP_MD_type(rctx->md) == NID_mdc2) {
unsigned int sltmp;
-@@ -353,17 +339,6 @@ static int pkey_rsa_verify(EVP_PKEY_CTX
+@@ -359,17 +345,6 @@ static int pkey_rsa_verify(EVP_PKEY_CTX
}
#endif
if (rctx->md) {
@@ -13504,10 +13504,10 @@ Index: openssl-1.0.2a/crypto/rsa/rsa_pmeth.c
if (rctx->pad_mode == RSA_PKCS1_PADDING)
return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
sig, siglen, rsa);
-Index: openssl-1.0.2a/crypto/rsa/rsa_sign.c
+Index: openssl-1.0.2c/crypto/rsa/rsa_sign.c
===================================================================
---- openssl-1.0.2a.orig/crypto/rsa/rsa_sign.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/rsa/rsa_sign.c 2015-05-24 12:53:19.146111370 +0200
+--- openssl-1.0.2c.orig/crypto/rsa/rsa_sign.c 2015-06-12 23:20:59.486588631 +0200
++++ openssl-1.0.2c/crypto/rsa/rsa_sign.c 2015-06-12 23:21:28.271934339 +0200
@@ -132,7 +132,10 @@ int RSA_sign(int type, const unsigned ch
i2d_X509_SIG(&sig, &p);
s = tmps;
@@ -13546,10 +13546,10 @@ Index: openssl-1.0.2a/crypto/rsa/rsa_sign.c
if (i <= 0)
goto err;
-Index: openssl-1.0.2a/crypto/sha/sha.h
+Index: openssl-1.0.2c/crypto/sha/sha.h
===================================================================
---- openssl-1.0.2a.orig/crypto/sha/sha.h 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/sha/sha.h 2015-05-24 12:53:19.146111370 +0200
+--- openssl-1.0.2c.orig/crypto/sha/sha.h 2015-06-12 23:20:59.487588643 +0200
++++ openssl-1.0.2c/crypto/sha/sha.h 2015-06-12 23:21:28.271934339 +0200
@@ -105,9 +105,6 @@ typedef struct SHAstate_st {
} SHA_CTX;
@@ -13592,10 +13592,10 @@ Index: openssl-1.0.2a/crypto/sha/sha.h
int SHA384_Init(SHA512_CTX *c);
int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
int SHA384_Final(unsigned char *md, SHA512_CTX *c);
-Index: openssl-1.0.2a/crypto/sha/sha_locl.h
+Index: openssl-1.0.2c/crypto/sha/sha_locl.h
===================================================================
---- openssl-1.0.2a.orig/crypto/sha/sha_locl.h 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/sha/sha_locl.h 2015-05-24 12:53:19.146111370 +0200
+--- openssl-1.0.2c.orig/crypto/sha/sha_locl.h 2015-06-12 23:20:59.487588643 +0200
++++ openssl-1.0.2c/crypto/sha/sha_locl.h 2015-06-12 23:21:28.271934339 +0200
@@ -123,11 +123,14 @@ void sha1_block_data_order(SHA_CTX *c, c
#define INIT_DATA_h4 0xc3d2e1f0UL
@@ -13612,10 +13612,10 @@ Index: openssl-1.0.2a/crypto/sha/sha_locl.h
memset(c, 0, sizeof(*c));
c->h0 = INIT_DATA_h0;
c->h1 = INIT_DATA_h1;
-Index: openssl-1.0.2a/crypto/sha/sha256.c
+Index: openssl-1.0.2c/crypto/sha/sha256.c
===================================================================
---- openssl-1.0.2a.orig/crypto/sha/sha256.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/sha/sha256.c 2015-05-24 12:53:19.146111370 +0200
+--- openssl-1.0.2c.orig/crypto/sha/sha256.c 2015-06-12 23:20:59.487588643 +0200
++++ openssl-1.0.2c/crypto/sha/sha256.c 2015-06-12 23:21:28.272934351 +0200
@@ -12,12 +12,19 @@
# include <openssl/crypto.h>
@@ -13646,10 +13646,10 @@ Index: openssl-1.0.2a/crypto/sha/sha256.c
memset(c, 0, sizeof(*c));
c->h[0] = 0x6a09e667UL;
c->h[1] = 0xbb67ae85UL;
-Index: openssl-1.0.2a/crypto/sha/sha512.c
+Index: openssl-1.0.2c/crypto/sha/sha512.c
===================================================================
---- openssl-1.0.2a.orig/crypto/sha/sha512.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/crypto/sha/sha512.c 2015-05-24 12:53:19.146111370 +0200
+--- openssl-1.0.2c.orig/crypto/sha/sha512.c 2015-06-12 23:20:59.487588643 +0200
++++ openssl-1.0.2c/crypto/sha/sha512.c 2015-06-12 23:21:28.272934351 +0200
@@ -5,6 +5,10 @@
* ====================================================================
*/
@@ -13681,10 +13681,10 @@ Index: openssl-1.0.2a/crypto/sha/sha512.c
c->h[0] = U64(0x6a09e667f3bcc908);
c->h[1] = U64(0xbb67ae8584caa73b);
c->h[2] = U64(0x3c6ef372fe94f82b);
-Index: openssl-1.0.2a/crypto/whrlpool/wp_dgst.c
+Index: openssl-1.0.2c/crypto/whrlpool/wp_dgst.c
===================================================================
---- openssl-1.0.2a.orig/crypto/whrlpool/wp_dgst.c 2015-03-19 14:19:00.000000000 +0100
-+++ openssl-1.0.2a/crypto/whrlpool/wp_dgst.c 2015-05-24 12:53:19.146111370 +0200
+--- openssl-1.0.2c.orig/crypto/whrlpool/wp_dgst.c 2015-06-12 23:20:59.487588643 +0200
++++ openssl-1.0.2c/crypto/whrlpool/wp_dgst.c 2015-06-12 23:21:28.272934351 +0200
@@ -55,7 +55,7 @@
#include <openssl/crypto.h>
#include <string.h>
@@ -13694,10 +13694,10 @@ Index: openssl-1.0.2a/crypto/whrlpool/wp_dgst.c
{
memset(c, 0, sizeof(*c));
return (1);
-Index: openssl-1.0.2a/Makefile.org
+Index: openssl-1.0.2c/Makefile.org
===================================================================
---- openssl-1.0.2a.orig/Makefile.org 2015-05-24 12:53:19.122111022 +0200
-+++ openssl-1.0.2a/Makefile.org 2015-05-24 12:53:19.147111384 +0200
+--- openssl-1.0.2c.orig/Makefile.org 2015-06-12 23:20:59.488588654 +0200
++++ openssl-1.0.2c/Makefile.org 2015-06-12 23:21:28.272934351 +0200
@@ -136,6 +136,9 @@ FIPSCANLIB=
BASEADDR=
@@ -13725,10 +13725,10 @@ Index: openssl-1.0.2a/Makefile.org
THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
# which in turn eliminates ambiguities in variable treatment with -e.
-Index: openssl-1.0.2a/ssl/ssl_algs.c
+Index: openssl-1.0.2c/ssl/ssl_algs.c
===================================================================
---- openssl-1.0.2a.orig/ssl/ssl_algs.c 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/ssl/ssl_algs.c 2015-05-24 12:53:19.147111384 +0200
+--- openssl-1.0.2c.orig/ssl/ssl_algs.c 2015-06-12 23:20:59.488588654 +0200
++++ openssl-1.0.2c/ssl/ssl_algs.c 2015-06-12 23:21:28.273934363 +0200
@@ -64,6 +64,11 @@
int SSL_library_init(void)
{
diff --git a/openssl-1.0.2a.tar.gz b/openssl-1.0.2a.tar.gz
deleted file mode 100644
index 4d3b4e0..0000000
--- a/openssl-1.0.2a.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:15b6393c20030aab02c8e2fe0243cb1d1d18062f6c095d67bca91871dc7f324a
-size 5262089
diff --git a/openssl-1.0.2a.tar.gz.asc b/openssl-1.0.2a.tar.gz.asc
deleted file mode 100644
index 21bf08e..0000000
--- a/openssl-1.0.2a.tar.gz.asc
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQEcBAABAgAGBQJVCs+pAAoJENnE0m0OYESRFCAH+gLn6G4l1HY1R6agC3WYf8Xj
-iTUFCJnwHN1jSgF9edLxASDS5DJ9kstEu1xyswdJT4jumFusxgnrDkqorN0K50Xe
-PlflZyRdr8Fkg9M3pYkRZ7hxvZszmdx53hnuYTZ5m4C/8EUd12icAHhho8M0ks+E
-rT1VfVKfX7iD9MIgLJ+9ZVGWUdUH/1RsQPPEWPWed5TCQUmilvm6Ygz2LsTKYQSQ
-TOvhCMCnWl6gVrc3o0AlrgHRL01dq6kMwNSnvC09Iby/C3N+b7VbOG3sZU/xTO/M
-YhqFJOjGYk5W1SFJ4PNpM504sPo2N6uJ8pCgSa3chcqfvzSjFgKzAqI9CHv8BD4=
-=mSK1
------END PGP SIGNATURE-----
diff --git a/openssl-1.0.2d.tar.gz b/openssl-1.0.2d.tar.gz
new file mode 100644
index 0000000..c3859a1
--- /dev/null
+++ b/openssl-1.0.2d.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:671c36487785628a703374c652ad2cebea45fa920ae5681515df25d9f2c9a8c8
+size 5295447
diff --git a/openssl-1.0.2d.tar.gz.asc b/openssl-1.0.2d.tar.gz.asc
new file mode 100644
index 0000000..72fe5b8
--- /dev/null
+++ b/openssl-1.0.2d.tar.gz.asc
@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iQEcBAABAgAGBQJVnmMAAAoJENnE0m0OYESRFMAIALdJSJRX5Na77O4wTzrhE/O+
+0QU0MhqZikfEsngd5F47f5fwTGmXM3+oLJ3J94okqxuBeicAMq90MRxUe9cczUqr
+qZ3MH5dMJ12rwaKnnyUH2Xl5Zg41px4tL7oD9piGJc52dKmEbX+t7dUKj/N3WglZ
+uKYp7jxV0tdzZeQcuPIOxq74yGQuYTell+hHXKdlmYPrH8LL27ZUpVmGuCUrHBku
+6+VDZVvRZFvTPy2IrIoI5e0lN9qUobyhoGUUICXYEaKMt1xenTWCi9CFzTEmrhjq
+54Zp4CgVXj24PwNKJ42v3jgN4nVEsMSreD0SDyOh2d2kV0/51avX7KmHAjPYD6Y=
+=U3sw
+-----END PGP SIGNATURE-----
diff --git a/openssl-fix_invalid_manpage_name.patch b/openssl-fix_invalid_manpage_name.patch
deleted file mode 100644
index 9841c79..0000000
--- a/openssl-fix_invalid_manpage_name.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-Index: openssl-1.0.2a/doc/ssl/SSL_CTX_use_serverinfo.pod
-===================================================================
---- openssl-1.0.2a.orig/doc/ssl/SSL_CTX_use_serverinfo.pod 2015-03-19 14:30:36.000000000 +0100
-+++ openssl-1.0.2a/doc/ssl/SSL_CTX_use_serverinfo.pod 2015-05-29 11:33:45.390463069 +0200
-@@ -2,7 +2,7 @@
-
- =head1 NAME
-
--SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file
-+SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file - load serverinfo
-
- =head1 SYNOPSIS
-
diff --git a/openssl.changes b/openssl.changes
index 6fb4bdf..9e58e34 100644
--- a/openssl.changes
+++ b/openssl.changes
@@ -1,3 +1,66 @@
+-------------------------------------------------------------------
+Thu Jul 9 13:32:34 UTC 2015 - vcizek@suse.com
+
+- update to 1.0.2d
+ * fixes CVE-2015-1793 (bsc#936746)
+
+ Alternate chains certificate forgery
+
+ During certificate verfification, OpenSSL will attempt to find an
+ alternative certificate chain if the first attempt to build such a chain
+ fails. An error in the implementation of this logic can mean that an
+ attacker could cause certain checks on untrusted certificates to be
+ bypassed, such as the CA flag, enabling them to use a valid leaf
+ certificate to act as a CA and "issue" an invalid certificate.
+- drop openssl-fix_invalid_manpage_name.patch (upstream)
+
+-------------------------------------------------------------------
+Thu Jul 2 14:46:36 UTC 2015 - dvaleev@suse.com
+
+- Workaround debugit crash on ppc64le with gcc5
+ bsc936563_hack.patch (bsc#936563)
+
+-------------------------------------------------------------------
+Wed Jul 1 09:26:26 UTC 2015 - normand@linux.vnet.ibm.com
+
+- update merge_from_0.9.8k.patch replacing __LP64__ by __LP64
+ this is a change versus previous request 309611
+ required to avoid build error for ppc64
+
+-------------------------------------------------------------------
+Fri Jun 26 00:11:20 UTC 2015 - crrodriguez@opensuse.org
+
+- Build with no-ssl3, for details on why this is needed read
+ rfc7568. Contrary to the "no-ssl2" option, this does not
+ require us to patch dependant packages as the relevant
+ functions are still available (SSLv3_(client|server)_method)
+ but will fail to negotiate. if removing SSL3 methods is desired
+ at a later time, option "no-ssl3-method" needs to be used.
+
+-------------------------------------------------------------------
+Fri Jun 12 21:22:45 UTC 2015 - vcizek@suse.com
+
+- update to 1.0.2c
+ * Fix HMAC ABI incompatibility
+- refreshed openssl-1.0.2a-fips.patch
+
+-------------------------------------------------------------------
+Thu Jun 11 15:50:44 UTC 2015 - vcizek@suse.com
+
+- update to 1.0.2b
+ * Malformed ECParameters causes infinite loop (CVE-2015-1788)
+ * Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
+ * PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
+ * CMS verify infinite loop with unknown hash function (CVE-2015-1792)
+ * Race condition handling NewSessionTicket (CVE-2015-1791)
+- refreshed patches:
+ * 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
+ * 0001-libcrypto-Hide-library-private-symbols.patch
+ * openssl-1.0.2a-default-paths.patch
+ * openssl-1.0.2a-fips.patch
+ * compression_methods_switch.patch
+ * openssl-1.0.1e-add-test-suse-default-cipher-suite.patch
+
-------------------------------------------------------------------
Sun May 24 12:13:14 UTC 2015 - vcizek@suse.com
diff --git a/openssl.spec b/openssl.spec
index 9e7f638..91270a0 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -29,7 +29,7 @@ Provides: ssl
%ifarch ppc64
Obsoletes: openssl-64bit
%endif
-Version: 1.0.2a
+Version: 1.0.2d
Release: 0
Summary: Secure Sockets and Transport Layer Security
License: OpenSSL
@@ -73,7 +73,7 @@ Patch34: openssl-fips-hidden.patch
Patch35: openssl-1.0.1e-add-suse-default-cipher.patch
Patch37: openssl-1.0.1e-add-test-suse-default-cipher-suite.patch
Patch38: openssl-missing_FIPS_ec_group_new_by_curve_name.patch
-Patch39: openssl-fix_invalid_manpage_name.patch
+Patch40: bsc936563_hack.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -184,12 +184,15 @@ this package's base documentation.
%patch35 -p1
%patch37 -p1
%patch38 -p1
-%patch39 -p1
%if 0%{?suse_version} >= 1120
%patch3
%endif
%patch8 -p1
%patch14 -p1
+#workaround https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66728
+%ifarch ppc64le
+%patch40 -p1
+%endif
cp -p %{S:10} .
cp -p %{S:11} .
echo "adding/overwriting some entries in the 'table' hash in Configure"
@@ -241,6 +244,7 @@ config_flags="threads shared no-rc5 no-idea \
fips \
%if 0%{suse_version} > 1310
no-ssl2 \
+no-ssl3 \
enable-rfc3779 \
%endif
%ifarch x86_64 aarch64 ppc64le