update for 2.1.8

The API/ABI for the LibreSSL 2.1.x series is now fixed, so we can safely
enable libtls it by default. This is useful for new OpenNTPD and
OpenSMTPD releases as well.

ok deraadt@ beck@ sthen@

.gitignore

@@ -38,6 +38,7 @@ Makefile.in
 *.lo
 *.la
 
+*.def
 *.pc
 
 # tests
@@ -53,6 +54,7 @@ tests/timingsafe*
 tests/*test
 tests/*test.c
 tests/memmem.c
+tests/pbkdf2*
 tests/*.pem
 tests/testssl
 tests/*.txt
@@ -110,6 +112,7 @@ apps/openssl
 apps/openssl.cnf
 !apps/apps_win.c
 !apps/poll_win.c
+!apps/certhash_disabled.c
 
 crypto/compat/arc4random.c
 crypto/compat/chacha_private.h

.travis.yml

@@ -0,0 +1,24 @@
+language: c
+matrix:
+        include:
+                - compiler: clang
+                  os: osx
+                  env: ARCH=native
+                - compiler: gcc
+                  os: osx
+                  env: ARCH=native
+                - compiler: clang
+                  os: linux
+                  env: ARCH=native
+                - compiler: gcc
+                  os: linux
+                  env: ARCH=native
+                - compiler: gcc
+                  os: linux
+                  env: ARCH=mingw32
+                - compiler: gcc
+                  os: linux
+                  env: ARCH=mingw64
+
+script:
+        "./scripts/travis"

ChangeLog

@@ -10,7 +10,7 @@ generation are here:
 
 	http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libcrypto/
 
-A new simplified SSL wrapper library is here:
+A simplified TLS wrapper library is here:
 
 	http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libtls/
 
@@ -19,15 +19,174 @@ with relevant portions of the C library, to a Git repository. This makes it
 easier to follow all of the relevant changes to the upstream project in a
 single place:
 
-	https://github.com/libressl-portable/openbsd/commits/master
+	https://github.com/libressl-portable/openbsd
 
 The portable bits of the project are largely maintained out-of-tree, and their
 history is also available from Git.
 
-	https://github.com/libressl-portable/portable/commits/master
+	https://github.com/libressl-portable/portable
 
 LibreSSL Portable Release Notes:
 
+This release primarily addresses a number of security issues in coordination
+with the OpenSSL project.
+
+2.1.8 - Security Update
+
+	* Fixes for a memory leak and out-of-bounds access in OBJ_obj2txt
+	  reported by Qualys Security.
+
+2.1.7 - Security Update
+
+	* Fixes for the following issues are integrated into LibreSSL 2.1.7:
+	 - CVE-2015-1788 - Malformed ECParameters causes infinite loop
+	 - CVE-2015-1789 - Exploitable out-of-bounds read in X509_cmp_time
+	 - CVE-2015-1792 - CMS verify infinite loop with unknown hash function
+
+	* The following CVEs did not apply to LibreSSL or were fixed in
+	  earlier releases:
+	 - CVE-2015-4000 - DHE man-in-the-middle protection (Logjam)
+	 - CVE-2015-1790 - PKCS7 crash with missing EnvelopedContent
+	 - CVE-2014-8176 - Invalid free in DTLS
+
+	* Fixes for the following CVEs are still in review for LibreSSL
+	 - CVE-2015-1791 - Race condition handling NewSessionTicket
+
+2.1.6 - Security update
+
+	* Fixes for the following issues are integrated into LibreSSL 2.1.6:
+	  - CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
+	  - CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
+	  - CVE-2015-0287 - ASN.1 structure reuse memory corruption
+	  - CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref
+	  - CVE-2015-0289 - PKCS7 NULL pointer dereferences
+
+	* The fix for CVE-2015-0207 - Segmentation fault in DTLSv1_listen
+	  is integrated for safety, but LibreSSL is not vulnerable.
+
+	* Libtls is now built by default. The --enable-libtls
+	  configuration option is no longer required.
+	  The libtls API is now stable for the 2.1.x series.
+
+2.1.5 - Bug fixes and a security update
+	* Fix incorrect comparison function in openssl(1) certhash command.
+	  Thanks to Christian Neukirchen / Void Linux.
+
+	* Windows port improvements and bug fixes.
+	  - Removed a dependency on libgcc in 32-bit dynamic libraries.
+	  - Correct a hang in openssl(1) reading from stdin on an connection.
+	  - Initialize winsock in openssl(1) earlier, allow 'openssl ocsp' and
+	    any other network-related commands to function properly.
+
+	* Reject all server DH keys smaller than 1024 bits.
+
+2.1.4 - Security and feature updates
+	* Improvements to libtls:
+	  - a new API for loading CA chains directly from memory instead of a
+	    file, allowing verification with privilege separation in a chroot
+	    without direct access to CA certificate files.
+
+	  - Ciphers default to TLSv1.2 with AEAD and PFS.
+
+	  - Improved error handling and message generation
+
+	  - New APIs and improved documentation
+
+	* Added X509_STORE_load_mem API for loading certificates from memory.
+	  This facilitates accessing certificates from a chrooted environment.
+
+	* New AEAD "MAC alias" allows configuring TLSv1.2 AEAD ciphers by
+	  using 'TLSv1.2+AEAD' as the cipher selection string.
+
+	* Dead and disabled code removal including MD5, Netscape workarounds,
+	  non-POSIX IO, SCTP, RFC 3779 support, many #if 0 sections, and more.
+
+	* ASN1 macro maze expanded to aid reading and searching the code.
+
+	* NULL pointer asserts removed in favor of letting the OS/signal
+	  handler catch them.
+
+	* Refactored argument handling in openssl(1) for consistency and
+	  maintainability.
+
+	* New openssl(1) command 'certhash' replaces the c_rehash script.
+
+	* Support for building with OPENSSL_NO_DEPRECATED
+
+	* Server-side support for TLS_FALLBACK_SCSV for compatibility with
+	  various auditor and vulnerability scanners.
+
+	* Dozens of issues found with the Coverity scanner fixed.
+
+	* Security Updates:
+
+	  - Fix a minor information leak that was introduced in t1_lib.c
+	    r1.71, whereby an additional 28 bytes of .rodata (or .data) is
+	    provided to the network. In most cases this is a non-issue since
+	    the memory content is already public. Issue found and reported by
+	    Felix Groebert of the Google Security Team.
+
+	  - Fixes for the following low-severity issues were integrated into
+	    LibreSSL from OpenSSL 1.0.1k:
+
+	     CVE-2015-0205 - DH client certificates accepted without
+	                     verification
+	     CVE-2014-3570 - Bignum squaring may produce incorrect results
+	     CVE-2014-8275 - Certificate fingerprints can be modified
+	     CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]
+	     Reported by Karthikeyan Bhargavan of the PROSECCO team at INRIA.
+
+	    The following CVEs were fixed in earlier LibreSSL releases:
+	     CVE-2015-0206 - Memory leak handling repeated DLTS records
+	     CVE-2014-3510 - Flaw handling DTLS anonymous EC(DH) ciphersuites.
+
+	    The following CVEs did not apply to LibreSSL:
+	     CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
+	     CVE-2014-3569 - no-ssl3 configuration sets method to NULL
+	     CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA
+
+2.1.3 - Security update and OS support improvements
+	* Fixed various memory leaks in DTLS, including fixes for
+	  CVE-2015-0206.
+
+	* Added Application-Layer Protocol Negotiation (ALPN) support.
+
+	* Removed GOST R 34.10-94 signature authentication.
+
+	* Removed nonfunctional Netscape browser-hang workaround code.
+
+	* Simplfied and refactored SSL/DTLS handshake code.
+
+	* Added SHA256 Camellia cipher suites for TLS 1.2 from RFC 5932.
+
+	* Hide timing info about padding errors during handshakes.
+
+	* Improved libtls support for non-blocking sockets, added randomized
+	  session ID contexts. Work is ongoing with this library - feedback
+	  and potential use-cases are welcome.
+
+	* Support building Windows DLLs.
+	  Thanks to Jan Engelhard.
+
+	* Packaged config wrapper for better compatibility with OpenSSL-based
+	  build systems.
+	  Thanks to @technion from github
+
+	* Ensure the stack is marked non-executable for assembly sections.
+	  Thanks to Anthony G. Bastile.
+
+	* Enable extra compiler hardening flags by default, where applicable.
+	  The default set of hardening features can vary by OS to OS, so
+	  feedback is welcome on this. To disable the default hardening flags,
+	  specify '--disable-hardening' during configure.
+	  Thanks to Jim Barlow
+
+	* Initial HP-UX support, tested with HP-UX 11.31 ia64
+	  Thanks to Kinichiro Inoguchi
+
+	* Initial NetBSD support, tested with NetBSD 6.1.5 x86_64
+	  Imported from OpenNTPD, thanks to @gitisihara from github
+
 2.1.2 - Many new features and improvements
 	* Added reworked GOST cipher suite support
 	   thanks to Dmitry Eremin-Solenikov

Makefile.am

@@ -2,10 +2,6 @@ SUBDIRS = crypto ssl tls include apps tests man
 ACLOCAL_AMFLAGS = -I m4
 
 pkgconfigdir = $(libdir)/pkgconfig
-pkgconfig_DATA = libcrypto.pc libssl.pc openssl.pc
+pkgconfig_DATA = libcrypto.pc libssl.pc libtls.pc openssl.pc
 
-if ENABLE_LIBTLS
-pkgconfig_DATA += libtls.pc
-endif
-
-EXTRA_DIST = VERSION
+EXTRA_DIST = README README.windows VERSION config scripts

OPENBSD_BRANCH

@@ -1 +1 @@
-master
+OPENBSD_5_7

README

@@ -18,6 +18,10 @@ The LibreSSL portable build framework is also mirrored in Github:
 
 	https://github.com/libressl-portable/portable
 
+Please report bugs either to tech@openbsd.org, or to the github issue tracker:
+
+	https://github.com/libressl-portable/portable/issues
+
 If you have checked this source using Git, follow these initial steps to
 prepare the source tree for building:
 

README.windows

@@ -0,0 +1,40 @@
+# Building
+
+For Windows systems, LibreSSL supports the mingw-w64 toolchain, which can use
+GCC or Clang as the compiler. Contrary to its name, mingw-w64 supports both
+32-bit and 64-bit build environments. If your project already uses mingw-w64,
+then LibreSSL should integrate very nicely. Old versions of the mingw-w64
+toolchain, such as the one packaged with Ubuntu 12.04, may have trouble
+building LibreSSL. Please try it with a recent toolchain if you encounter
+troubles. If you are building under Cygwin, only builds with the mingw-w64
+compiler are supported, though you can easily use Cygwin to drive the build
+process.
+
+To configure and build LibreSSL for a 32-bit system, use the following
+build steps:
+
+ CC=i686-w64-mingw32-gcc ./configure --host=i686-w64-mingw32
+ make
+ make check
+
+For 64-bit builds, use these instead:
+
+ CC=x86_64-w64-mingw32-gcc ./configure --host=x86_64-w64-mingw32
+ make
+ make check
+
+# Using Libressl with Visual Studio
+
+A script for generating ready-to-use .DLL and static .LIB files is included in
+the source repository at
+https://github.com/libressl-portable/portable/blob/master/dist-win.sh
+
+This script uses mingw-w64 to build LibreSSL and then uses Visual Studio tools
+to generate compatible library import files ready-to-use with Visual
+Studio projects. Static and dynamic libraries are included. The script uses
+cv2pdb to generate Visual Studio and windbg compatible debug files. cv2pdb is a
+tool developed for the D language and can be found here:
+https://github.com/rainers/cv2pdb
+
+Pre-build Windows binaries are available with the LibreSSL release for your
+convenience.

VERSION

@@ -1 +1 @@
-2.1.2
+2.1.8

apps/Makefile.am

@@ -57,6 +57,12 @@ openssl_SOURCES += verify.c
 openssl_SOURCES += version.c
 openssl_SOURCES += x509.c
 
+if BUILD_CERTHASH
+openssl_SOURCES += certhash.c
+else
+openssl_SOURCES += certhash_disabled.c
+endif
+
 if HOST_WIN
 openssl_SOURCES += apps_win.c
 else

apps/certhash_disabled.c

@@ -0,0 +1,13 @@
+/*
+ * Public domain
+ * certhash dummy implementation for platforms without symlinks
+ */
+
+#include "apps.h"
+
+int
+certhash_main(int argc, char **argv)
+{
+	fprintf(stderr, "certhash is not enabled on this platform\n");
+	return (1);
+}

apps/poll_win.c

@@ -44,6 +44,8 @@ conn_has_oob_data(int fd)
 static int
 is_socket(int fd)
 {
+	if (fd < 3)
+		return 0;
 	WSANETWORKEVENTS events;
 	return (WSAEnumNetworkEvents((SOCKET)fd, NULL, &events) == 0);
 }
@@ -160,10 +162,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 	nfds_t i;
 	int timespent_ms, looptime_ms;
 
-#define FD_IS_SOCKET (1 << 0)
-	int fd_state[FD_SETSIZE];
-	int num_fds;
-
 	/*
 	 * select machinery
 	 */
@@ -190,14 +188,12 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 	FD_ZERO(&rfds);
 	FD_ZERO(&wfds);
 	FD_ZERO(&efds);
-	num_fds = 0;
 	num_sockets = 0;
 	num_handles = 0;
 
 	for (i = 0; i < nfds; i++) {
-		if ((int)pfds[i].fd < 0) {
+		if ((int)pfds[i].fd < 0)
 			continue;
-		}
 
 		if (is_socket(pfds[i].fd)) {
 			if (num_sockets >= FD_SETSIZE) {
@@ -205,8 +201,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 				return -1;
 			}
 
-			fd_state[num_fds] = FD_IS_SOCKET;
-
 			FD_SET(pfds[i].fd, &efds);
 
 			if (pfds[i].events &
@@ -229,8 +223,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 			handles[num_handles++] =
 			    (HANDLE)_get_osfhandle(pfds[i].fd);
 		}
-
-		num_fds++;
 	}
 
 	/*
@@ -254,21 +246,22 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 	 * than simply triggering if there is space available.
 	 */
 	timespent_ms = 0;
-	wait_rc = 0;
+	wait_rc = WAIT_FAILED;
 
-	if (timeout_ms < 0) {
+	if (timeout_ms < 0)
 		timeout_ms = INFINITE;
-	}
 	looptime_ms = timeout_ms > 100 ? 100 : timeout_ms;
 
 	do {
 		struct timeval tv = {0, looptime_ms * 1000};
+		int handle_signaled = 0;
 
 		/*
 		 * Check if any file handles have signaled
 		 */
 		if (num_handles) {
-			wait_rc = WaitForMultipleObjects(num_handles, handles, FALSE, 0);
+			wait_rc = WaitForMultipleObjects(num_handles, handles,
+					FALSE, 0);
 			if (wait_rc == WAIT_FAILED) {
 				/*
 				 * The documentation for WaitForMultipleObjects
@@ -285,18 +278,20 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 		/*
 		 * If we signaled on a file handle, don't wait on the sockets.
 		 */
-		if (wait_rc >= WAIT_OBJECT_0)
+		if (wait_rc >= WAIT_OBJECT_0 &&
+		    (wait_rc <= WAIT_OBJECT_0 + num_handles - 1)) {
 			tv.tv_usec = 0;
+			handle_signaled = 1;
+		}
 
 		/*
 		 * Check if any sockets have signaled
 		 */
 		rc = select(0, &rfds, &wfds, &efds, &tv);
-		if (rc == SOCKET_ERROR) {
+		if (!handle_signaled && rc == SOCKET_ERROR)
 			return wsa_select_errno(WSAGetLastError());
-		}
 
-		if (wait_rc >= WAIT_OBJECT_0 || (num_sockets && rc > 0))
+		if (handle_signaled || (num_sockets && rc > 0))
 			break;
 
 		timespent_ms += looptime_ms;
@@ -305,14 +300,14 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 
 	rc = 0;
 	num_handles = 0;
-	num_fds = 0;
 	for (i = 0; i < nfds; i++) {
 		pfds[i].revents = 0;
 
 		if ((int)pfds[i].fd < 0)
 			continue;
 
-		if (fd_state[num_fds] & FD_IS_SOCKET) {
+		if (is_socket(pfds[i].fd)) {
+
 			pfds[i].revents = compute_select_revents(pfds[i].fd,
 			    pfds[i].events, &rfds, &wfds, &efds);
 
@@ -323,8 +318,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 			num_handles++;
 		}
 
-		num_fds++;
-
 		if (pfds[i].revents)
 			rc++;
 	}

configure.ac

@@ -9,8 +9,8 @@ AC_CONFIG_MACRO_DIR([m4])
 
 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
 
-AC_SUBST([USER_CFLAGS], "-O2 $CFLAGS")
-CFLAGS="$CFLAGS -Wall -std=gnu99 -g"
+AC_SUBST([USER_CFLAGS], "$CFLAGS")
+CFLAGS="-Wall -std=gnu99 -g -O2"
 
 case $host_os in
 	*darwin*)
@@ -22,18 +22,27 @@ case $host_os in
 		HOST_ABI=elf
 		AC_SUBST([PROG_LDADD], ['-lthr'])
 		;;
+	*hpux*)
+		HOST_OS=hpux;
+		CFLAGS="$CFLAGS -mlp64 -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT"
+		AC_SUBST([PLATFORM_LDADD], ['-lpthread'])
+		;;
 	*linux*)
 		HOST_OS=linux
 		HOST_ABI=elf
 		CFLAGS="$CFLAGS -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE"
 		;;
+	*netbsd*)
+		HOST_OS=netbsd
+		;;
 	*openbsd*)
 		HOST_ABI=elf
 		AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has bounded])
 		;;
 	*mingw*)
 		HOST_OS=win
-		CFLAGS="$CFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600 -DOPENSSL_NO_SPEED -D__USE_MINGW_ANSI_STDIO"
+		CFLAGS="$CFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600 -DOPENSSL_NO_SPEED -DNO_SYSLOG -D__USE_MINGW_ANSI_STDIO -static-libgcc"
+		LDFLAGS="$LDFLAGS -static-libgcc"
 		AC_SUBST([PLATFORM_LDADD], ['-lws2_32'])
 		;;
 	*solaris*)
@@ -47,7 +56,9 @@ esac
 
 AM_CONDITIONAL([HOST_DARWIN],  [test x$HOST_OS = xdarwin])
 AM_CONDITIONAL([HOST_FREEBSD], [test x$HOST_OS = xfreebsd])
+AM_CONDITIONAL([HOST_HPUX],    [test x$HOST_OS = xhpux])
 AM_CONDITIONAL([HOST_LINUX],   [test x$HOST_OS = xlinux])
+AM_CONDITIONAL([HOST_NETBSD],  [test x$HOST_OS = xnetbsd])
 AM_CONDITIONAL([HOST_SOLARIS], [test x$HOST_OS = xsolaris])
 AM_CONDITIONAL([HOST_WIN],     [test x$HOST_OS = xwin])
 
@@ -57,12 +68,117 @@ AC_CHECK_FUNC([clock_gettime],,
 AC_CHECK_FUNC([dl_iterate_phdr],,
 	[AC_SEARCH_LIBS([dl_iterate_phdr],[dl])])
 
-AM_PROG_AS
 AC_PROG_CC
 AC_PROG_LIBTOOL
 AC_PROG_CC_STDC
 AM_PROG_CC_C_O
 
+AC_MSG_CHECKING([if compiling with clang])
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
+#ifndef __clang__
+	not clang
+#endif
+	]])],
+	[CLANG=yes],
+	[CLANG=no]
+)
+AC_MSG_RESULT([$CLANG])
+AS_IF([test "x$CLANG" = "xyes"], [CLANG_FLAGS=-Qunused-arguments])
+
+# We want to check for compiler flag support. Prior to clang v5.1, there was no
+# way to make clang's "argument unused" warning fatal.  So we invoke the
+# compiler through a wrapper script that greps for this message.
+saved_CC="$CC"
+saved_LD="$LD"
+flag_wrap="$srcdir/scripts/wrap-compiler-for-flag-check"
+CC="$flag_wrap $CC"
+LD="$flag_wrap $LD"
+
+AC_ARG_ENABLE([hardening],
+	[AS_HELP_STRING([--disable-hardening],
+			[Disable options to frustrate memory corruption exploits])],
+	[], [enable_hardening=yes])
+
+AC_ARG_ENABLE([windows-ssp],
+	[AS_HELP_STRING([--enable-windows-ssp],
+			[Enable building the stack smashing protection on
+			 Windows. This currently distributing libssp-0.dll.])])
+
+AC_DEFUN([CHECK_CFLAG], [
+	 AC_LANG_ASSERT(C)
+	 AC_MSG_CHECKING([if $saved_CC supports "$1"])
+	 old_cflags="$CFLAGS"
+	 CFLAGS="$1 -Wall -Werror"
+	 AC_TRY_LINK([
+		      #include <stdio.h>
+		      ],
+		     [printf("Hello")],
+		     AC_MSG_RESULT([yes])
+		     CFLAGS=$old_cflags
+		     HARDEN_CFLAGS="$HARDEN_CFLAGS $1",
+		     AC_MSG_RESULT([no])
+		     CFLAGS=$old_cflags
+		     [$2])
+])
+
+AC_DEFUN([CHECK_LDFLAG], [
+	 AC_LANG_ASSERT(C)
+	 AC_MSG_CHECKING([if $saved_LD supports "$1"])
+	 old_ldflags="$LDFLAGS"
+	 LDFLAGS="$1 -Wall -Werror"
+	 AC_TRY_LINK([
+		      #include <stdio.h>
+		      ],
+		     [printf("Hello")],
+		     AC_MSG_RESULT([yes])
+		     LDFLAGS=$old_ldflags
+		     HARDEN_LDFLAGS="$HARDEN_LDFLAGS $1",
+		     AC_MSG_RESULT([no])
+		     LDFLAGS=$old_ldflags
+		     [$2])
+])
+
+AS_IF([test "x$enable_hardening" = "xyes"], [
+	# Tell GCC to NOT optimize based on signed arithmetic overflow
+	CHECK_CFLAG([[-fno-strict-overflow]])
+
+	# _FORTIFY_SOURCE replaces builtin functions with safer versions.
+	CHECK_CFLAG([[-D_FORTIFY_SOURCE=2]])
+
+	# Enable read only relocations
+	CHECK_LDFLAG([[-Wl,-z,relro]])
+	CHECK_LDFLAG([[-Wl,-z,now]])
+
+	# Windows security flags
+	AS_IF([test "x$HOST_OS" = "xwin"], [
+		CHECK_LDFLAG([[-Wl,--nxcompat]])
+		CHECK_LDFLAG([[-Wl,--dynamicbase]])
+		CHECK_LDFLAG([[-Wl,--high-entropy-va]])
+	])
+
+	# Use stack-protector-strong if available; if not, fallback to
+	# stack-protector-all which is considered to be overkill
+	AS_IF([test "x$enable_windows_ssp" = "xyes" -o "x$HOST_OS" != "xwin"], [
+		CHECK_CFLAG([[-fstack-protector-strong]],
+			CHECK_CFLAG([[-fstack-protector-all]],
+				AC_MSG_WARN([compiler does not appear to support stack protection])
+			)
+		)
+		AS_IF([test "x$HOST_OS" = "xwin"], [
+			AC_SEARCH_LIBS([__stack_chk_guard],[ssp])
+		])
+	])
+])
+
+
+# Restore CC, LD
+CC="$saved_CC"
+LD="$saved_LD"
+
+CFLAGS="$CFLAGS $HARDEN_CFLAGS"
+LDFLAGS="$LDFLAGS $HARDEN_LDFLAGS"
+
+# Removing the dependency on -Wno-pointer-sign should be a goal
 save_cflags="$CFLAGS"
 CFLAGS=-Wno-pointer-sign
 AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign])
@@ -73,22 +189,25 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])],
 )
 CFLAGS="$save_cflags $AM_CFLAGS"
 
-AC_MSG_CHECKING([if compiling with clang])
-AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
-#ifndef __clang__
-	not clang
-#endif
-	]])],
+save_cflags="$CFLAGS"
+CFLAGS=
+AC_MSG_CHECKING([whether AS supports .note.GNU-stack])
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+__asm__(".section .note.GNU-stack,\"\",@progbits");]])],
 	[AC_MSG_RESULT([yes])]
-	[CLANG_FLAGS=-Qunused-arguments],
+	[AM_CFLAGS=-DHAVE_GNU_STACK],
 	[AC_MSG_RESULT([no])]
 )
+CFLAGS="$save_cflags $AM_CFLAGS"
+AM_PROG_AS
+
 CFLAGS="$CFLAGS $CLANG_CFLAGS"
 LDFLAGS="$LDFLAGS $CLANG_FLAGS"
 
 AC_CHECK_FUNCS([arc4random_buf asprintf explicit_bzero funopen getauxval])
 AC_CHECK_FUNCS([getentropy issetugid memmem poll reallocarray])
-AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strtonum])
+AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strsep strtonum])
+AC_CHECK_FUNCS([symlink])
 AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
 
 # Share test results with automake
@@ -104,13 +223,23 @@ AM_CONDITIONAL([HAVE_STRLCAT], [test "x$ac_cv_func_strlcat" = xyes])
 AM_CONDITIONAL([HAVE_STRLCPY], [test "x$ac_cv_func_strlcpy" = xyes])
 AM_CONDITIONAL([HAVE_STRNDUP], [test "x$ac_cv_func_strndup" = xyes])
 AM_CONDITIONAL([HAVE_STRNLEN], [test "x$ac_cv_func_strnlen" = xyes])
+AM_CONDITIONAL([HAVE_STRSEP], [test "x$ac_cv_func_strsep" = xyes])
 AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes])
 AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes])
 AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes])
+AM_CONDITIONAL([BUILD_CERTHASH], [test "x$ac_cv_func_symlink" = xyes])
 
 # overrides for arc4random_buf implementations with known issues
 AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF],
-	[test "x$HOST_OS" != xdarwin -a "x$HOST_OS" != xfreebsd -a "x$ac_cv_func_arc4random_buf" = xyes])
+	[test "x$HOST_OS" != xdarwin \
+	   -a "x$HOST_OS" != xfreebsd \
+	   -a "x$HOST_OS" != xnetbsd \
+	   -a "x$ac_cv_func_arc4random_buf" = xyes])
+
+# overrides for issetugid implementations with known issues
+AM_CONDITIONAL([HAVE_ISSETUGID],
+       [test "x$HOST_OS" != xdarwin \
+	  -a "x$ac_cv_func_issetugid" = xyes])
 
 AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
 	AC_LINK_IFELSE([AC_LANG_PROGRAM([[
@@ -155,16 +284,32 @@ AC_ARG_ENABLE([asm],
 	AS_HELP_STRING([--disable-asm], [Disable assembly]))
 AM_CONDITIONAL([OPENSSL_NO_ASM], [test "x$enable_asm" = "xno"])
 
+old_cflags=$CFLAGS
+CFLAGS="$USER_CFLAGS -I$srcdir/include"
+AC_MSG_CHECKING([if BSWAP4 builds without __STRICT_ALIGNMENT])
+AC_TRY_COMPILE([#include "$srcdir/crypto/modes/modes_lcl.h"],
+	       [int a = 0; BSWAP4(a);],
+	       AC_MSG_RESULT([yes])
+	       BSWAP4=yes,
+	       AC_MSG_RESULT([no])
+	       BSWAP4=no)
+CFLAGS="$old_cflags"
+
+case $host_cpu in
+	*sparc*)
+		CFLAGS="$CFLAGS -D__STRICT_ALIGNMENT"
+		;;
+	*arm*)
+		AS_IF([test "x$BSWAP4" = "xyes"],,
+		    CFLAGS="$CFLAGS -D__STRICT_ALIGNMENT")
+		;;
+esac
+
 AM_CONDITIONAL([HOST_ASM_ELF_X86_64],
     [test "x$HOST_ABI" = "xelf" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"])
 AM_CONDITIONAL([HOST_ASM_MACOSX_X86_64],
     [test "x$HOST_ABI" = "xmacosx" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"])
 
-AC_ARG_ENABLE([libtls],
-	AS_HELP_STRING([--enable-libtls], [Enable building the libtls library]))
-AM_CONDITIONAL([ENABLE_LIBTLS], [test "x$enable_libtls" = xyes])
-AM_COND_IF([ENABLE_LIBTLS], [AC_CONFIG_FILES([libtls.pc])])
-
 LT_INIT
 
 AC_CONFIG_FILES([
@@ -179,6 +324,7 @@ AC_CONFIG_FILES([
 	man/Makefile
 	libcrypto.pc
 	libssl.pc
+	libtls.pc
 	openssl.pc
 ])
 

crypto/Makefile.am

@@ -8,7 +8,7 @@ lib_LTLIBRARIES = libcrypto.la
 
 EXTRA_DIST = VERSION
 
-libcrypto_la_LDFLAGS = -version-info @LIBCRYPTO_VERSION@
+libcrypto_la_LDFLAGS = -version-info @LIBCRYPTO_VERSION@ -no-undefined
 libcrypto_la_LIBADD = libcompat.la libcompatnoopt.la
 libcrypto_la_CFLAGS = $(CFLAGS) $(USER_CFLAGS)
 libcrypto_la_CFLAGS += -DOPENSSL_NO_HW_PADLOCK
@@ -74,9 +74,15 @@ if !HAVE_GETENTROPY
 if HOST_FREEBSD
 libcompat_la_SOURCES += compat/getentropy_freebsd.c
 endif
+if HOST_HPUX
+libcompat_la_SOURCES += compat/getentropy_hpux.c
+endif
 if HOST_LINUX
 libcompat_la_SOURCES += compat/getentropy_linux.c
 endif
+if HOST_NETBSD
+libcompat_la_SOURCES += compat/getentropy_netbsd.c
+endif
 if HOST_DARWIN
 libcompat_la_SOURCES += compat/getentropy_osx.c
 endif
@@ -94,6 +100,12 @@ if !HAVE_ISSETUGID
 if HOST_LINUX
 libcompat_la_SOURCES += compat/issetugid_linux.c
 endif
+if HOST_HPUX
+libcompat_la_SOURCES += compat/issetugid_hpux.c
+endif
+if HOST_DARWIN
+libcompat_la_SOURCES += compat/issetugid_osx.c
+endif
 if HOST_WIN
 libcompat_la_SOURCES += compat/issetugid_win.c
 endif
@@ -102,7 +114,9 @@ endif
 noinst_HEADERS =
 noinst_HEADERS += compat/arc4random.h
 noinst_HEADERS += compat/arc4random_freebsd.h
+noinst_HEADERS += compat/arc4random_hpux.h
 noinst_HEADERS += compat/arc4random_linux.h
+noinst_HEADERS += compat/arc4random_netbsd.h
 noinst_HEADERS += compat/arc4random_osx.h
 noinst_HEADERS += compat/arc4random_solaris.h
 noinst_HEADERS += compat/arc4random_win.h
@@ -484,8 +498,6 @@ libcrypto_la_SOURCES += evp/bio_b64.c
 libcrypto_la_SOURCES += evp/bio_enc.c
 libcrypto_la_SOURCES += evp/bio_md.c
 libcrypto_la_SOURCES += evp/c_all.c
-libcrypto_la_SOURCES += evp/c_allc.c
-libcrypto_la_SOURCES += evp/c_alld.c
 libcrypto_la_SOURCES += evp/digest.c
 libcrypto_la_SOURCES += evp/e_aes.c
 libcrypto_la_SOURCES += evp/e_aes_cbc_hmac_sha1.c
@@ -762,6 +774,7 @@ noinst_HEADERS += whrlpool/wp_locl.h
 # x509
 libcrypto_la_SOURCES += x509/by_dir.c
 libcrypto_la_SOURCES += x509/by_file.c
+libcrypto_la_SOURCES += x509/by_mem.c
 libcrypto_la_SOURCES += x509/x509_att.c
 libcrypto_la_SOURCES += x509/x509_cmp.c
 libcrypto_la_SOURCES += x509/x509_d2.c

crypto/compat/arc4random.h

@@ -6,9 +6,15 @@
 #if defined(__FreeBSD__)
 #include "arc4random_freebsd.h"
 
+#elif defined(__hpux)
+#include "arc4random_hpux.h"
+
 #elif defined(__linux__)
 #include "arc4random_linux.h"
 
+#elif defined(__NetBSD__)
+#include "arc4random_netbsd.h"
+
 #elif defined(__APPLE__)
 #include "arc4random_osx.h"
 

crypto/compat/issetugid_hpux.c

@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <unistd.h>
+#include <sys/pstat.h>
+
+/*
+ * HP-UX does not have issetugid().
+ * Use pstat_getproc() and check PS_CHANGEDPRIV bit of pst_flag. If this call
+ * cannot be used, assume we must be running in a privileged environment.
+ */
+int issetugid(void)
+{
+	struct pst_status buf;
+	if (pstat_getproc(&buf, sizeof(buf), 0, getpid()) == 1 &&
+	    !(buf.pst_flag & PS_CHANGEDPRIV))
+		return 0;
+	return 1;
+}

crypto/compat/issetugid_osx.c

@@ -0,0 +1,16 @@
+/*
+ * issetugid implementation for OS X
+ * Public domain
+ */
+
+#include <unistd.h>
+
+/*
+ * OS X has issetugid, but it is not fork-safe as of version 10.10.
+ * See this Solaris report for test code that fails similarly:
+ * http://mcarpenter.org/blog/2013/01/15/solaris-issetugid%282%29-bug
+ */
+int issetugid(void)
+{
+	return 1;
+}

dist-win.sh

@@ -0,0 +1,57 @@
+#!/bin/bash
+set -e
+#set -x
+
+export PATH=/cygdrive/c/Program\ Files\ \(x86\)/Microsoft\ Visual\ Studio\ 12.0/VC/bin:$PATH
+VERSION=`cat VERSION`
+DIST=libressl-$VERSION-windows
+
+rm -fr $DIST
+mkdir -p $DIST
+autoreconf -i
+
+for ARCH in X86 X64; do
+
+	if [ $ARCH = X86 ]; then
+		HOST=i686-w64-mingw32
+		ARCHDIR=x86
+	else
+		HOST=x86_64-w64-mingw32
+		ARCHDIR=x64
+	fi
+
+	echo Building for $HOST
+
+	CC=$HOST-gcc ./configure --host=$HOST
+	make clean
+	PATH=$PATH:/usr/$HOST/sys-root/mingw/bin \
+	   make -j 4 check
+	make -j 4 install DESTDIR=`pwd`/stage-$ARCHDIR
+
+	mkdir -p $DIST/$ARCHDIR
+	#cp -a stage-$ARCHDIR/usr/local/lib/* $DIST/$ARCHDIR
+	if [ ! -e $DIST/include ]; then
+		cp -a stage-$ARCHDIR/usr/local/include $DIST
+		sed -i -e 'N;/\n.*__non/s/"\? *\n/ /;P;D' \
+		       $DIST/include/openssl/*.h $DIST/include/*.h
+		sed -i -e 'N;/\n.*__attr/s/"\? *\n/ /;P;D' \
+		       $DIST/include/openssl/*.h $DIST/include/*.h
+		sed -i -e "s/__attr.*;/;/"  \
+		       -e "s/sys\/time.h/winsock2.h/" \
+		       $DIST/include/openssl/*.h $DIST/include/*.h
+	fi
+
+	cp stage-$ARCHDIR/usr/local/bin/* $DIST/$ARCHDIR
+	#cp /usr/$HOST/sys-root/mingw/bin/libssp* $DIST/$ARCHDIR
+
+	for i in libcrypto libssl libtls; do
+		DLL=$(basename `ls -1 $DIST/$ARCHDIR/$i*.dll`|cut -d. -f1)
+		echo EXPORTS > $DLL.def
+		dumpbin /exports $DIST/$ARCHDIR/$DLL.dll | \
+		    awk '{print $4}' | awk 'NF' |tail -n +9 >> $DLL.def
+		lib /MACHINE:$ARCH /def:$DLL.def /out:$DIST/$ARCHDIR/$DLL.lib
+		cv2pdb $DIST/$ARCHDIR/$DLL.dll
+	done
+done
+
+zip -r $DIST.zip $DIST

dist.sh

@@ -3,5 +3,5 @@ set -e
 
 rm -f man/*.1 man/*.3
 ./autogen.sh
-./configure --enable-libtls
+./configure
 make distcheck

gen-coverage-report.sh

@@ -0,0 +1,37 @@
+#!/bin/sh
+
+VERSION=$(cat VERSION)
+DESTDIR=libressl-coverage-$VERSION
+
+echo "This will generate a code coverage report under $DESTDIR"
+echo
+
+if [ "x$(which lcov)" = "x" ]; then
+	echo "'lcov' is required but not found!"
+	exit 1
+fi
+
+if [ "x$(which genhtml)" = "x" ]; then
+	echo "'genhtml' is required but not found!"
+	exit 1
+fi
+
+find -name '*.gcda' -o -name '*.gcno' -delete
+rm -fr $DESTDIR
+
+echo "Configuring to build with code coverage support"
+./configure CFLAGS='-O0 -fprofile-arcs -ftest-coverage'
+
+echo "Running all code paths"
+make clean
+make check
+
+echo "Generating report"
+mkdir -p $DESTDIR
+find tests -name '*.gcda' -o -name '*.gcno' -delete
+lcov --directory . --capture --output-file $DESTDIR/coverage.tmp \
+    --test-name "LibreSSL $VERSION"
+genhtml --prefix . --output-directory $DESTDIR \
+    --title "LibreSSL $VERSION" --legend --show-detail $DESTDIR/coverage.tmp
+
+echo "Code coverage report is available under $DESTDIR"

include/Makefile.am

@@ -26,7 +26,6 @@ noinst_HEADERS += sys/select.h
 noinst_HEADERS += sys/socket.h
 noinst_HEADERS += sys/times.h
 noinst_HEADERS += sys/types.h
+noinst_HEADERS += sys/uio.h
 
-if ENABLE_LIBTLS
 include_HEADERS = tls.h
-endif

include/string.h

@@ -33,6 +33,10 @@ size_t strnlen(const char *str, size_t maxlen);
 #endif
 #endif
 
+#ifndef HAVE_STRSEP
+char *strsep(char **stringp, const char *delim);
+#endif
+
 #ifndef HAVE_EXPLICIT_BZERO
 void explicit_bzero(void *, size_t);
 #endif

include/sys/uio.h

@@ -0,0 +1,17 @@
+/*
+ * Public domain
+ * sys/select.h compatibility shim
+ */
+
+#ifndef _WIN32
+#include_next <sys/uio.h>
+#else
+
+#include <sys/types.h>
+
+struct iovec {
+	void *iov_base;
+	size_t iov_len;
+};
+
+#endif

libcrypto.pc.in

@@ -7,7 +7,7 @@ includedir=@includedir@
 
 Name: LibreSSL-libssl
 Description: Secure Sockets Layer and cryptography libraries
-Version: @VERSION@
+Version: @LIBCRYPTO_VERSION@
 Requires:
 Conflicts:
 Libs: -L${libdir} -lcrypto

libssl.pc.in

@@ -7,7 +7,7 @@ includedir=@includedir@
 
 Name: LibreSSL-libssl
 Description: Secure Sockets Layer and cryptography libraries
-Version: @VERSION@
+Version: @LIBSSL_VERSION@
 Requires:
 Requires.private: libcrypto
 Conflicts:

libtls.pc.in

@@ -7,7 +7,7 @@ includedir=@includedir@
 
 Name: LibreSSL-libtls
 Description: Secure communications using the TLS socket protocol.
-Version: @VERSION@
+Version: @LIBTLS_VERSION@
 Requires:
 Requires.private: libcrypto libssl
 Conflicts:

patches/win_bio_sock_init.diff

@@ -0,0 +1,44 @@
+diff --git a/src/usr.bin/openssl/openssl.c b/src/usr.bin/openssl/openssl.c
+index e7dd11c..cfd4593 100644
+--- a/src/usr.bin/openssl/openssl.c
++++ b/src/usr.bin/openssl/openssl.c
+@@ -253,6 +253,11 @@ main(int argc, char **argv)
+ 	arg.data = NULL;
+ 	arg.count = 0;
+ 
++	if (BIO_sock_init() != 1) {
++		fprintf(stderr, "BIO_sock_init failed\n");
++		exit(1);
++	}
++
+ 	bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+ 	if (bio_err == NULL) {
+ 		fprintf(stderr, "openssl: failed to initialise bio_err\n");
+diff --git a/src/usr.bin/openssl/s_socket.c b/src/usr.bin/openssl/s_socket.c
+index 3b96b1a..2ce31eb 100644
+--- a/src/usr.bin/openssl/s_socket.c
++++ b/src/usr.bin/openssl/s_socket.c
+@@ -85,11 +85,6 @@ init_client(int *sock, char *host, char *port, int type, int af)
+ 	struct addrinfo hints, *ai_top, *ai;
+ 	int i, s;
+ 
+-	if (BIO_sock_init() != 1) {
+-		BIO_printf(bio_err, "BIO_sock_init failed\n");
+-		return (0);
+-	}
+-
+ 	memset(&hints, '\0', sizeof(hints));
+ 	hints.ai_family = af;
+ 	hints.ai_socktype = type;
+@@ -181,11 +176,6 @@ init_server_long(int *sock, int port, char *ip, int type)
+ 	struct sockaddr_in server;
+ 	int s = -1;
+ 
+-	if (BIO_sock_init() != 1) {
+-		BIO_printf(bio_err, "BIO_sock_init failed\n");
+-		return (0);
+-	}
+-
+ 	memset((char *) &server, 0, sizeof(server));
+ 	server.sin_family = AF_INET;
+ 	server.sin_port = htons((unsigned short) port);

scripts/travis

@@ -0,0 +1,33 @@
+#!/bin/sh
+set -e
+
+./autogen.sh
+
+if [ "x$ARCH" = "xnative" ]; then
+	./configure
+	if [ `uname` = "Darwin" ]; then
+		# OS X runs out of resources if we run 'make -j check'
+		make check
+	else
+		make -j distcheck
+	fi
+else
+	CPU=i686
+	if [ "x$ARCH" = "xmingw64" ]; then
+		CPU=x86_64
+	fi
+	export CC=$CPU-w64-mingw32-gcc
+
+	if [ -z $(which $CC) ]; then
+		# Update Ubuntu 12.04 with current mingw toolchain
+		sudo apt-get update
+		sudo apt-get install -y python-software-properties
+		sudo apt-add-repository -y ppa:tobydox/mingw-x-precise
+		sudo apt-get update
+		sudo apt-get install -y $ARCH-x-gcc make
+		export PATH=$PATH:/opt/$ARCH/bin
+	fi
+
+	./configure --host=$CPU-w64-mingw32
+	make -j
+fi

scripts/wrap-compiler-for-flag-check

@@ -0,0 +1,31 @@
+#!/bin/sh
+
+# This file is in the public domain.
+# https://github.com/kmcallister/autoharden/blob/c5c7842f39c2f8d19836bb5427d6479db4436d62/LICENSE
+#
+# From kmcallister: 
+# https://github.com/kmcallister/autoharden/blob/efaf5a16612589808c276a11536ea9a47071f74b/scripts/wrap-compiler-for-flag-check
+
+# Prior to clang v5.1, there was no way to make
+# clang's "argument unused" warning fatal.  This
+# wrapper script that greps for this warning message. Newer clang's have no issues.
+#
+# Ideally the search string would also include 'clang: ' but this output might
+# depend on clang's argv[0].
+#
+set -o errexit
+set -o nounset
+
+if out=`"$@" 2>&1`; then
+  echo "$out"
+  if echo "$out" | grep 'warning: argument unused' >/dev/null; then
+    echo "$0: found clang warning"
+    exit 1
+  else
+    exit 0
+  fi
+else
+  code=$?
+  echo "$out"
+  exit $code
+fi

ssl/Makefile.am

@@ -4,10 +4,14 @@ lib_LTLIBRARIES = libssl.la
 
 EXTRA_DIST = VERSION
 
-libssl_la_LDFLAGS = -version-info @LIBSSL_VERSION@
+libssl_la_LDFLAGS = -version-info @LIBSSL_VERSION@ -no-undefined
 libssl_la_CFLAGS = $(CFLAGS) $(USER_CFLAGS)
+libssl_la_LIBADD = ../crypto/libcrypto.la
 
 libssl_la_SOURCES = bio_ssl.c
+libssl_la_SOURCES += bs_ber.c
+libssl_la_SOURCES += bs_cbb.c
+libssl_la_SOURCES += bs_cbs.c
 libssl_la_SOURCES += d1_both.c
 libssl_la_SOURCES += d1_clnt.c
 libssl_la_SOURCES += d1_enc.c
@@ -50,3 +54,4 @@ libssl_la_SOURCES += t1_srvr.c
 
 noinst_HEADERS = srtp.h
 noinst_HEADERS += ssl_locl.h
+noinst_HEADERS += bytestring.h

tests/Makefile.am.tpl

@@ -2,6 +2,7 @@ include $(top_srcdir)/Makefile.am.common
 
 AM_CPPFLAGS += -I $(top_srcdir)/crypto/modes
 AM_CPPFLAGS += -I $(top_srcdir)/crypto/asn1
+AM_CPPFLAGS += -I $(top_srcdir)/ssl
 
 LDADD = $(PLATFORM_LDADD) $(PROG_LDADD)
 LDADD += $(top_builddir)/ssl/libssl.la

tls/Makefile.am

@@ -1,12 +1,12 @@
 include $(top_srcdir)/Makefile.am.common
 
-if ENABLE_LIBTLS
 lib_LTLIBRARIES = libtls.la
 
 EXTRA_DIST = VERSION
 
-libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@
+libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined
 libtls_la_CFLAGS = $(CFLAGS) $(USER_CFLAGS)
+libtls_la_LIBADD = ../crypto/libcrypto.la ../ssl/libssl.la $(PLATFORM_LDADD)
 
 libtls_la_SOURCES = tls.c
 libtls_la_SOURCES += tls_client.c
@@ -15,4 +15,7 @@ libtls_la_SOURCES += tls_server.c
 libtls_la_SOURCES += tls_util.c
 libtls_la_SOURCES += tls_verify.c
 noinst_HEADERS = tls_internal.h
+
+if !HAVE_STRSEP
+libtls_la_SOURCES += strsep.c
 endif

update.sh

@@ -18,15 +18,15 @@ fi
  git pull --rebase)
 
 # setup source paths
-dir=`pwd`
-libc_src=$dir/openbsd/src/lib/libc
-libc_regress=$dir/openbsd/src/regress/lib/libc
-libcrypto_src=$dir/openbsd/src/lib/libcrypto
-libcrypto_regress=$dir/openbsd/src/regress/lib/libcrypto
-libssl_src=$dir/openbsd/src/lib/libssl
-libssl_regress=$dir/openbsd/src/regress/lib/libssl
-libtls_src=$dir/openbsd/src/lib/libtls
-openssl_app_src=$dir/openbsd/src/usr.bin/openssl
+CWD=`pwd`
+libc_src=$CWD/openbsd/src/lib/libc
+libc_regress=$CWD/openbsd/src/regress/lib/libc
+libcrypto_src=$CWD/openbsd/src/lib/libcrypto
+libcrypto_regress=$CWD/openbsd/src/regress/lib/libcrypto
+libssl_src=$CWD/openbsd/src/lib/libssl
+libssl_regress=$CWD/openbsd/src/regress/lib/libssl
+libtls_src=$CWD/openbsd/src/lib/libtls
+openssl_app_src=$CWD/openbsd/src/usr.bin/openssl
 
 # load library versions
 source $libcrypto_src/crypto/shlib_version
@@ -86,7 +86,7 @@ copy_hdrs() {
 	done
 }
 
-copy_hdrs crypto "stack/stack.h lhash/lhash.h stack/safestack.h opensslv.h
+copy_hdrs crypto "stack/stack.h lhash/lhash.h stack/safestack.h
 	ossl_typ.h err/err.h crypto.h comp/comp.h x509/x509.h buffer/buffer.h
 	objects/objects.h asn1/asn1.h bn/bn.h ec/ec.h ecdsa/ecdsa.h
 	ecdh/ecdh.h rsa/rsa.h sha/sha.h x509/x509_vfy.h pkcs7/pkcs7.h pem/pem.h
@@ -96,12 +96,16 @@ copy_hdrs crypto "stack/stack.h lhash/lhash.h stack/safestack.h opensslv.h
 	bio/bio.h cast/cast.h cmac/cmac.h conf/conf_api.h des/des.h dh/dh.h
 	dsa/dsa.h cms/cms.h engine/engine.h ui/ui.h pkcs12/pkcs12.h ts/ts.h
 	md4/md4.h ripemd/ripemd.h whrlpool/whrlpool.h idea/idea.h mdc2/mdc2.h
-	rc2/rc2.h rc4/rc4.h rc5/rc5.h ui/ui_compat.h txt_db/txt_db.h
+	rc2/rc2.h rc4/rc4.h ui/ui_compat.h txt_db/txt_db.h
 	chacha/chacha.h evp/evp.h poly1305/poly1305.h camellia/camellia.h
 	gost/gost.h"
 
 copy_hdrs ssl "srtp.h ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h"
 
+sed -e "s/\"LibreSSL .*\"/\"LibreSSL ${libressl_version}\"/" \
+	$libssl_src/src/crypto/opensslv.h > include/openssl/opensslv.h.lcl
+$MV include/openssl/opensslv.h.lcl include/openssl/opensslv.h
+
 # copy libcrypto source
 echo copying libcrypto source
 rm -f crypto/*.c crypto/*.h
@@ -121,10 +125,20 @@ $CP crypto/compat/ui_openssl_win.c crypto/ui
 asm_src=$libssl_src/src/crypto
 gen_asm_stdout() {
 	perl $asm_src/$2 $1 > $3.tmp
+	[[ $1 == "elf" ]] && cat <<-EOF >> $3.tmp
+	#if defined(HAVE_GNU_STACK)
+	.section .note.GNU-stack,"",%progbits
+	#endif
+	EOF
 	$MV $3.tmp $3
 }
 gen_asm() {
 	perl $asm_src/$2 $1 $3.tmp
+	[[ $1 == "elf" ]] && cat <<-EOF >> $3.tmp
+	#if defined(HAVE_GNU_STACK)
+	.section .note.GNU-stack,"",%progbits
+	#endif
+	EOF
 	$MV $3.tmp $3
 }
 for abi in elf macosx; do
@@ -154,7 +168,11 @@ done
 echo copying libtls source
 rm -f tls/*.c tls/*.h
 for i in `awk '/SOURCES|HEADERS/ { print $3 }' tls/Makefile.am` ; do
+	if [ -e $libtls_src/$i ]; then
 		$CP $libtls_src/$i tls
+	else
+		$CP $libc_src/string/$i tls
+	fi
 done
 
 # copy openssl(1) source
@@ -166,6 +184,8 @@ for i in `awk '/SOURCES|HEADERS/ { print $3 }' apps/Makefile.am` ; do
 		$CP $openssl_app_src/$i apps
 	fi
 done
+# patch for openssl(1) oscp on windows
+(cd apps; patch -p4 < $CWD/patches/win_bio_sock_init.diff)
 
 # copy libssl source
 echo "copying libssl source"
@@ -176,30 +196,23 @@ done
 
 # copy libcrypto tests
 echo "copying tests"
-rm -f tests/biotest.c
-for i in aead/aeadtest.c aeswrap/aes_wrap.c base64/base64test.c bf/bftest.c \
-	bn/general/bntest.c bn/mont/mont.c \
-	cast/casttest.c chacha/chachatest.c cts128/cts128test.c \
-	des/destest.c dh/dhtest.c dsa/dsatest.c ec/ectest.c ecdh/ecdhtest.c \
-	ecdsa/ecdsatest.c engine/enginetest.c evp/evptest.c exp/exptest.c \
-	gcm128/gcm128test.c hmac/hmactest.c idea/ideatest.c ige/igetest.c \
-	md4/md4test.c md5/md5test.c mdc2/mdc2test.c poly1305/poly1305test.c \
-	pkcs7/pkcs7test.c pqueue/pq_test.c rand/randtest.c rc2/rc2test.c \
-	rc4/rc4test.c rmd/rmdtest.c sha/shatest.c sha1/sha1test.c \
-	sha256/sha256test.c sha512/sha512test.c utf8/utf8test.c \
-	gost/gost2814789t.c ; do
-	 $CP $libcrypto_regress/$i tests
+for i in `find $libcrypto_regress -name '*.c'`; do
+	 $CP "$i" tests
 done
 
+# the BIO tests rely on resolver results that are OS and environment-specific
+rm tests/biotest.c
+
 # copy libc tests
 $CP $libc_regress/arc4random-fork/arc4random-fork.c tests/arc4randomforktest.c
 $CP $libc_regress/explicit_bzero/explicit_bzero.c tests
 $CP $libc_regress/timingsafe/timingsafe.c tests
 
 # copy libssl tests
-$CP $libssl_regress/asn1/asn1test.c tests
 $CP $libssl_regress/ssl/testssl tests
-$CP $libssl_regress/ssl/ssltest.c tests
+for i in `find $libssl_regress -name '*.c'`; do
+	 $CP "$i" tests
+done
 $CP $libssl_regress/certs/ca.pem tests
 $CP $libssl_regress/certs/server.pem tests
 
@@ -283,12 +296,15 @@ echo "copying manpages"
 		$CP $i .
 		echo "dist_man_MANS += $NAME" >> Makefile.am
 	done
+	for i in `ls -1 $libcrypto_src/man/*.3 | sort`; do
+		NAME=`basename "$i"`
+		$CP $i .
+		echo "dist_man_MANS += $NAME" >> Makefile.am
+	done
 	$CP $openssl_app_src/openssl.1 .
 	echo "dist_man_MANS += openssl.1" >> Makefile.am
 	$CP $libtls_src/tls_init.3 .
-	echo "if ENABLE_LIBTLS" >> Makefile.am
 	echo "dist_man_MANS += tls_init.3" >> Makefile.am
-	echo "endif" >> Makefile.am
 
 	# convert remaining POD manpages
 	for i in `ls -1 $libssl_src/src/doc/crypto/*.pod | sort`; do
@@ -310,23 +326,19 @@ echo "copying manpages"
 		echo "	ln -f \$(DESTDIR)\$(mandir)/man3/$1 \\" >> Makefile.am
 		echo "    \$(DESTDIR)\$(mandir)/man3/$2" >> Makefile.am
 	done
-	echo "if ENABLE_LIBTLS" >> Makefile.am
 	for i in $TLS_MLINKS; do
 		IFS=","; set $i; unset IFS
 		echo "	ln -f \$(DESTDIR)\$(mandir)/man3/$1 \\" >> Makefile.am
 		echo "    \$(DESTDIR)\$(mandir)/man3/$2" >> Makefile.am
 	done
-	echo "endif" >> Makefile.am
 	echo "" >> Makefile.am
 	echo "uninstall-local:" >> Makefile.am
 	for i in $SSL_MLINKS; do
 		IFS=","; set $i; unset IFS
 		echo "	-rm -f \$(DESTDIR)\$(mandir)/man3/$2" >> Makefile.am
 	done
-	echo "if ENABLE_LIBTLS" >> Makefile.am
 	for i in $TLS_MLINKS; do
 		IFS=","; set $i; unset IFS
 		echo "	rm -f \$(DESTDIR)\$(mandir)/man3/$2" >> Makefile.am
 	done
-	echo "endif" >> Makefile.am
 )