use correct patch level

Specify that we are rejecting server ephemeral DH keys < 1024 bits.

.gitignore

@@ -38,6 +38,7 @@ Makefile.in
 *.lo
 *.la
 
+*.def
 *.pc
 
 # tests
@@ -53,6 +54,7 @@ tests/timingsafe*
 tests/*test
 tests/*test.c
 tests/memmem.c
+tests/pbkdf2*
 tests/*.pem
 tests/testssl
 tests/*.txt
@@ -110,6 +112,7 @@ apps/openssl
 apps/openssl.cnf
 !apps/apps_win.c
 !apps/poll_win.c
+!apps/certhash_disabled.c
 
 crypto/compat/arc4random.c
 crypto/compat/chacha_private.h

.travis.yml

@@ -1,8 +1,24 @@
 language: c
-compiler:
-        - clang
-        - gcc
-os:
-        - linux
-        - osx
-script: "./dist.sh"
+matrix:
+        include:
+                - compiler: clang
+                  os: osx
+                  env: ARCH=native
+                - compiler: gcc
+                  os: osx
+                  env: ARCH=native
+                - compiler: clang
+                  os: linux
+                  env: ARCH=native
+                - compiler: gcc
+                  os: linux
+                  env: ARCH=native
+                - compiler: gcc
+                  os: linux
+                  env: ARCH=mingw32
+                - compiler: gcc
+                  os: linux
+                  env: ARCH=mingw64
+
+script:
+        "./scripts/travis"

ChangeLog

@@ -10,7 +10,7 @@ generation are here:
 
 	http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libcrypto/
 
-A new simplified SSL wrapper library is here:
+A simplified TLS wrapper library is here:
 
 	http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libtls/
 
@@ -19,15 +19,87 @@ with relevant portions of the C library, to a Git repository. This makes it
 easier to follow all of the relevant changes to the upstream project in a
 single place:
 
-	https://github.com/libressl-portable/openbsd/commits/master
+	https://github.com/libressl-portable/openbsd
 
 The portable bits of the project are largely maintained out-of-tree, and their
 history is also available from Git.
 
-	https://github.com/libressl-portable/portable/commits/master
+	https://github.com/libressl-portable/portable
 
 LibreSSL Portable Release Notes:
 
+2.1.5 - Bug fixes and a security update
+	* Fix incorrect comparison function in openssl(1) certhash command.
+
+	* Windows port improvements and bug fixes.
+
+	* Reject server ephemeral DH keys smaller than 1024 bits.
+
+2.1.4 - Security and feature updates
+	* Improvements to libtls:
+	  - a new API for loading CA chains directly from memory instead of a
+	    file, allowing verification with privilege separation in a chroot
+	    without direct access to CA certificate files.
+
+	  - Ciphers default to TLSv1.2 with AEAD and PFS.
+
+	  - Improved error handling and message generation
+
+	  - New APIs and improved documentation
+
+	* Added X509_STORE_load_mem API for loading certificates from memory.
+	  This facilitates accessing certificates from a chrooted environment.
+
+	* New AEAD "MAC alias" allows configuring TLSv1.2 AEAD ciphers by
+	  using 'TLSv1.2+AEAD' as the cipher selection string.
+
+	* Dead and disabled code removal including MD5, Netscape workarounds,
+	  non-POSIX IO, SCTP, RFC 3779 support, many #if 0 sections, and more.
+
+	* ASN1 macro maze expanded to aid reading and searching the code.
+
+	* NULL pointer asserts removed in favor of letting the OS/signal
+	  handler catch them.
+
+	* Refactored argument handling in openssl(1) for consistency and
+	  maintainability.
+
+	* New openssl(1) command 'certhash' replaces the c_rehash script.
+
+	* Support for building with OPENSSL_NO_DEPRECATED
+
+	* Server-side support for TLS_FALLBACK_SCSV for compatibility with
+	  various auditor and vulnerability scanners.
+
+	* Dozens of issues found with the Coverity scanner fixed.
+
+	* Security Updates:
+
+	  - Fix a minor information leak that was introduced in t1_lib.c
+	    r1.71, whereby an additional 28 bytes of .rodata (or .data) is
+	    provided to the network. In most cases this is a non-issue since
+	    the memory content is already public. Issue found and reported by
+	    Felix Groebert of the Google Security Team.
+
+	  - Fixes for the following low-severity issues were integrated into
+	    LibreSSL from OpenSSL 1.0.1k:
+
+	     CVE-2015-0205 - DH client certificates accepted without
+	                     verification
+	     CVE-2014-3570 - Bignum squaring may produce incorrect results
+	     CVE-2014-8275 - Certificate fingerprints can be modified
+	     CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]
+	     Reported by Karthikeyan Bhargavan of the PROSECCO team at INRIA.
+
+	    The following CVEs were fixed in earlier LibreSSL releases:
+	     CVE-2015-0206 - Memory leak handling repeated DLTS records
+	     CVE-2014-3510 - Flaw handling DTLS anonymous EC(DH) ciphersuites.
+
+	    The following CVEs did not apply to LibreSSL:
+	     CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
+	     CVE-2014-3569 - no-ssl3 configuration sets method to NULL
+	     CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA
+
 2.1.3 - Security update and OS support improvements
 	* Fixed various memory leaks in DTLS, including fixes for
 	  CVE-2015-0206.

Makefile.am

@@ -8,4 +8,4 @@ if ENABLE_LIBTLS
 pkgconfig_DATA += libtls.pc
 endif
 
-EXTRA_DIST = VERSION config scripts
+EXTRA_DIST = README README.windows VERSION config scripts

OPENBSD_BRANCH

@@ -1 +1 @@
-master
+OPENBSD_5_7

README

@@ -18,6 +18,10 @@ The LibreSSL portable build framework is also mirrored in Github:
 
 	https://github.com/libressl-portable/portable
 
+Please report bugs either to tech@openbsd.org, or to the github issue tracker:
+
+	https://github.com/libressl-portable/portable/issues
+
 If you have checked this source using Git, follow these initial steps to
 prepare the source tree for building:
 

README.windows

@@ -0,0 +1,40 @@
+# Building
+
+For Windows systems, LibreSSL supports the mingw-w64 toolchain, which can use
+GCC or Clang as the compiler. Contrary to its name, mingw-w64 supports both
+32-bit and 64-bit build environments. If your project already uses mingw-w64,
+then LibreSSL should integrate very nicely. Old versions of the mingw-w64
+toolchain, such as the one packaged with Ubuntu 12.04, may have trouble
+building LibreSSL. Please try it with a recent toolchain if you encounter
+troubles. If you are building under Cygwin, only builds with the mingw-w64
+compiler are supported, though you can easily use Cygwin to drive the build
+process.
+
+To configure and build LibreSSL for a 32-bit system, use the following
+build steps:
+
+ CC=i686-w64-mingw32-gcc ./configure --host=i686-w64-mingw32
+ make
+ make check
+
+For 64-bit builds, use these instead:
+
+ CC=x86_64-w64-mingw32-gcc ./configure --host=x86_64-w64-mingw32
+ make
+ make check
+
+# Using Libressl with Visual Studio
+
+A script for generating ready-to-use .DLL and static .LIB files is included in
+the source repository at
+https://github.com/libressl-portable/portable/blob/master/dist-win.sh
+
+This script uses mingw-w64 to build LibreSSL and then uses Visual Studio tools
+to generate compatible library import files ready-to-use with Visual
+Studio projects. Static and dynamic libraries are included. The script uses
+cv2pdb to generate Visual Studio and windbg compatible debug files. cv2pdb is a
+tool developed for the D language and can be found here:
+https://github.com/rainers/cv2pdb
+
+Pre-build Windows binaries are available with the LibreSSL release for your
+convenience.

VERSION

@@ -1 +1 @@
-2.1.3
+2.1.5

apps/Makefile.am

@@ -57,6 +57,12 @@ openssl_SOURCES += verify.c
 openssl_SOURCES += version.c
 openssl_SOURCES += x509.c
 
+if BUILD_CERTHASH
+openssl_SOURCES += certhash.c
+else
+openssl_SOURCES += certhash_disabled.c
+endif
+
 if HOST_WIN
 openssl_SOURCES += apps_win.c
 else

apps/certhash_disabled.c

@@ -0,0 +1,13 @@
+/*
+ * Public domain
+ * certhash dummy implementation for platforms without symlinks
+ */
+
+#include "apps.h"
+
+int
+certhash_main(int argc, char **argv)
+{
+	fprintf(stderr, "certhash is not enabled on this platform\n");
+	return (1);
+}

apps/poll_win.c

@@ -44,6 +44,8 @@ conn_has_oob_data(int fd)
 static int
 is_socket(int fd)
 {
+	if (fd < 3)
+		return 0;
 	WSANETWORKEVENTS events;
 	return (WSAEnumNetworkEvents((SOCKET)fd, NULL, &events) == 0);
 }
@@ -160,10 +162,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 	nfds_t i;
 	int timespent_ms, looptime_ms;
 
-#define FD_IS_SOCKET (1 << 0)
-	int fd_state[FD_SETSIZE];
-	int num_fds;
-
 	/*
 	 * select machinery
 	 */
@@ -190,14 +188,12 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 	FD_ZERO(&rfds);
 	FD_ZERO(&wfds);
 	FD_ZERO(&efds);
-	num_fds = 0;
 	num_sockets = 0;
 	num_handles = 0;
 
 	for (i = 0; i < nfds; i++) {
-		if ((int)pfds[i].fd < 0) {
+		if ((int)pfds[i].fd < 0)
 			continue;
-		}
 
 		if (is_socket(pfds[i].fd)) {
 			if (num_sockets >= FD_SETSIZE) {
@@ -205,8 +201,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 				return -1;
 			}
 
-			fd_state[num_fds] = FD_IS_SOCKET;
-
 			FD_SET(pfds[i].fd, &efds);
 
 			if (pfds[i].events &
@@ -229,8 +223,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 			handles[num_handles++] =
 			    (HANDLE)_get_osfhandle(pfds[i].fd);
 		}
-
-		num_fds++;
 	}
 
 	/*
@@ -254,21 +246,22 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 	 * than simply triggering if there is space available.
 	 */
 	timespent_ms = 0;
-	wait_rc = 0;
+	wait_rc = WAIT_FAILED;
 
-	if (timeout_ms < 0) {
+	if (timeout_ms < 0)
 		timeout_ms = INFINITE;
-	}
 	looptime_ms = timeout_ms > 100 ? 100 : timeout_ms;
 
 	do {
 		struct timeval tv = {0, looptime_ms * 1000};
+		int handle_signaled = 0;
 
 		/*
 		 * Check if any file handles have signaled
 		 */
 		if (num_handles) {
-			wait_rc = WaitForMultipleObjects(num_handles, handles, FALSE, 0);
+			wait_rc = WaitForMultipleObjects(num_handles, handles,
+					FALSE, 0);
 			if (wait_rc == WAIT_FAILED) {
 				/*
 				 * The documentation for WaitForMultipleObjects
@@ -285,18 +278,20 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 		/*
 		 * If we signaled on a file handle, don't wait on the sockets.
 		 */
-		if (wait_rc >= WAIT_OBJECT_0)
+		if (wait_rc >= WAIT_OBJECT_0 &&
+		    (wait_rc <= WAIT_OBJECT_0 + num_handles - 1)) {
 			tv.tv_usec = 0;
+			handle_signaled = 1;
+		}
 
 		/*
 		 * Check if any sockets have signaled
 		 */
 		rc = select(0, &rfds, &wfds, &efds, &tv);
-		if (rc == SOCKET_ERROR) {
+		if (!handle_signaled && rc == SOCKET_ERROR)
 			return wsa_select_errno(WSAGetLastError());
-		}
 
-		if (wait_rc >= WAIT_OBJECT_0 || (num_sockets && rc > 0))
+		if (handle_signaled || (num_sockets && rc > 0))
 			break;
 
 		timespent_ms += looptime_ms;
@@ -305,14 +300,14 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 
 	rc = 0;
 	num_handles = 0;
-	num_fds = 0;
 	for (i = 0; i < nfds; i++) {
 		pfds[i].revents = 0;
 
 		if ((int)pfds[i].fd < 0)
 			continue;
 
-		if (fd_state[num_fds] & FD_IS_SOCKET) {
+		if (is_socket(pfds[i].fd)) {
+
 			pfds[i].revents = compute_select_revents(pfds[i].fd,
 			    pfds[i].events, &rfds, &wfds, &efds);
 
@@ -323,8 +318,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 			num_handles++;
 		}
 
-		num_fds++;
-
 		if (pfds[i].revents)
 			rc++;
 	}

configure.ac

@@ -9,8 +9,8 @@ AC_CONFIG_MACRO_DIR([m4])
 
 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
 
-AC_SUBST([USER_CFLAGS], "-O2 $CFLAGS")
-CFLAGS="$CFLAGS -Wall -std=gnu99 -g"
+AC_SUBST([USER_CFLAGS], "$CFLAGS")
+CFLAGS="-Wall -std=gnu99 -g -O2"
 
 case $host_os in
 	*darwin*)
@@ -41,7 +41,8 @@ case $host_os in
 		;;
 	*mingw*)
 		HOST_OS=win
-		CFLAGS="$CFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600 -DOPENSSL_NO_SPEED -DNO_SYSLOG -D__USE_MINGW_ANSI_STDIO"
+		CFLAGS="$CFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600 -DOPENSSL_NO_SPEED -DNO_SYSLOG -D__USE_MINGW_ANSI_STDIO -static-libgcc"
+		LDFLAGS="$LDFLAGS -static-libgcc"
 		AC_SUBST([PLATFORM_LDADD], ['-lws2_32'])
 		;;
 	*solaris*)
@@ -53,12 +54,6 @@ case $host_os in
 	*) ;;
 esac
 
-case $host_cpu in
-	*sparc*)
-		CFLAGS="$CFLAGS -D__STRICT_ALIGNMENT"
-		;;
-esac
-
 AM_CONDITIONAL([HOST_DARWIN],  [test x$HOST_OS = xdarwin])
 AM_CONDITIONAL([HOST_FREEBSD], [test x$HOST_OS = xfreebsd])
 AM_CONDITIONAL([HOST_HPUX],    [test x$HOST_OS = xhpux])
@@ -104,6 +99,11 @@ AC_ARG_ENABLE([hardening],
 			[Disable options to frustrate memory corruption exploits])],
 	[], [enable_hardening=yes])
 
+AC_ARG_ENABLE([windows-ssp],
+	[AS_HELP_STRING([--enable-windows-ssp],
+			[Enable building the stack smashing protection on
+			 Windows. This currently distributing libssp-0.dll.])])
+
 AC_DEFUN([CHECK_CFLAG], [
 	 AC_LANG_ASSERT(C)
 	 AC_MSG_CHECKING([if $saved_CC supports "$1"])
@@ -148,16 +148,26 @@ AS_IF([test "x$enable_hardening" = "xyes"], [
 	# Enable read only relocations
 	CHECK_LDFLAG([[-Wl,-z,relro]])
 	CHECK_LDFLAG([[-Wl,-z,now]])
-])
 
-# Use stack-protector-strong if available; if not, fallback to
-# stack-protector-all which is considered to be overkill
-AS_IF([test "x$enable_hardening" = "xyes" -a "x$HOST_OS" != "xwin"], [
-	CHECK_CFLAG([[-fstack-protector-strong]],
-		CHECK_CFLAG([[-fstack-protector-all]],
-			AC_MSG_WARN([compiler does not appear to support stack protection])
+	# Windows security flags
+	AS_IF([test "x$HOST_OS" = "xwin"], [
+		CHECK_LDFLAG([[-Wl,--nxcompat]])
+		CHECK_LDFLAG([[-Wl,--dynamicbase]])
+		CHECK_LDFLAG([[-Wl,--high-entropy-va]])
+	])
+
+	# Use stack-protector-strong if available; if not, fallback to
+	# stack-protector-all which is considered to be overkill
+	AS_IF([test "x$enable_windows_ssp" = "xyes" -o "x$HOST_OS" != "xwin"], [
+		CHECK_CFLAG([[-fstack-protector-strong]],
+			CHECK_CFLAG([[-fstack-protector-all]],
+				AC_MSG_WARN([compiler does not appear to support stack protection])
+			)
 		)
-	)
+		AS_IF([test "x$HOST_OS" = "xwin"], [
+			AC_SEARCH_LIBS([__stack_chk_guard],[ssp])
+		])
+	])
 ])
 
 
@@ -196,7 +206,8 @@ LDFLAGS="$LDFLAGS $CLANG_FLAGS"
 
 AC_CHECK_FUNCS([arc4random_buf asprintf explicit_bzero funopen getauxval])
 AC_CHECK_FUNCS([getentropy issetugid memmem poll reallocarray])
-AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strtonum])
+AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strsep strtonum])
+AC_CHECK_FUNCS([symlink])
 AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
 
 # Share test results with automake
@@ -212,9 +223,11 @@ AM_CONDITIONAL([HAVE_STRLCAT], [test "x$ac_cv_func_strlcat" = xyes])
 AM_CONDITIONAL([HAVE_STRLCPY], [test "x$ac_cv_func_strlcpy" = xyes])
 AM_CONDITIONAL([HAVE_STRNDUP], [test "x$ac_cv_func_strndup" = xyes])
 AM_CONDITIONAL([HAVE_STRNLEN], [test "x$ac_cv_func_strnlen" = xyes])
+AM_CONDITIONAL([HAVE_STRSEP], [test "x$ac_cv_func_strsep" = xyes])
 AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes])
 AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes])
 AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes])
+AM_CONDITIONAL([BUILD_CERTHASH], [test "x$ac_cv_func_symlink" = xyes])
 
 # overrides for arc4random_buf implementations with known issues
 AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF],
@@ -223,6 +236,11 @@ AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF],
 	   -a "x$HOST_OS" != xnetbsd \
 	   -a "x$ac_cv_func_arc4random_buf" = xyes])
 
+# overrides for issetugid implementations with known issues
+AM_CONDITIONAL([HAVE_ISSETUGID],
+       [test "x$HOST_OS" != xdarwin \
+	  -a "x$ac_cv_func_issetugid" = xyes])
+
 AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
 	AC_LINK_IFELSE([AC_LANG_PROGRAM([[
 #include <stdarg.h>
@@ -266,6 +284,27 @@ AC_ARG_ENABLE([asm],
 	AS_HELP_STRING([--disable-asm], [Disable assembly]))
 AM_CONDITIONAL([OPENSSL_NO_ASM], [test "x$enable_asm" = "xno"])
 
+old_cflags=$CFLAGS
+CFLAGS="$USER_CFLAGS -I$srcdir/include"
+AC_MSG_CHECKING([if BSWAP4 builds without __STRICT_ALIGNMENT])
+AC_TRY_COMPILE([#include "$srcdir/crypto/modes/modes_lcl.h"],
+	       [int a = 0; BSWAP4(a);],
+	       AC_MSG_RESULT([yes])
+	       BSWAP4=yes,
+	       AC_MSG_RESULT([no])
+	       BSWAP4=no)
+CFLAGS="$old_cflags"
+
+case $host_cpu in
+	*sparc*)
+		CFLAGS="$CFLAGS -D__STRICT_ALIGNMENT"
+		;;
+	*arm*)
+		AS_IF([test "x$BSWAP4" = "xyes"],,
+		    CFLAGS="$CFLAGS -D__STRICT_ALIGNMENT")
+		;;
+esac
+
 AM_CONDITIONAL([HOST_ASM_ELF_X86_64],
     [test "x$HOST_ABI" = "xelf" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"])
 AM_CONDITIONAL([HOST_ASM_MACOSX_X86_64],

crypto/Makefile.am

@@ -103,6 +103,9 @@ endif
 if HOST_HPUX
 libcompat_la_SOURCES += compat/issetugid_hpux.c
 endif
+if HOST_DARWIN
+libcompat_la_SOURCES += compat/issetugid_osx.c
+endif
 if HOST_WIN
 libcompat_la_SOURCES += compat/issetugid_win.c
 endif
@@ -495,8 +498,6 @@ libcrypto_la_SOURCES += evp/bio_b64.c
 libcrypto_la_SOURCES += evp/bio_enc.c
 libcrypto_la_SOURCES += evp/bio_md.c
 libcrypto_la_SOURCES += evp/c_all.c
-libcrypto_la_SOURCES += evp/c_allc.c
-libcrypto_la_SOURCES += evp/c_alld.c
 libcrypto_la_SOURCES += evp/digest.c
 libcrypto_la_SOURCES += evp/e_aes.c
 libcrypto_la_SOURCES += evp/e_aes_cbc_hmac_sha1.c
@@ -773,6 +774,7 @@ noinst_HEADERS += whrlpool/wp_locl.h
 # x509
 libcrypto_la_SOURCES += x509/by_dir.c
 libcrypto_la_SOURCES += x509/by_file.c
+libcrypto_la_SOURCES += x509/by_mem.c
 libcrypto_la_SOURCES += x509/x509_att.c
 libcrypto_la_SOURCES += x509/x509_cmp.c
 libcrypto_la_SOURCES += x509/x509_d2.c

crypto/compat/issetugid_hpux.c

@@ -4,23 +4,14 @@
 
 /*
  * HP-UX does not have issetugid().
- * This experimental implementation uses pstat_getproc() and get*id().
- * First, try pstat_getproc() and check PS_CHANGEDPRIV bit of pst_flag. 
- * In case unsuccessful calling pstat_getproc(), using get*id().
- *
+ * Use pstat_getproc() and check PS_CHANGEDPRIV bit of pst_flag. If this call
+ * cannot be used, assume we must be running in a privileged environment.
  */
 int issetugid(void)
 {
 	struct pst_status buf;
-	if(pstat_getproc(&buf, sizeof(buf), 0, getpid()) != 1) {
-	    perror("pstat_getproc()");
-	} else {
-	    if(buf.pst_flag & PS_CHANGEDPRIV)
-		return 1;
-	}
-	if(getuid() != geteuid())
-	    return 1;
-	if(getgid() != getegid())
-	    return 1;
-	return 0;
+	if (pstat_getproc(&buf, sizeof(buf), 0, getpid()) == 1 &&
+	    !(buf.pst_flag & PS_CHANGEDPRIV))
+		return 0;
+	return 1;
 }

crypto/compat/issetugid_osx.c

@@ -0,0 +1,16 @@
+/*
+ * issetugid implementation for OS X
+ * Public domain
+ */
+
+#include <unistd.h>
+
+/*
+ * OS X has issetugid, but it is not fork-safe as of version 10.10.
+ * See this Solaris report for test code that fails similarly:
+ * http://mcarpenter.org/blog/2013/01/15/solaris-issetugid%282%29-bug
+ */
+int issetugid(void)
+{
+	return 1;
+}

dist-win.sh

@@ -0,0 +1,57 @@
+#!/bin/bash
+set -e
+#set -x
+
+export PATH=/cygdrive/c/Program\ Files\ \(x86\)/Microsoft\ Visual\ Studio\ 12.0/VC/bin:$PATH
+VERSION=`cat VERSION`
+DIST=libressl-$VERSION-windows
+
+rm -fr $DIST
+mkdir -p $DIST
+autoreconf -i
+
+for ARCH in X86 X64; do
+
+	if [ $ARCH = X86 ]; then
+		HOST=i686-w64-mingw32
+		ARCHDIR=x86
+	else
+		HOST=x86_64-w64-mingw32
+		ARCHDIR=x64
+	fi
+
+	echo Building for $HOST
+
+	CC=$HOST-gcc ./configure --host=$HOST --enable-libtls
+	make clean
+	PATH=$PATH:/usr/$HOST/sys-root/mingw/bin \
+	   make -j 4 check
+	make -j 4 install DESTDIR=`pwd`/stage-$ARCHDIR
+
+	mkdir -p $DIST/$ARCHDIR
+	#cp -a stage-$ARCHDIR/usr/local/lib/* $DIST/$ARCHDIR
+	if [ ! -e $DIST/include ]; then
+		cp -a stage-$ARCHDIR/usr/local/include $DIST
+		sed -i -e 'N;/\n.*__non/s/"\? *\n/ /;P;D' \
+		       $DIST/include/openssl/*.h $DIST/include/*.h
+		sed -i -e 'N;/\n.*__attr/s/"\? *\n/ /;P;D' \
+		       $DIST/include/openssl/*.h $DIST/include/*.h
+		sed -i -e "s/__attr.*;/;/"  \
+		       -e "s/sys\/time.h/winsock2.h/" \
+		       $DIST/include/openssl/*.h $DIST/include/*.h
+	fi
+
+	cp stage-$ARCHDIR/usr/local/bin/* $DIST/$ARCHDIR
+	#cp /usr/$HOST/sys-root/mingw/bin/libssp* $DIST/$ARCHDIR
+
+	for i in libcrypto libssl libtls; do
+		DLL=$(basename `ls -1 $DIST/$ARCHDIR/$i*.dll`|cut -d. -f1)
+		echo EXPORTS > $DLL.def
+		dumpbin /exports $DIST/$ARCHDIR/$DLL.dll | \
+		    awk '{print $4}' | awk 'NF' |tail -n +9 >> $DLL.def
+		lib /MACHINE:$ARCH /def:$DLL.def /out:$DIST/$ARCHDIR/$DLL.lib
+		cv2pdb $DIST/$ARCHDIR/$DLL.dll
+	done
+done
+
+zip -r $DIST.zip $DIST

gen-coverage-report.sh

@@ -0,0 +1,37 @@
+#!/bin/sh
+
+VERSION=$(cat VERSION)
+DESTDIR=libressl-coverage-$VERSION
+
+echo "This will generate a code coverage report under $DESTDIR"
+echo
+
+if [ "x$(which lcov)" = "x" ]; then
+	echo "'lcov' is required but not found!"
+	exit 1
+fi
+
+if [ "x$(which genhtml)" = "x" ]; then
+	echo "'genhtml' is required but not found!"
+	exit 1
+fi
+
+find -name '*.gcda' -o -name '*.gcno' -delete
+rm -fr $DESTDIR
+
+echo "Configuring to build with code coverage support"
+./configure --enable-libtls CFLAGS='-O0 -fprofile-arcs -ftest-coverage'
+
+echo "Running all code paths"
+make clean
+make check
+
+echo "Generating report"
+mkdir -p $DESTDIR
+find tests -name '*.gcda' -o -name '*.gcno' -delete
+lcov --directory . --capture --output-file $DESTDIR/coverage.tmp \
+    --test-name "LibreSSL $VERSION"
+genhtml --prefix . --output-directory $DESTDIR \
+    --title "LibreSSL $VERSION" --legend --show-detail $DESTDIR/coverage.tmp
+
+echo "Code coverage report is available under $DESTDIR"

include/Makefile.am

@@ -26,6 +26,7 @@ noinst_HEADERS += sys/select.h
 noinst_HEADERS += sys/socket.h
 noinst_HEADERS += sys/times.h
 noinst_HEADERS += sys/types.h
+noinst_HEADERS += sys/uio.h
 
 if ENABLE_LIBTLS
 include_HEADERS = tls.h

include/string.h

@@ -33,6 +33,10 @@ size_t strnlen(const char *str, size_t maxlen);
 #endif
 #endif
 
+#ifndef HAVE_STRSEP
+char *strsep(char **stringp, const char *delim);
+#endif
+
 #ifndef HAVE_EXPLICIT_BZERO
 void explicit_bzero(void *, size_t);
 #endif

include/sys/uio.h

@@ -0,0 +1,17 @@
+/*
+ * Public domain
+ * sys/select.h compatibility shim
+ */
+
+#ifndef _WIN32
+#include_next <sys/uio.h>
+#else
+
+#include <sys/types.h>
+
+struct iovec {
+	void *iov_base;
+	size_t iov_len;
+};
+
+#endif

patches/win_bio_sock_init.diff

@@ -0,0 +1,44 @@
+diff --git a/src/usr.bin/openssl/openssl.c b/src/usr.bin/openssl/openssl.c
+index e7dd11c..cfd4593 100644
+--- a/src/usr.bin/openssl/openssl.c
++++ b/src/usr.bin/openssl/openssl.c
+@@ -253,6 +253,11 @@ main(int argc, char **argv)
+ 	arg.data = NULL;
+ 	arg.count = 0;
+ 
++	if (BIO_sock_init() != 1) {
++		fprintf(stderr, "BIO_sock_init failed\n");
++		exit(1);
++	}
++
+ 	bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+ 	if (bio_err == NULL) {
+ 		fprintf(stderr, "openssl: failed to initialise bio_err\n");
+diff --git a/src/usr.bin/openssl/s_socket.c b/src/usr.bin/openssl/s_socket.c
+index 3b96b1a..2ce31eb 100644
+--- a/src/usr.bin/openssl/s_socket.c
++++ b/src/usr.bin/openssl/s_socket.c
+@@ -85,11 +85,6 @@ init_client(int *sock, char *host, char *port, int type, int af)
+ 	struct addrinfo hints, *ai_top, *ai;
+ 	int i, s;
+ 
+-	if (BIO_sock_init() != 1) {
+-		BIO_printf(bio_err, "BIO_sock_init failed\n");
+-		return (0);
+-	}
+-
+ 	memset(&hints, '\0', sizeof(hints));
+ 	hints.ai_family = af;
+ 	hints.ai_socktype = type;
+@@ -181,11 +176,6 @@ init_server_long(int *sock, int port, char *ip, int type)
+ 	struct sockaddr_in server;
+ 	int s = -1;
+ 
+-	if (BIO_sock_init() != 1) {
+-		BIO_printf(bio_err, "BIO_sock_init failed\n");
+-		return (0);
+-	}
+-
+ 	memset((char *) &server, 0, sizeof(server));
+ 	server.sin_family = AF_INET;
+ 	server.sin_port = htons((unsigned short) port);

scripts/travis

@@ -0,0 +1,33 @@
+#!/bin/sh
+set -e
+
+./autogen.sh
+
+if [ "x$ARCH" = "xnative" ]; then
+	./configure --enable-libtls
+	if [ `uname` = "Darwin" ]; then
+		# OS X runs out of resources if we run 'make -j check'
+		make check
+	else
+		make -j distcheck
+	fi
+else
+	CPU=i686
+	if [ "x$ARCH" = "xmingw64" ]; then
+		CPU=x86_64
+	fi
+	export CC=$CPU-w64-mingw32-gcc
+
+	if [ -z $(which $CC) ]; then
+		# Update Ubuntu 12.04 with current mingw toolchain
+		sudo apt-get update
+		sudo apt-get install -y python-software-properties
+		sudo apt-add-repository -y ppa:tobydox/mingw-x-precise
+		sudo apt-get update
+		sudo apt-get install -y $ARCH-x-gcc make
+		export PATH=$PATH:/opt/$ARCH/bin
+	fi
+
+	./configure --host=$CPU-w64-mingw32 --enable-libtls
+	make -j
+fi

ssl/Makefile.am

@@ -9,6 +9,9 @@ libssl_la_CFLAGS = $(CFLAGS) $(USER_CFLAGS)
 libssl_la_LIBADD = ../crypto/libcrypto.la
 
 libssl_la_SOURCES = bio_ssl.c
+libssl_la_SOURCES += bs_ber.c
+libssl_la_SOURCES += bs_cbb.c
+libssl_la_SOURCES += bs_cbs.c
 libssl_la_SOURCES += d1_both.c
 libssl_la_SOURCES += d1_clnt.c
 libssl_la_SOURCES += d1_enc.c
@@ -51,3 +54,4 @@ libssl_la_SOURCES += t1_srvr.c
 
 noinst_HEADERS = srtp.h
 noinst_HEADERS += ssl_locl.h
+noinst_HEADERS += bytestring.h

tests/Makefile.am.tpl

@@ -2,6 +2,7 @@ include $(top_srcdir)/Makefile.am.common
 
 AM_CPPFLAGS += -I $(top_srcdir)/crypto/modes
 AM_CPPFLAGS += -I $(top_srcdir)/crypto/asn1
+AM_CPPFLAGS += -I $(top_srcdir)/ssl
 
 LDADD = $(PLATFORM_LDADD) $(PROG_LDADD)
 LDADD += $(top_builddir)/ssl/libssl.la

tls/Makefile.am

@@ -16,4 +16,9 @@ libtls_la_SOURCES += tls_server.c
 libtls_la_SOURCES += tls_util.c
 libtls_la_SOURCES += tls_verify.c
 noinst_HEADERS = tls_internal.h
+
+if !HAVE_STRSEP
+libtls_la_SOURCES += strsep.c
+endif
+
 endif

update.sh

@@ -18,15 +18,15 @@ fi
  git pull --rebase)
 
 # setup source paths
-dir=`pwd`
-libc_src=$dir/openbsd/src/lib/libc
-libc_regress=$dir/openbsd/src/regress/lib/libc
-libcrypto_src=$dir/openbsd/src/lib/libcrypto
-libcrypto_regress=$dir/openbsd/src/regress/lib/libcrypto
-libssl_src=$dir/openbsd/src/lib/libssl
-libssl_regress=$dir/openbsd/src/regress/lib/libssl
-libtls_src=$dir/openbsd/src/lib/libtls
-openssl_app_src=$dir/openbsd/src/usr.bin/openssl
+CWD=`pwd`
+libc_src=$CWD/openbsd/src/lib/libc
+libc_regress=$CWD/openbsd/src/regress/lib/libc
+libcrypto_src=$CWD/openbsd/src/lib/libcrypto
+libcrypto_regress=$CWD/openbsd/src/regress/lib/libcrypto
+libssl_src=$CWD/openbsd/src/lib/libssl
+libssl_regress=$CWD/openbsd/src/regress/lib/libssl
+libtls_src=$CWD/openbsd/src/lib/libtls
+openssl_app_src=$CWD/openbsd/src/usr.bin/openssl
 
 # load library versions
 source $libcrypto_src/crypto/shlib_version
@@ -96,7 +96,7 @@ copy_hdrs crypto "stack/stack.h lhash/lhash.h stack/safestack.h
 	bio/bio.h cast/cast.h cmac/cmac.h conf/conf_api.h des/des.h dh/dh.h
 	dsa/dsa.h cms/cms.h engine/engine.h ui/ui.h pkcs12/pkcs12.h ts/ts.h
 	md4/md4.h ripemd/ripemd.h whrlpool/whrlpool.h idea/idea.h mdc2/mdc2.h
-	rc2/rc2.h rc4/rc4.h rc5/rc5.h ui/ui_compat.h txt_db/txt_db.h
+	rc2/rc2.h rc4/rc4.h ui/ui_compat.h txt_db/txt_db.h
 	chacha/chacha.h evp/evp.h poly1305/poly1305.h camellia/camellia.h
 	gost/gost.h"
 
@@ -168,7 +168,11 @@ done
 echo copying libtls source
 rm -f tls/*.c tls/*.h
 for i in `awk '/SOURCES|HEADERS/ { print $3 }' tls/Makefile.am` ; do
-	$CP $libtls_src/$i tls
+	if [ -e $libtls_src/$i ]; then
+		$CP $libtls_src/$i tls
+	else
+		$CP $libc_src/string/$i tls
+	fi
 done
 
 # copy openssl(1) source
@@ -180,6 +184,8 @@ for i in `awk '/SOURCES|HEADERS/ { print $3 }' apps/Makefile.am` ; do
 		$CP $openssl_app_src/$i apps
 	fi
 done
+# patch for openssl(1) oscp on windows
+(cd apps; patch -p4 < $CWD/patches/win_bio_sock_init.diff)
 
 # copy libssl source
 echo "copying libssl source"
@@ -190,30 +196,23 @@ done
 
 # copy libcrypto tests
 echo "copying tests"
-rm -f tests/biotest.c
-for i in aead/aeadtest.c aeswrap/aes_wrap.c base64/base64test.c bf/bftest.c \
-	bn/general/bntest.c bn/mont/mont.c \
-	cast/casttest.c chacha/chachatest.c cts128/cts128test.c \
-	des/destest.c dh/dhtest.c dsa/dsatest.c ec/ectest.c ecdh/ecdhtest.c \
-	ecdsa/ecdsatest.c engine/enginetest.c evp/evptest.c exp/exptest.c \
-	gcm128/gcm128test.c hmac/hmactest.c idea/ideatest.c ige/igetest.c \
-	md4/md4test.c md5/md5test.c mdc2/mdc2test.c poly1305/poly1305test.c \
-	pkcs7/pkcs7test.c pqueue/pq_test.c rand/randtest.c rc2/rc2test.c \
-	rc4/rc4test.c rmd/rmdtest.c sha/shatest.c sha1/sha1test.c \
-	sha256/sha256test.c sha512/sha512test.c utf8/utf8test.c \
-	gost/gost2814789t.c ; do
-	 $CP $libcrypto_regress/$i tests
+for i in `find $libcrypto_regress -name '*.c'`; do
+	 $CP "$i" tests
 done
 
+# the BIO tests rely on resolver results that are OS and environment-specific
+rm tests/biotest.c
+
 # copy libc tests
 $CP $libc_regress/arc4random-fork/arc4random-fork.c tests/arc4randomforktest.c
 $CP $libc_regress/explicit_bzero/explicit_bzero.c tests
 $CP $libc_regress/timingsafe/timingsafe.c tests
 
 # copy libssl tests
-$CP $libssl_regress/asn1/asn1test.c tests
 $CP $libssl_regress/ssl/testssl tests
-$CP $libssl_regress/ssl/ssltest.c tests
+for i in `find $libssl_regress -name '*.c'`; do
+	 $CP "$i" tests
+done
 $CP $libssl_regress/certs/ca.pem tests
 $CP $libssl_regress/certs/server.pem tests
 
@@ -297,6 +296,11 @@ echo "copying manpages"
 		$CP $i .
 		echo "dist_man_MANS += $NAME" >> Makefile.am
 	done
+	for i in `ls -1 $libcrypto_src/man/*.3 | sort`; do
+		NAME=`basename "$i"`
+		$CP $i .
+		echo "dist_man_MANS += $NAME" >> Makefile.am
+	done
 	$CP $openssl_app_src/openssl.1 .
 	echo "dist_man_MANS += openssl.1" >> Makefile.am
 	$CP $libtls_src/tls_init.3 .