update Changelog

Without this, we actually fail to build a library that includes the
bultin getentropy when compiling for 10.11 on 10.12.

CMakeLists.txt

@@ -96,7 +96,7 @@ if(HAVE_STRLCAT)
 	add_definitions(-DHAVE_STRLCAT)
 endif()
 
-check_function_exists(strlcat HAVE_STRLCPY)
+check_function_exists(strlcpy HAVE_STRLCPY)
 if(HAVE_STRLCPY)
 	add_definitions(-DHAVE_STRLCPY)
 endif()
@@ -107,7 +107,7 @@ if(HAVE_STRNDUP)
 endif()
 
 if(MSVC)
-	set(HAVE_STRNLEN)
+	set(HAVE_STRNLEN true)
 	add_definitions(-DHAVE_STRNLEN)
 else()
 	check_function_exists(strnlen HAVE_STRNLEN)

ChangeLog

@@ -28,6 +28,131 @@ history is also available from Git.
 
 LibreSSL Portable Release Notes:
 
+2.3.10 - Security and compatibility fixes
+
+	* Avoid a side-channel cache-timing attack that can leak the ECDSA
+	  private keys when signing. This is due to BN_mod_inverse() being
+	  used without the constant time flag being set.
+
+	  This issue was reported by Cesar Pereida Garcia and Billy Brumley
+	  (Tampere University of Technology). The fix was developed by Cesar
+	  Pereida Garcia.
+
+	* iOS and MacOS compatibility updates from Simone Basso and Jacob
+	  Berkman.
+
+2.3.9 - Reliability improvements
+
+	* Avoid continual processing of an unlimited number of TLS records,
+	  which can cause a denial-of-service condition.
+
+2.3.8 - Security and reliability fixes
+
+	* Avoid unbounded memory growth in libssl, which can be triggered by a
+	  TLS client repeatedly renegotiating and sending OCSP Status Request
+	  TLS extensions.
+
+	* Avoid falling back to a weak digest for (EC)DH when using SNI with
+	  libssl.
+
+2.3.7 - OCSP fixes
+
+	* Fix several issues in the OCSP code that could result in the
+	  incorrect generation and parsing of OCSP requests. This remediates a
+	  lack of error checking on time parsing in these functions, and
+	  ensures that only GENERALIZEDTIME formats are accepted for OCSP, as
+	  per RFC 6960.
+
+	  Issues reported, and fixes provided by  Kazuki Yamaguchi <k@rhe.jp>
+	  and Kinichiro Inoguchi <kinichiro.inoguchi@gmail.com>
+
+2.3.6 - Security fix
+
+	* Correct a problem that prevents the DSA signing algorithm from
+	  running in constant time even if the flag BN_FLG_CONSTTIME is set.
+	  This issue was reported by Cesar Pereida (Aalto University), Billy
+	  Brumley (Tampere University of Technology), and Yuval Yarom (The
+	  University of Adelaide and NICTA). The fix was developed by Cesar
+	  Pereida. See OpenBSD 5.9 errata 11, June 6, 2016
+
+2.3.5 - Reliability fix
+
+	* Fixed an error in libcrypto when parsing some ASN.1 elements > 16k.
+
+2.3.4 - Security Update
+
+	* Fix multiple vulnerabilities in libcrypto relating to ASN.1 and encoding.
+	From OpenSSL.
+
+	* Minor build fixes
+
+2.3.3 - OpenBSD 5.9 release branch tagged
+
+	* Reworked build scripts to better sync with OpenNTPD-portable
+
+	* Fixed broken manpage links
+
+	* Fixed an nginx compatibility issue by adding an 'install_sw' make alias
+
+	* Fixed HP-UX builds
+
+	* Changed the default configuration directory to c:\LibreSSL\ssl on Windows
+	  binary builds
+
+	* cert.pem has been reorganized and synced with Mozilla's certificate store
+
+2.3.2 - Compatibility and Reliability fixes
+
+	* Changed format of LIBRESSL_VERSION_NUMBER to match that of
+	  OPENSSL_VERSION_NUMBER, see:
+	  https://wiki.openssl.org/index.php/Manual:OPENSSL_VERSION_NUMBER(3)
+
+	* Added EVP_aead_chacha20_poly1305_ietf() which matches the AEAD
+	  construction introduced in RFC 7539, which is different than that
+	  already used in TLS with EVP_aead_chacha20_poly1305()
+
+	* Avoid a potential undefined C99+ behavior due to shift overflow in
+	  AES_decrypt, reported by Pascal Cuoq <cuoq at trust-in-soft.com>
+
+	* More man pages converted from pod to mdoc format
+
+	* Added COMODO RSA Certification Authority and QuoVadis
+	  root certificates to cert.pem
+
+	* Removed Remove "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification
+	  Authority" (serial 3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be) root
+	  certificate from cert.pem
+
+	* Added support for building nc(1) on Solaris
+
+	* Fixed GCC 5.x+ preprocessor checks, reported by Ruslan Babayev
+
+	* Improved console handling with openssl(1) on Windows
+
+	* Ensure the network stack is enabled on Windows when running
+	  tls_init()
+
+	* Fixed incorrect TLS certificate loading by nc(1)
+
+	* Added support for Solaris 11.3's getentropy(2) system call
+
+	* Enabled support for using NetBSD 7.0's arc4random(3) implementation
+
+	* Deprecated the SSL_OP_SINGLE_DH_USE flag by disabling its effect
+
+	* Fixes from OpenSSL 1.0.1q
+	 - CVE-2015-3194 - NULL pointer dereference in client side certificate
+	                   validation.
+	 - CVE-2015-3195 - Memory leak in PKCS7 - not reachable from TLS/SSL
+
+	* The following OpenSSL CVEs did not apply to LibreSSL
+	 - CVE-2015-3193 - Carry propagating bug in the x86_64 Montgomery
+	                   squaring procedure.
+	 - CVE-2015-3196 - Double free race condition of the identify hint
+	                   data.
+
+	 See https://marc.info/?l=openbsd-announce&m=144925068504102
+
 2.3.1 - ASN.1 and time handling cleanups
 
 	* ASN.1 cleanups and RFC5280 compliance fixes.

Makefile.am

@@ -6,3 +6,6 @@ pkgconfig_DATA = libcrypto.pc libssl.pc libtls.pc openssl.pc
 
 EXTRA_DIST = README.md README.windows VERSION config scripts
 EXTRA_DIST += CMakeLists.txt
+
+.PHONY: install_sw
+install_sw: install

OPENBSD_BRANCH

@@ -1 +1 @@
-master
+OPENBSD_5_9

apps/nc/Makefile.am

@@ -2,16 +2,25 @@ include $(top_srcdir)/Makefile.am.common
 
 if BUILD_NC
 
+if ENABLE_NC
+bin_PROGRAMS = nc
+else
 noinst_PROGRAMS = nc
+endif
 
 EXTRA_DIST = nc.1
 
 nc_LDADD = $(PLATFORM_LDADD) $(PROG_LDADD)
-nc_LDADD += $(top_builddir)/crypto/libcrypto.la
+nc_LDADD += $(abs_top_builddir)/crypto/libcrypto.la
-nc_LDADD += $(top_builddir)/ssl/libssl.la
+nc_LDADD += $(abs_top_builddir)/ssl/libssl.la
-nc_LDADD += $(top_builddir)/tls/libtls.la
+nc_LDADD += $(abs_top_builddir)/tls/libtls.la
 
 AM_CPPFLAGS += -I$(top_srcdir)/apps/nc/compat
+if OPENSSLDIR_DEFINED
+AM_CPPFLAGS += -DDEFAULT_CA_FILE=\"@OPENSSLDIR@/cert.pem\"
+else
+AM_CPPFLAGS += -DDEFAULT_CA_FILE=\"$(sysconfdir)/ssl/cert.pem\"
+endif
 
 nc_SOURCES = atomicio.c
 nc_SOURCES += netcat.c

apps/nc/compat/readpassphrase.c

@@ -141,11 +141,11 @@ restart:
 			if (p < end) {
 				if ((flags & RPP_SEVENBIT))
 					ch &= 0x7f;
-				if (isalpha(ch)) {
+				if (isalpha((unsigned char)ch)) {
 					if ((flags & RPP_FORCELOWER))
-						ch = (char)tolower(ch);
+						ch = (char)tolower((unsigned char)ch);
 					if ((flags & RPP_FORCEUPPER))
-						ch = (char)toupper(ch);
+						ch = (char)toupper((unsigned char)ch);
 				}
 				*p++ = ch;
 			}

apps/openssl/Makefile.am

@@ -5,8 +5,8 @@ bin_PROGRAMS = openssl
 dist_man_MANS = openssl.1
 
 openssl_LDADD = $(PLATFORM_LDADD) $(PROG_LDADD)
-openssl_LDADD += $(top_builddir)/ssl/libssl.la
+openssl_LDADD += $(abs_top_builddir)/ssl/libssl.la
-openssl_LDADD += $(top_builddir)/crypto/libcrypto.la
+openssl_LDADD += $(abs_top_builddir)/crypto/libcrypto.la
 
 openssl_SOURCES = apps.c
 openssl_SOURCES += asn1pars.c

autogen.sh

@@ -9,3 +9,7 @@ autoreconf -i -f
 sed 's/-fuse-linker-plugin)/-fuse-linker-plugin|-fstack-protector*)/' \
   ltmain.sh > ltmain.sh.fixed
 mv -f ltmain.sh.fixed ltmain.sh
+
+# Update config scripts and fixup permissions
+find . ! -perm -u=w -exec chmod u+w {} \;
+cp scripts/config.* .

crypto/CMakeLists.txt

@@ -641,6 +641,9 @@ if (BUILD_SHARED)
 	add_library(crypto-objects OBJECT ${CRYPTO_SRC})
 	add_library(crypto STATIC $<TARGET_OBJECTS:crypto-objects>)
 	add_library(crypto-shared SHARED $<TARGET_OBJECTS:crypto-objects>)
+	if (MSVC)
+		target_link_libraries(crypto-shared crypto Ws2_32.lib)
+	endif()
 	set_target_properties(crypto-shared PROPERTIES OUTPUT_NAME crypto)
 	set_target_properties(crypto-shared PROPERTIES VERSION
 		${CRYPTO_VERSION} SOVERSION ${CRYPTO_MAJOR_VERSION})

crypto/Makefile.am

@@ -3,6 +3,7 @@ include $(top_srcdir)/Makefile.am.common
 AM_CPPFLAGS += -I$(top_srcdir)/crypto/asn1
 AM_CPPFLAGS += -I$(top_srcdir)/crypto/evp
 AM_CPPFLAGS += -I$(top_srcdir)/crypto/modes
+AM_CPPFLAGS += -I$(top_srcdir)/crypto
 
 lib_LTLIBRARIES = libcrypto.la
 
@@ -13,7 +14,10 @@ EXTRA_DIST += CMakeLists.txt
 EXTRA_DIST += compat/strcasecmp.c
 
 libcrypto_la_LDFLAGS = -version-info @LIBCRYPTO_VERSION@ -no-undefined
-libcrypto_la_LIBADD = libcompat.la libcompatnoopt.la
+libcrypto_la_LIBADD = libcompat.la
+if !HAVE_EXPLICIT_BZERO
+libcrypto_la_LIBADD += libcompatnoopt.la
+endif
 libcrypto_la_CPPFLAGS = $(AM_CPPFLAGS)
 libcrypto_la_CPPFLAGS += -DLIBRESSL_INTERNAL
 libcrypto_la_CPPFLAGS += -DOPENSSL_NO_HW_PADLOCK
@@ -31,13 +35,15 @@ else
 libcrypto_la_CPPFLAGS += -DOPENSSLDIR=\"$(sysconfdir)/ssl\"
 endif
 
-noinst_LTLIBRARIES = libcompat.la libcompatnoopt.la
+noinst_LTLIBRARIES = libcompat.la
 
 # compatibility functions that need to be built without optimizations
+if !HAVE_EXPLICIT_BZERO
+noinst_LTLIBRARIES += libcompatnoopt.la
+
 libcompatnoopt_la_CFLAGS = -O0
 libcompatnoopt_la_SOURCES =
 
-if !HAVE_EXPLICIT_BZERO
 if HOST_WIN
 libcompatnoopt_la_SOURCES += compat/explicit_bzero_win.c
 else
@@ -123,6 +129,7 @@ libcrypto_la_SOURCES += mem_dbg.c
 libcrypto_la_SOURCES += o_init.c
 libcrypto_la_SOURCES += o_str.c
 libcrypto_la_SOURCES += o_time.c
+noinst_HEADERS += constant_time_locl.h
 noinst_HEADERS += cryptlib.h
 noinst_HEADERS += md32_common.h
 noinst_HEADERS += o_time.h

crypto/Makefile.am.arc4random

@@ -1,5 +1,6 @@
 if !HAVE_ARC4RANDOM_BUF
 libcompat_la_SOURCES += compat/arc4random.c
+libcompat_la_SOURCES += compat/arc4random_uniform.c
 
 if !HAVE_GETENTROPY
 if HOST_AIX

crypto/compat/posix_win.c

@@ -12,6 +12,7 @@
 #include <ws2tcpip.h>
 
 #include <errno.h>
+#include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -38,6 +39,20 @@ posix_fopen(const char *path, const char *mode)
 	return fopen(path, mode);
 }
 
+char *
+posix_fgets(char *s, int size, FILE *stream)
+{
+	char *ret = fgets(s, size, stream);
+	if (ret != NULL) {
+		size_t end = strlen(ret);
+		if (end >= 2 && ret[end - 2] == '\r' && ret[end - 1] == '\n') {
+			ret[end - 2] = '\n';
+			ret[end - 1] = '\0';
+		}
+	}
+	return ret;
+}
+
 int
 posix_rename(const char *oldpath, const char *newpath)
 {

crypto/compat/ui_openssl_win.c

@@ -302,8 +302,12 @@ open_console(UI *ui)
 	tty_out = stderr;
 
 	HANDLE handle = GetStdHandle(STD_INPUT_HANDLE);
-	if (handle != INVALID_HANDLE_VALUE)
+	if (handle != NULL && handle != INVALID_HANDLE_VALUE) {
+		if (GetFileType(handle) == FILE_TYPE_CHAR)
 			return GetConsoleMode(handle, &console_mode);
+		else
+			return 1;
+	}
 	return 0;
 }
 
@@ -311,8 +315,12 @@ static int
 noecho_console(UI *ui)
 {
 	HANDLE handle = GetStdHandle(STD_INPUT_HANDLE);
-	if (handle != INVALID_HANDLE_VALUE)
+	if (handle != NULL && handle != INVALID_HANDLE_VALUE) {
+		if (GetFileType(handle) == FILE_TYPE_CHAR)
 			return SetConsoleMode(handle, console_mode & ~ENABLE_ECHO_INPUT);
+		else
+			return 1;
+	}
 	return 0;
 }
 
@@ -320,8 +328,12 @@ static int
 echo_console(UI *ui)
 {
 	HANDLE handle = GetStdHandle(STD_INPUT_HANDLE);
-	if (handle != INVALID_HANDLE_VALUE)
+	if (handle != NULL && handle != INVALID_HANDLE_VALUE) {
+		if (GetFileType(handle) == FILE_TYPE_CHAR)
 			return SetConsoleMode(handle, console_mode);
+		else
+			return 1;
+	}
 	return 0;
 }
 

dist-win.sh

@@ -22,7 +22,7 @@ for ARCH in X86 X64; do
 
 	echo Building for $HOST
 
-	CC=$HOST-gcc ./configure --host=$HOST
+	CC=$HOST-gcc ./configure --host=$HOST --with-openssldir=c:/libressl/ssl
 	make clean
 	PATH=$PATH:/usr/$HOST/sys-root/mingw/bin \
 	   make -j 4 check

include/compat/err.h

@@ -13,20 +13,66 @@
 #define LIBCRYPTOCOMPAT_ERR_H
 
 #include <errno.h>
+#include <stdarg.h>
+#include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
 
-#define err(exitcode, format, ...) \
+static inline void
-  errx(exitcode, format ": %s", ## __VA_ARGS__, strerror(errno))
+err(int eval, const char *fmt, ...)
+{
+	int sverrno = errno;
+	va_list ap;
 
-#define errx(exitcode, format, ...) \
+	va_start(ap, fmt);
-  do { warnx(format, ## __VA_ARGS__); exit(exitcode); } while (0)
+	if (fmt != NULL) {
+		vfprintf(stderr, fmt, ap);
+		fprintf(stderr, ": ");
+	}
+	fprintf(stderr, "%s\n", strerror(sverrno));
+	exit(eval);
+	va_end(ap);
+}
 
-#define warn(format, ...) \
+static inline void
-  warnx(format ": %s", ## __VA_ARGS__, strerror(errno))
+errx(int eval, const char *fmt, ...)
+{
+	va_list ap;
 
-#define warnx(format, ...) \
+	va_start(ap, fmt);
-  fprintf(stderr, format "\n", ## __VA_ARGS__)
+	if (fmt != NULL)
+		vfprintf(stderr, fmt, ap);
+	fprintf(stderr, "\n");
+	exit(eval);
+	va_end(ap);
+}
+
+static inline void
+warn(const char *fmt, ...)
+{
+	int sverrno = errno;
+	va_list ap;
+
+	va_start(ap, fmt);
+	if (fmt != NULL) {
+		vfprintf(stderr, fmt, ap);
+		fprintf(stderr, ": ");
+	}
+	fprintf(stderr, "%s\n", strerror(sverrno));
+	va_end(ap);
+}
+
+static inline void
+warnx(const char *fmt, ...)
+{
+	va_list ap;
+
+	va_start(ap, fmt);
+	if (fmt != NULL)
+		vfprintf(stderr, fmt, ap);
+	fprintf(stderr, "\n");
+	va_end(ap);
+}
 
 #endif
 

include/compat/limits.h

@@ -4,11 +4,7 @@
  */
 
 #ifdef _MSC_VER
-#if _MSC_VER >= 1900
-#include <../ucrt/limits.h>
-#else
 #include <../include/limits.h>
-#endif
 #else
 #include_next <limits.h>
 #endif

include/compat/netinet/ip.h

@@ -3,6 +3,10 @@
  * netinet/ip.h compatibility shim
  */
 
+#if defined(__hpux)
+#include <netinet/in_systm.h>
+#endif
+
 #ifndef _WIN32
 #include_next <netinet/ip.h>
 #else

include/compat/stdio.h

@@ -28,11 +28,13 @@ int asprintf(char **str, const char *fmt, ...);
 
 void posix_perror(const char *s);
 FILE * posix_fopen(const char *path, const char *mode);
+char * posix_fgets(char *s, int size, FILE *stream);
 int posix_rename(const char *oldpath, const char *newpath);
 
 #ifndef NO_REDEF_POSIX_FUNCTIONS
 #define perror(errnum) posix_perror(errnum)
 #define fopen(path, mode) posix_fopen(path, mode)
+#define fgets(s, size, stream) posix_fgets(s, size, stream)
 #define rename(oldpath, newpath) posix_rename(oldpath, newpath)
 #endif
 

include/compat/stdlib.h

@@ -22,6 +22,7 @@
 #ifndef HAVE_ARC4RANDOM_BUF
 uint32_t arc4random(void);
 void arc4random_buf(void *_buf, size_t n);
+uint32_t arc4random_uniform(uint32_t upper_bound);
 #endif
 
 #ifndef HAVE_REALLOCARRAY

include/compat/string.h

@@ -18,9 +18,10 @@
 
 #include <sys/types.h>
 
-#if defined(__sun) || defined(__hpux)
+#if defined(__sun) || defined(_AIX) || defined(__hpux)
 /* Some functions historically defined in string.h were placed in strings.h by
- * SUS. Use the same hack as OS X and FreeBSD use to work around on Solaris and HPUX.
+ * SUS. Use the same hack as OS X and FreeBSD use to work around on AIX,
+ * Solaris, and HPUX.
  */
 #include <strings.h>
 #endif

include/compat/unistd.h

@@ -27,6 +27,13 @@ unsigned int sleep(unsigned int seconds);
 
 #ifndef HAVE_GETENTROPY
 int getentropy(void *buf, size_t buflen);
+#else
+/*
+ * Solaris 11.3 adds getentropy(2), but defines the function in sys/random.h
+ */
+#if defined(__sun)
+#include <sys/random.h>
+#endif
 #endif
 
 #define pledge(request, paths) 0

libtls-standalone/include/string.h

@@ -18,9 +18,10 @@
 
 #include <sys/types.h>
 
-#if defined(__sun) || defined(__hpux)
+#if defined(__sun) || defined(_AIX) || defined(__hpux)
 /* Some functions historically defined in string.h were placed in strings.h by
- * SUS. Use the same hack as OS X and FreeBSD use to work around on Solaris and HPUX.
+ * SUS. Use the same hack as OS X and FreeBSD use to work around on AIX,
+ * Solaris, and HPUX.
  */
 #include <strings.h>
 #endif

libtls-standalone/tests/test.c

@@ -5,7 +5,7 @@ int main()
 {
 	struct tls *tls;
 	struct tls_config *tls_config;
-	size_t written, read;
+	ssize_t written, read;
 	char buf[4096];
 
 	if (tls_init() != 0) {
@@ -31,10 +31,10 @@ int main()
 	if (tls_connect(tls, "google.com", "443") != 0)
 		goto err;
 
-	if (tls_write(tls, "GET /\r\n", 7, &written) != 0)
+	if ((written = tls_write(tls, "GET /\r\n", 7)) < 0)
 		goto err;
 
-	if (tls_read(tls, buf, sizeof(buf), &read) != 0)
+	if ((read = tls_read(tls, buf, sizeof(buf))) < 0)
 		goto err;
 
 	buf[read - 1] = '\0';

m4/check-libc.m4

@@ -41,14 +41,62 @@ AC_CACHE_CHECK([for b64_ntop], ac_cv_have_b64_ntop_arg, [
 	[ ac_cv_have_b64_ntop_arg="no"
 	])
 ])
-AM_CONDITIONAL([HAVE_B64_NTOP], [test "x$ac_cv_func_b64_ntop" = xyes])
+AM_CONDITIONAL([HAVE_B64_NTOP], [test "x$ac_cv_func_b64_ntop_arg" = xyes])
 ])
 
 AC_DEFUN([CHECK_CRYPTO_COMPAT], [
 # Check crypto-related libc functions and syscalls
-AC_CHECK_FUNCS([arc4random_buf explicit_bzero getauxval getentropy])
+AC_CHECK_FUNCS([arc4random arc4random_buf arc4random_uniform])
+AC_CHECK_FUNCS([explicit_bzero getauxval])
+
+AC_CACHE_CHECK([for getentropy], ac_cv_func_getentropy, [
+	AC_LINK_IFELSE([AC_LANG_PROGRAM([[
+#include <sys/types.h>
+#include <unistd.h>
+
+/*
+ * Explanation:
+ *
+ *   - iOS <= 10.1 fails because of missing sys/random.h
+ *
+ *   - in macOS 10.12 getentropy is not tagged as introduced in
+ *     10.12 so we cannot use it for target < 10.12
+ */
+#ifdef __APPLE__
+#  include <AvailabilityMacros.h>
+#  include <TargetConditionals.h>
+
+# if (TARGET_OS_IPHONE || TARGET_OS_SIMULATOR)
+#  include <sys/random.h> /* Not available as of iOS <= 10.1 */
+# else
+
+#  include <sys/random.h> /* Pre 10.12 systems should die here */
+
+/* Based on: https://gitweb.torproject.org/tor.git/commit/?id=16fcbd21 */
+#  ifndef MAC_OS_X_VERSION_10_12
+#    define MAC_OS_X_VERSION_10_12 101200 /* Robustness */
+#  endif
+#  if defined(MAC_OS_X_VERSION_MIN_REQUIRED)
+#    if MAC_OS_X_VERSION_MIN_REQUIRED < MAC_OS_X_VERSION_10_12
+#      error "Targeting on Mac OSX 10.11 or earlier"
+#    endif
+#  endif
+
+# endif
+#endif /* __APPLE__ */
+		]], [[
+	char buffer;
+	(void)getentropy(&buffer, sizeof (buffer));
+]])],
+	[ ac_cv_func_getentropy="yes" ],
+	[ ac_cv_func_getentropy="no"
+	])
+])
+
 AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
+AM_CONDITIONAL([HAVE_ARC4RANDOM], [test "x$ac_cv_func_arc4random" = xyes])
 AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], [test "x$ac_cv_func_arc4random_buf" = xyes])
+AM_CONDITIONAL([HAVE_ARC4RANDOM_UNIFORM], [test "x$ac_cv_func_arc4random_uniform" = xyes])
 AM_CONDITIONAL([HAVE_EXPLICIT_BZERO], [test "x$ac_cv_func_explicit_bzero" = xyes])
 AM_CONDITIONAL([HAVE_GETENTROPY], [test "x$ac_cv_func_getentropy" = xyes])
 AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes])
@@ -56,15 +104,15 @@ AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp"
 
 # Override arc4random_buf implementations with known issues
 AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF],
-	[test "x$HOST_OS" != xdarwin \
+	[test "x$USE_BUILTIN_ARC4RANDOM" != xyes \
-	   -a "x$HOST_OS" != xfreebsd \
-	   -a "x$HOST_OS" != xnetbsd \
 	   -a "x$ac_cv_func_arc4random_buf" = xyes])
 
 # Check for getentropy fallback dependencies
 AC_CHECK_FUNC([getauxval])
-AC_CHECK_FUNC([clock_gettime],, [AC_SEARCH_LIBS([clock_gettime],[rt posix4])])
+AC_SEARCH_LIBS([clock_gettime],[rt posix4])
-AC_CHECK_FUNC([dl_iterate_phdr],, [AC_SEARCH_LIBS([dl_iterate_phdr],[dl])])
+AC_CHECK_FUNC([clock_gettime])
+AC_SEARCH_LIBS([dl_iterate_phdr],[dl])
+AC_CHECK_FUNC([dl_iterate_phdr])
 ])
 
 AC_DEFUN([CHECK_VA_COPY], [

m4/check-os-options.m4

@@ -1,6 +1,7 @@
 AC_DEFUN([CHECK_OS_OPTIONS], [
 
 CFLAGS="$CFLAGS -Wall -std=gnu99 -fno-strict-aliasing"
+BUILD_NC=yes
 
 case $host_os in
 	*aix*)
@@ -14,14 +15,54 @@ case $host_os in
 		HOST_OS=cygwin
 		;;
 	*darwin*)
-		BUILD_NC=yes
 		HOST_OS=darwin
 		HOST_ABI=macosx
+		#
+		# Don't use arc4random on systems before 10.12 because of
+		# weak seed on failure to open /dev/random, based on latest
+		# public source:
+		# http://www.opensource.apple.com/source/Libc/Libc-997.90.3/gen/FreeBSD/arc4random.c
+		#
+		# We use the presence of getentropy() to detect 10.12. The
+		# following check take into account that:
+ 		#
+		#   - iOS <= 10.1 fails because of missing getentropy and
+		#     hence they miss sys/random.h
+		#
+		#   - in macOS 10.12 getentropy is not tagged as introduced in
+		#     10.12 so we cannot use it for target < 10.12
+		#
+		AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+#include <AvailabilityMacros.h>
+#include <unistd.h>
+#include <sys/random.h>  /* Systems without getentropy() should die here */
+
+/* Based on: https://gitweb.torproject.org/tor.git/commit/?id=16fcbd21 */
+#ifndef MAC_OS_X_VERSION_10_12
+#  define MAC_OS_X_VERSION_10_12 101200
+#endif
+#if defined(MAC_OS_X_VERSION_MIN_REQUIRED)
+#  if MAC_OS_X_VERSION_MIN_REQUIRED < MAC_OS_X_VERSION_10_12
+#    error "Running on Mac OSX 10.11 or earlier"
+#  endif
+#endif
+                       ]], [[
+char buf[1]; getentropy(buf, 1);
+					   ]])],
+                       [ USE_BUILTIN_ARC4RANDOM=no ],
+                       [ USE_BUILTIN_ARC4RANDOM=yes ]
+		)
+		AC_MSG_CHECKING([whether to use builtin arc4random])
+		AC_MSG_RESULT([$USE_BUILTIN_ARC4RANDOM])
+		# Not available on iOS
+		AC_CHECK_HEADER([arpa/telnet.h], [], [BUILD_NC=no])
 		;;
 	*freebsd*)
-		BUILD_NC=yes
 		HOST_OS=freebsd
 		HOST_ABI=elf
+		# fork detection missing, weak seed on failure
+		# https://svnweb.freebsd.org/base/head/lib/libc/gen/arc4random.c?revision=268642&view=markup
+		USE_BUILTIN_ARC4RANDOM=yes
 		AC_SUBST([PROG_LDADD], ['-lthr'])
 		;;
 	*hpux*)
@@ -35,24 +76,32 @@ case $host_os in
 		AC_SUBST([PLATFORM_LDADD], ['-lpthread'])
 		;;
 	*linux*)
-		BUILD_NC=yes
 		HOST_OS=linux
 		HOST_ABI=elf
 		CPPFLAGS="$CPPFLAGS -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE"
 		;;
 	*netbsd*)
-		BUILD_NC=yes
 		HOST_OS=netbsd
+		HOST_ABI=elf
+		AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+#include <sys/param.h>
+#if __NetBSD_Version__ < 700000001
+        undefined
+#endif
+                       ]], [[]])],
+                       [ USE_BUILTIN_ARC4RANDOM=no ],
+                       [ USE_BUILTIN_ARC4RANDOM=yes ]
+		)
 		CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE"
 		;;
 	*openbsd* | *bitrig*)
-		BUILD_NC=yes
 		HOST_OS=openbsd
 		HOST_ABI=elf
 		AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has bounded])
 		;;
 	*mingw*)
 		HOST_OS=win
+		BUILD_NC=no
 		CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D__USE_MINGW_ANSI_STDIO"
 		CPPFLAGS="$CPPFLAGS -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS"
 		CPPFLAGS="$CPPFLAGS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0501"
@@ -70,7 +119,11 @@ case $host_os in
 	*) ;;
 esac
 
-AM_CONDITIONAL([BUILD_NC],     [test x$BUILD_NC = xyes])
+AC_ARG_ENABLE([nc],
+	AS_HELP_STRING([--enable-nc], [Enable installing TLS-enabled nc(1)]))
+AM_CONDITIONAL([ENABLE_NC], [test "x$enable_nc" = xyes])
+AM_CONDITIONAL([BUILD_NC],  [test x$BUILD_NC = xyes -o "x$enable_nc" = xyes])
+
 AM_CONDITIONAL([HOST_AIX],     [test x$HOST_OS = xaix])
 AM_CONDITIONAL([HOST_CYGWIN],  [test x$HOST_OS = xcygwin])
 AM_CONDITIONAL([HOST_DARWIN],  [test x$HOST_OS = xdarwin])

man/links

@@ -230,6 +230,8 @@ CRYPTO_set_locking_callback.3,CRYPTO_THREADID_current.3
 CRYPTO_set_locking_callback.3,CRYPTO_THREADID_get_callback.3
 CRYPTO_set_locking_callback.3,CRYPTO_THREADID_hash.3
 CRYPTO_set_locking_callback.3,CRYPTO_THREADID_set_callback.3
+CRYPTO_set_locking_callback.3,CRYPTO_THREADID_set_numeric.3
+CRYPTO_set_locking_callback.3,CRYPTO_THREADID_set_pointer.3
 CRYPTO_set_locking_callback.3,CRYPTO_add.3
 CRYPTO_set_locking_callback.3,CRYPTO_add_lock.3
 CRYPTO_set_locking_callback.3,CRYPTO_destroy_dynlockid.3
@@ -301,6 +303,24 @@ DSA_set_method.3,DSA_set_default_method.3
 DSA_set_method.3,DSA_set_default_openssl_method.3
 DSA_sign.3,DSA_sign_setup.3
 DSA_sign.3,DSA_verify.3
+ECDSA_SIG_new.3,ECDSA_OpenSSL.3
+ECDSA_SIG_new.3,ECDSA_SIG_free.3
+ECDSA_SIG_new.3,ECDSA_do_sign.3
+ECDSA_SIG_new.3,ECDSA_do_sign_ex.3
+ECDSA_SIG_new.3,ECDSA_do_verify.3
+ECDSA_SIG_new.3,ECDSA_get_default_method.3
+ECDSA_SIG_new.3,ECDSA_get_ex_data.3
+ECDSA_SIG_new.3,ECDSA_get_ex_new_index.3
+ECDSA_SIG_new.3,ECDSA_set_default_method.3
+ECDSA_SIG_new.3,ECDSA_set_ex_data.3
+ECDSA_SIG_new.3,ECDSA_set_method.3
+ECDSA_SIG_new.3,ECDSA_sign.3
+ECDSA_SIG_new.3,ECDSA_sign_ex.3
+ECDSA_SIG_new.3,ECDSA_sign_setup.3
+ECDSA_SIG_new.3,ECDSA_size.3
+ECDSA_SIG_new.3,ECDSA_verify.3
+ECDSA_SIG_new.3,d2i_ECDSA_SIG.3
+ECDSA_SIG_new.3,i2d_ECDSA_SIG.3
 EC_GFp_simple_method.3,EC_GF2m_simple_method.3
 EC_GFp_simple_method.3,EC_GFp_mont_method.3
 EC_GFp_simple_method.3,EC_GFp_nist_method.3
@@ -418,6 +438,17 @@ ERR_print_errors.3,ERR_print_errors_fp.3
 ERR_put_error.3,ERR_add_error_data.3
 ERR_remove_state.3,ERR_remove_thread_state.3
 ERR_set_mark.3,ERR_pop_to_mark.3
+EVP_AEAD_CTX_init.3,EVP_AEAD_CTX_cleanup.3
+EVP_AEAD_CTX_init.3,EVP_AEAD_CTX_open.3
+EVP_AEAD_CTX_init.3,EVP_AEAD_CTX_seal.3
+EVP_AEAD_CTX_init.3,EVP_AEAD_key_length.3
+EVP_AEAD_CTX_init.3,EVP_AEAD_max_overhead.3
+EVP_AEAD_CTX_init.3,EVP_AEAD_max_tag_len.3
+EVP_AEAD_CTX_init.3,EVP_AEAD_nonce_length.3
+EVP_AEAD_CTX_init.3,EVP_aead_aes_128_gcm.3
+EVP_AEAD_CTX_init.3,EVP_aead_aes_256_gcm.3
+EVP_AEAD_CTX_init.3,EVP_aead_chacha20_poly1305.3
+EVP_AEAD_CTX_init.3,EVP_aead_chacha20_poly1305_ietf.3
 EVP_DigestInit.3,EVP_DigestFinal.3
 EVP_DigestInit.3,EVP_DigestFinal_ex.3
 EVP_DigestInit.3,EVP_DigestInit_ex.3
@@ -552,7 +583,6 @@ EVP_PKEY_CTX_ctrl.3,EVP_PKEY_CTX_set_rsa_padding.3
 EVP_PKEY_CTX_ctrl.3,EVP_PKEY_CTX_set_rsa_pss_saltlen.3
 EVP_PKEY_CTX_ctrl.3,EVP_PKEY_CTX_set_rsa_rsa_keygen_bits.3
 EVP_PKEY_CTX_ctrl.3,EVP_PKEY_CTX_set_signature_md.3
-EVP_PKEY_CTX_ctrl.3,EVP_PKEY_ctrl_str.3
 EVP_PKEY_CTX_ctrl.3,EVP_PKEY_get_default_digest_nid.3
 EVP_PKEY_CTX_new.3,EVP_PKEY_CTX_dup.3
 EVP_PKEY_CTX_new.3,EVP_PKEY_CTX_free.3
@@ -565,7 +595,6 @@ EVP_PKEY_derive.3,EVP_PKEY_derive_init.3
 EVP_PKEY_derive.3,EVP_PKEY_derive_set_peer.3
 EVP_PKEY_encrypt.3,EVP_PKEY_encrypt_init.3
 EVP_PKEY_get_default_digest.3,EVP_PKEY_get_default_digest_nid.3
-EVP_PKEY_keygen.3,EVP_PKEVP_PKEY_CTX_set_app_data.3
 EVP_PKEY_keygen.3,EVP_PKEY_CTX_get_app_data.3
 EVP_PKEY_keygen.3,EVP_PKEY_CTX_get_cb.3
 EVP_PKEY_keygen.3,EVP_PKEY_CTX_get_keygen_info.3
@@ -736,7 +765,6 @@ RSA_print.3,DSAparams_print_fp.3
 RSA_print.3,RSA_print_fp.3
 RSA_private_encrypt.3,RSA_public_decrypt.3
 RSA_public_encrypt.3,RSA_private_decrypt.3
-RSA_set_method.3,RSA_PKCS1_RSAref.3
 RSA_set_method.3,RSA_PKCS1_SSLeay.3
 RSA_set_method.3,RSA_flags.3
 RSA_set_method.3,RSA_get_default_method.3
@@ -796,7 +824,6 @@ SSL_CTX_sess_set_get_cb.3,SSL_CTX_sess_get_get_cb.3
 SSL_CTX_sess_set_get_cb.3,SSL_CTX_sess_get_new_cb.3
 SSL_CTX_sess_set_get_cb.3,SSL_CTX_sess_get_remove_cb.3
 SSL_CTX_sess_set_get_cb.3,SSL_CTX_sess_set_new_cb.3
-SSL_CTX_sess_set_get_cb.3,SSL_CTX_sess_set_remove.3
 SSL_CTX_sess_set_get_cb.3,SSL_CTX_sess_set_remove_cb.3
 SSL_CTX_sess_set_get_cb.3,get_session_cb.3
 SSL_CTX_sess_set_get_cb.3,new_session_cb.3
@@ -822,7 +849,6 @@ SSL_CTX_set_mode.3,SSL_CTX_get_mode.3
 SSL_CTX_set_mode.3,SSL_get_mode.3
 SSL_CTX_set_mode.3,SSL_set_mode.3
 SSL_CTX_set_msg_callback.3,SSL_CTX_set_msg_callback_arg.3
-SSL_CTX_set_msg_callback.3,SSL_get_msg_callback_arg.3
 SSL_CTX_set_msg_callback.3,SSL_set_msg_callback.3
 SSL_CTX_set_msg_callback.3,SSL_set_msg_callback_arg.3
 SSL_CTX_set_options.3,SSL_CTX_clear_options.3
@@ -906,7 +932,6 @@ SSL_get_session.3,SSL_get1_session.3
 SSL_library_init.3,OpenSSL_add_ssl_algorithms.3
 SSL_library_init.3,SSLeay_add_ssl_algorithms.3
 SSL_rstate_string.3,SSL_rstate_string_long.3
-SSL_set_connect_state.3,SSL_get_accept_state.3
 SSL_set_connect_state.3,SSL_set_accept_state.3
 SSL_set_fd.3,SSL_set_rfd.3
 SSL_set_fd.3,SSL_set_wfd.3
@@ -916,6 +941,30 @@ SSL_want.3,SSL_want_nothing.3
 SSL_want.3,SSL_want_read.3
 SSL_want.3,SSL_want_write.3
 SSL_want.3,SSL_want_x509_lookup.3
+UI_new.3,ERR_load_UI_strings.3
+UI_new.3,UI_OpenSSL.3
+UI_new.3,UI_add_error_string.3
+UI_new.3,UI_add_info_string.3
+UI_new.3,UI_add_input_boolean.3
+UI_new.3,UI_add_input_string.3
+UI_new.3,UI_add_user_data.3
+UI_new.3,UI_add_verify_string.3
+UI_new.3,UI_construct_prompt.3
+UI_new.3,UI_ctrl.3
+UI_new.3,UI_dup_error_string.3
+UI_new.3,UI_dup_info_string.3
+UI_new.3,UI_dup_input_boolean.3
+UI_new.3,UI_dup_input_string.3
+UI_new.3,UI_dup_verify_string.3
+UI_new.3,UI_free.3
+UI_new.3,UI_get0_result.3
+UI_new.3,UI_get0_user_data.3
+UI_new.3,UI_get_default_method.3
+UI_new.3,UI_get_method.3
+UI_new.3,UI_new_method.3
+UI_new.3,UI_process.3
+UI_new.3,UI_set_default_method.3
+UI_new.3,UI_set_method.3
 X509_NAME_ENTRY_get_object.3,X509_NAME_ENTRY_create_by_NID.3
 X509_NAME_ENTRY_get_object.3,X509_NAME_ENTRY_create_by_OBJ.3
 X509_NAME_ENTRY_get_object.3,X509_NAME_ENTRY_create_by_txt.3
@@ -962,38 +1011,37 @@ X509_VERIFY_PARAM_set_flags.3,X509_VERIFY_PARAM_set_purpose.3
 X509_VERIFY_PARAM_set_flags.3,X509_VERIFY_PARAM_set_time.3
 X509_VERIFY_PARAM_set_flags.3,X509_VERIFY_PARAM_set_trust.3
 X509_new.3,X509_free.3
-bn_internal.3,bn_add_words.3
+bn_dump.3,bn_add_words.3
-bn_internal.3,bn_check_top.3
+bn_dump.3,bn_check_top.3
-bn_internal.3,bn_cmp_words.3
+bn_dump.3,bn_cmp_words.3
-bn_internal.3,bn_div_words.3
+bn_dump.3,bn_div_words.3
-bn_internal.3,bn_dump.3
+bn_dump.3,bn_expand.3
-bn_internal.3,bn_expand.3
+bn_dump.3,bn_expand2.3
-bn_internal.3,bn_expand2.3
+bn_dump.3,bn_fix_top.3
-bn_internal.3,bn_fix_top.3
+bn_dump.3,bn_mul_add_words.3
-bn_internal.3,bn_mul_add_words.3
+bn_dump.3,bn_mul_comba4.3
-bn_internal.3,bn_mul_comba4.3
+bn_dump.3,bn_mul_comba8.3
-bn_internal.3,bn_mul_comba8.3
+bn_dump.3,bn_mul_high.3
-bn_internal.3,bn_mul_high.3
+bn_dump.3,bn_mul_low_normal.3
-bn_internal.3,bn_mul_low_normal.3
+bn_dump.3,bn_mul_low_recursive.3
-bn_internal.3,bn_mul_low_recursive.3
+bn_dump.3,bn_mul_normal.3
-bn_internal.3,bn_mul_normal.3
+bn_dump.3,bn_mul_part_recursive.3
-bn_internal.3,bn_mul_part_recursive.3
+bn_dump.3,bn_mul_recursive.3
-bn_internal.3,bn_mul_recursive.3
+bn_dump.3,bn_mul_words.3
-bn_internal.3,bn_mul_words.3
+bn_dump.3,bn_print.3
-bn_internal.3,bn_print.3
+bn_dump.3,bn_set_high.3
-bn_internal.3,bn_set_high.3
+bn_dump.3,bn_set_low.3
-bn_internal.3,bn_set_low.3
+bn_dump.3,bn_set_max.3
-bn_internal.3,bn_set_max.3
+bn_dump.3,bn_sqr_comba4.3
-bn_internal.3,bn_sqr_comba4.3
+bn_dump.3,bn_sqr_comba8.3
-bn_internal.3,bn_sqr_comba8.3
+bn_dump.3,bn_sqr_normal.3
-bn_internal.3,bn_sqr_normal.3
+bn_dump.3,bn_sqr_recursive.3
-bn_internal.3,bn_sqr_recursive.3
+bn_dump.3,bn_sqr_words.3
-bn_internal.3,bn_sqr_words.3
+bn_dump.3,bn_sub_words.3
-bn_internal.3,bn_sub_words.3
+bn_dump.3,bn_wexpand.3
-bn_internal.3,bn_wexpand.3
+bn_dump.3,mul.3
-bn_internal.3,mul.3
+bn_dump.3,mul_add.3
-bn_internal.3,mul_add.3
+bn_dump.3,sqr.3
-bn_internal.3,sqr.3
 crypto.3,crypto_dispatch.3
 crypto.3,crypto_done.3
 crypto.3,crypto_freereq.3
@@ -1021,12 +1069,11 @@ d2i_ECPKParameters.3,d2i_ECPKParameters_fp.3
 d2i_ECPKParameters.3,i2d_ECPKParameters.3
 d2i_ECPKParameters.3,i2d_ECPKParameters_bio.3
 d2i_ECPKParameters.3,i2d_ECPKParameters_fp.3
-d2i_PKCS8PrivateKey.3,d2i_PKCS8PrivateKey_bio.3
+d2i_PKCS8PrivateKey_bio.3,d2i_PKCS8PrivateKey_fp.3
-d2i_PKCS8PrivateKey.3,d2i_PKCS8PrivateKey_fp.3
+d2i_PKCS8PrivateKey_bio.3,i2d_PKCS8PrivateKey_bio.3
-d2i_PKCS8PrivateKey.3,i2d_PKCS8PrivateKey_bio.3
+d2i_PKCS8PrivateKey_bio.3,i2d_PKCS8PrivateKey_fp.3
-d2i_PKCS8PrivateKey.3,i2d_PKCS8PrivateKey_fp.3
+d2i_PKCS8PrivateKey_bio.3,i2d_PKCS8PrivateKey_nid_bio.3
-d2i_PKCS8PrivateKey.3,i2d_PKCS8PrivateKey_nid_bio.3
+d2i_PKCS8PrivateKey_bio.3,i2d_PKCS8PrivateKey_nid_fp.3
-d2i_PKCS8PrivateKey.3,i2d_PKCS8PrivateKey_nid_fp.3
 d2i_RSAPublicKey.3,d2i_Netscape_RSA.3
 d2i_RSAPublicKey.3,d2i_RSAPrivateKey.3
 d2i_RSAPublicKey.3,d2i_RSA_PUBKEY.3
@@ -1053,25 +1100,9 @@ d2i_X509_REQ.3,i2d_X509_REQ.3
 d2i_X509_REQ.3,i2d_X509_REQ_bio.3
 d2i_X509_REQ.3,i2d_X509_REQ_fp.3
 d2i_X509_SIG.3,i2d_X509_SIG.3
-ecdsa.3,ECDSA_OpenSSL.3
+des_read_pw.3,des_read_2passwords.3
-ecdsa.3,ECDSA_SIG_free.3
+des_read_pw.3,des_read_password.3
-ecdsa.3,ECDSA_SIG_new.3
+des_read_pw.3,des_read_pw_string.3
-ecdsa.3,ECDSA_do_sign.3
-ecdsa.3,ECDSA_do_sign_ex.3
-ecdsa.3,ECDSA_do_verify.3
-ecdsa.3,ECDSA_get_default_method.3
-ecdsa.3,ECDSA_get_ex_data.3
-ecdsa.3,ECDSA_get_ex_new_index.3
-ecdsa.3,ECDSA_set_default_method.3
-ecdsa.3,ECDSA_set_ex_data.3
-ecdsa.3,ECDSA_set_method.3
-ecdsa.3,ECDSA_sign.3
-ecdsa.3,ECDSA_sign_ex.3
-ecdsa.3,ECDSA_sign_setup.3
-ecdsa.3,ECDSA_size.3
-ecdsa.3,ECDSA_verify.3
-ecdsa.3,d2i_ECDSA_SIG.3
-ecdsa.3,i2d_ECDSA_SIG.3
 engine.3,ENGINE_add.3
 engine.3,ENGINE_by_id.3
 engine.3,ENGINE_finish.3
@@ -1082,19 +1113,23 @@ engine.3,ENGINE_get_prev.3
 engine.3,ENGINE_init.3
 engine.3,ENGINE_load_builtin_engines.3
 engine.3,ENGINE_remove.3
+lh_new.3,DECLARE_LHASH_OF.3
+lh_new.3,LHASH_COMP_FN_TYPE.3
+lh_new.3,LHASH_DOALL_ARG_FN_TYPE.3
+lh_new.3,LHASH_DOALL_FN_TYPE.3
+lh_new.3,LHASH_HASH_FN_TYPE.3
+lh_new.3,lh_delete.3
+lh_new.3,lh_doall.3
+lh_new.3,lh_doall_arg.3
+lh_new.3,lh_error.3
+lh_new.3,lh_free.3
+lh_new.3,lh_insert.3
+lh_new.3,lh_retrieve.3
 lh_stats.3,lh_node_stats.3
 lh_stats.3,lh_node_stats_bio.3
 lh_stats.3,lh_node_usage_stats.3
 lh_stats.3,lh_node_usage_stats_bio.3
 lh_stats.3,lh_stats_bio.3
-lhash.3,lh_delete.3
-lhash.3,lh_doall.3
-lhash.3,lh_doall_arg.3
-lhash.3,lh_error.3
-lhash.3,lh_free.3
-lhash.3,lh_insert.3
-lhash.3,lh_new.3
-lhash.3,lh_retrieve.3
 tls_init.3,tls_accept_fds.3
 tls_init.3,tls_accept_socket.3
 tls_init.3,tls_client.3
@@ -1145,32 +1180,3 @@ tls_init.3,tls_read.3
 tls_init.3,tls_reset.3
 tls_init.3,tls_server.3
 tls_init.3,tls_write.3
-ui.3,ERR_load_UI_strings.3
-ui.3,UI_OpenSSL.3
-ui.3,UI_add_error_string.3
-ui.3,UI_add_info_string.3
-ui.3,UI_add_input_boolean.3
-ui.3,UI_add_input_string.3
-ui.3,UI_add_user_data.3
-ui.3,UI_add_verify_string.3
-ui.3,UI_construct_prompt.3
-ui.3,UI_ctrl.3
-ui.3,UI_dup_error_string.3
-ui.3,UI_dup_info_string.3
-ui.3,UI_dup_input_boolean.3
-ui.3,UI_dup_input_string.3
-ui.3,UI_dup_verify_string.3
-ui.3,UI_free.3
-ui.3,UI_get0_result.3
-ui.3,UI_get0_user_data.3
-ui.3,UI_get_default_method.3
-ui.3,UI_get_method.3
-ui.3,UI_new.3
-ui.3,UI_new_method.3
-ui.3,UI_process.3
-ui.3,UI_set_default_method.3
-ui.3,UI_set_method.3
-ui_compat.3,des_read_2passwords.3
-ui_compat.3,des_read_password.3
-ui_compat.3,des_read_pw.3
-ui_compat.3,des_read_pw_string.3

man/update_links.sh

@@ -11,7 +11,7 @@ for i in `ls -1 *.3`; do
   for j in $links; do
     a=`echo "x$j" | tr '[:upper:]' '[:lower:]'`
     b=`echo "x$name" | tr '[:upper:]' '[:lower:]'`
-    if [ $a != $b ]; then
+    if [[ $a != $b && $a != *"<type>"* ]]; then
       echo $name.3,$j.3 >> links
     fi
   done

patches/modes_lcl.h

@@ -0,0 +1,21 @@
+--- openbsd/src/lib/libssl/src/crypto/modes/modes_lcl.h	Sat Dec  6 17:15:50 2014
++++ crypto/modes/modes_lcl.h	Sun Jul 17 17:45:27 2016
+@@ -43,14 +43,16 @@
+ 			asm ("bswapl %0"		\
+ 			: "+r"(ret));	ret;		})
+ # elif (defined(__arm__) || defined(__arm)) && !defined(__STRICT_ALIGNMENT)
+-#  define BSWAP8(x) ({	u32 lo=(u64)(x)>>32,hi=(x);	\
++#  if (__ARM_ARCH >= 6)
++#   define BSWAP8(x) ({	u32 lo=(u64)(x)>>32,hi=(x);	\
+ 			asm ("rev %0,%0; rev %1,%1"	\
+ 			: "+r"(hi),"+r"(lo));		\
+ 			(u64)hi<<32|lo;			})
+-#  define BSWAP4(x) ({	u32 ret;			\
++#   define BSWAP4(x) ({	u32 ret;			\
+ 			asm ("rev %0,%1"		\
+ 			: "=r"(ret) : "r"((u32)(x)));	\
+ 			ret;				})
++#  endif
+ # endif
+ #endif
+ #endif

patches/netcat.c.patch

@@ -1,5 +1,5 @@
---- apps/nc/netcat.c.orig	2015-10-23 16:01:14.000000000 -0700
+--- apps/nc/netcat.c.orig	Mon Dec 28 08:46:10 2015
-+++ apps/nc/netcat.c	2015-10-23 16:17:08.000000000 -0700
++++ apps/nc/netcat.c	Mon Dec 28 08:46:19 2015
 @@ -57,6 +57,10 @@
  #include <tls.h>
  #include "atomicio.h"
@@ -9,9 +9,19 @@
 +#endif
 +
  #define PORT_MAX	65535
- #define PORT_MAX_LEN	6
  #define UNIX_DG_TMP_SOCKET_SIZE	19
-@@ -93,9 +97,13 @@
+ 
+@@ -65,7 +69,9 @@
+ #define POLL_NETIN 2
+ #define POLL_STDOUT 3
+ #define BUFSIZE 16384
++#ifndef DEFAULT_CA_FILE
+ #define DEFAULT_CA_FILE "/etc/ssl/cert.pem"
++#endif
+ 
+ #define TLS_LEGACY	(1 << 1)
+ #define TLS_NOVERIFY	(1 << 2)
+@@ -92,9 +98,13 @@
  int	Dflag;					/* sodebug */
  int	Iflag;					/* TCP receive buffer size */
  int	Oflag;					/* TCP send buffer size */
@@ -25,7 +35,7 @@
  
  int	usetls;					/* use TLS */
  char    *Cflag;					/* Public cert file */
-@@ -145,7 +153,7 @@
+@@ -150,7 +160,7 @@
  	struct servent *sv;
  	socklen_t len;
  	struct sockaddr_storage cliaddr;
@@ -34,7 +44,7 @@
  	const char *errstr, *proxyhost = "", *proxyport = NULL;
  	struct addrinfo proxyhints;
  	char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE];
-@@ -246,12 +254,14 @@
+@@ -251,12 +261,14 @@
  		case 'u':
  			uflag = 1;
  			break;
@@ -49,7 +59,7 @@
  		case 'v':
  			vflag = 1;
  			break;
-@@ -284,9 +294,11 @@
+@@ -289,9 +301,11 @@
  				errx(1, "TCP send window %s: %s",
  				    errstr, optarg);
  			break;
@@ -61,26 +71,31 @@
  		case 'T':
  			errstr = NULL;
  			errno = 0;
-@@ -310,14 +322,16 @@
+@@ -315,9 +329,11 @@
  	argc -= optind;
  	argv += optind;
  
 +#ifdef SO_RTABLE
- 	if (rtableid >= 0) {
+ 	if (rtableid >= 0)
- 		/*
+ 		if (setrtable(rtableid) == -1)
- 		 * XXX No pledge if doing rtable manipulation!
+ 			err(1, "setrtable");
- 		 * XXX the routing table stuff is dangerous and can't be pledged.
- 		 * XXX rtable should really have a better interface than sockopt
- 		 */
--	}
--	else if (family == AF_UNIX) {
-+	} else
 +#endif
-+	if (family == AF_UNIX) {
+ 
+ 	if (family == AF_UNIX) {
  		if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
- 			err(1, "pledge");
+@@ -460,7 +476,10 @@
+ 				errx(1, "-H and -T noverify may not be used"
+ 				    "together");
+ 			tls_config_insecure_noverifycert(tls_cfg);
+-		}
++		} else {
++                        if (Rflag && access(Rflag, R_OK) == -1)
++                                errx(1, "unable to find root CA file %s", Rflag);
++                }
  	}
-@@ -797,7 +811,10 @@
+ 	if (lflag) {
+ 		struct tls *tls_cctx = NULL;
+@@ -807,7 +826,10 @@
  remote_connect(const char *host, const char *port, struct addrinfo hints)
  {
  	struct addrinfo *res, *res0;
@@ -92,17 +107,7 @@
  
  	if ((error = getaddrinfo(host, port, &hints, &res)))
  		errx(1, "getaddrinfo: %s", gai_strerror(error));
-@@ -808,16 +825,20 @@
+@@ -822,8 +844,10 @@
- 		    SOCK_NONBLOCK, res0->ai_protocol)) < 0)
- 			continue;
- 
-+#ifdef SO_RTABLE
- 		if (rtableid >= 0 && (setsockopt(s, SOL_SOCKET, SO_RTABLE,
- 		    &rtableid, sizeof(rtableid)) == -1))
- 			err(1, "setsockopt SO_RTABLE");
-+#endif
- 
- 		/* Bind to a local port or source address if specified. */
  		if (sflag || pflag) {
  			struct addrinfo ahints, *ares;
  
@@ -113,7 +118,7 @@
  			memset(&ahints, 0, sizeof(struct addrinfo));
  			ahints.ai_family = res0->ai_family;
  			ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
-@@ -886,7 +907,10 @@
+@@ -892,7 +916,10 @@
  local_listen(char *host, char *port, struct addrinfo hints)
  {
  	struct addrinfo *res, *res0;
@@ -125,16 +130,10 @@
  	int error;
  
  	/* Allow nodename to be null. */
-@@ -908,13 +932,17 @@
+@@ -914,9 +941,11 @@
  		    res0->ai_protocol)) < 0)
  			continue;
  
-+#ifdef SO_RTABLE
- 		if (rtableid >= 0 && (setsockopt(s, SOL_SOCKET, SO_RTABLE,
- 		    &rtableid, sizeof(rtableid)) == -1))
- 			err(1, "setsockopt SO_RTABLE");
-+#endif
- 
 +#ifdef SO_REUSEPORT
  		ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
  		if (ret == -1)
@@ -143,7 +142,7 @@
  
  		set_common_sockopts(s, res0->ai_family);
  
-@@ -1358,11 +1386,13 @@
+@@ -1356,11 +1385,13 @@
  {
  	int x = 1;
  
@@ -157,29 +156,30 @@
  	if (Dflag) {
  		if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
  			&x, sizeof(x)) == -1)
-@@ -1537,15 +1567,19 @@
+@@ -1538,14 +1569,22 @@
  	\t-P proxyuser\tUsername for proxy authentication\n\
  	\t-p port\t	Specify local port for remote connects\n\
  	\t-R CAfile	CA bundle\n\
 -	\t-r		Randomize remote ports\n\
 -	\t-S		Enable the TCP MD5 signature option\n\
--	\t-s source	Local source address\n\
 +	\t-r		Randomize remote ports\n"
 +#ifdef TCP_MD5SIG
-+	"\t-S		Enable the TCP MD5 signature option\n"
++        "\
++	\t-S		Enable the TCP MD5 signature option\n"
 +#endif
-+	"\t-s source	Local source address\n\
++        "\
+ 	\t-s source	Local source address\n\
  	\t-T keyword	TOS value or TLS options\n\
  	\t-t		Answer TELNET negotiation\n\
  	\t-U		Use UNIX domain socket\n\
 -	\t-u		UDP mode\n\
 -	\t-V rtable	Specify alternate routing table\n\
--	\t-v		Verbose\n\
 +	\t-u		UDP mode\n"
 +#ifdef SO_RTABLE
-+	"\t-V rtable	Specify alternate routing table\n"
++        "\
++	\t-V rtable	Specify alternate routing table\n"
 +#endif
-+	"\t-v		Verbose\n\
++        "\
+ 	\t-v		Verbose\n\
  	\t-w timeout	Timeout for connects and final net reads\n\
  	\t-X proto	Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\
- 	\t-x addr[:port]\tSpecify proxy address and port\n\

patches/rfc5280.c.patch

@@ -1,5 +1,5 @@
---- tests/rfc5280time.c.orig	Sat Oct 17 22:36:27 2015
+--- tests/rfc5280time.c.orig	Mon Nov  2 20:00:31 2015
-+++ tests/rfc5280time.c	Sat Oct 17 22:44:25 2015
++++ tests/rfc5280time.c	Mon Nov  2 20:03:12 2015
 @@ -91,6 +91,7 @@
  		.data = "20150923032700Z",
  		.time = 1442978820,
@@ -10,7 +10,7 @@
  		.str = "00000101000000Z",
 @@ -103,6 +104,7 @@
  		.data = "20491231235959Z",
- 		.time = 2524607999,
+ 		.time = 2524607999LL,
  	},
 +#endif
  	{
@@ -26,7 +26,7 @@
  		.str = "99991231235959Z",
 @@ -129,6 +132,7 @@
  		.data = "20500101000000Z",
- 		.time =  2524608000,
+ 		.time =  2524608000LL,
  	},
 +#endif
  };
@@ -40,7 +40,7 @@
  	{
  		.str = "491231235959Z",
  		.data = "491231235959Z",
- 		.time = 2524607999,
+ 		.time = 2524607999LL,
  	},
 +#endif
  	{

patches/ssl_txt.c.patch

@@ -0,0 +1,19 @@
+--- ssl/ssl_txt.orig	Sun Jul 17 17:26:59 2016
++++ ssl/ssl_txt.c	Sun Jul 17 17:35:44 2016
+@@ -82,6 +82,7 @@
+  * OTHERWISE.
+  */
+ 
++#include <inttypes.h>
+ #include <stdio.h>
+ 
+ #include <openssl/buffer.h>
+@@ -163,7 +164,7 @@
+ 	}
+ 
+ 	if (x->time != 0) {
+-		if (BIO_printf(bp, "\n    Start Time: %lld", (long long)x->time) <= 0)
++		if (BIO_printf(bp, "\n    Start Time: %"PRId64, (int64_t)x->time) <= 0)
+ 			goto err;
+ 	}
+ 	if (x->timeout != 0L) {

patches/tls_internal.h.patch

@@ -0,0 +1,12 @@
+--- ./openbsd/src/lib/libtls/tls_internal.h	Thu Oct 15 16:12:24 2015
++++ ./tls/tls_internal.h	Sun Dec  6 20:18:17 2015
+@@ -24,7 +24,9 @@
+ 
+ #include <openssl/ssl.h>
+ 
++#ifndef _PATH_SSL_CA_FILE
+ #define _PATH_SSL_CA_FILE "/etc/ssl/cert.pem"
++#endif
+ 
+ #define TLS_CIPHERS_COMPAT	"ALL:!aNULL:!eNULL"
+ #define TLS_CIPHERS_DEFAULT	"TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE"

patches/windows_headers.patch

@@ -1,6 +1,6 @@
-diff -urN include/openssl.orig/dtls1.h include/openssl/dtls1.h
+diff -u include/openssl.orig/dtls1.h include/openssl/dtls1.h
---- include/openssl.orig/dtls1.h	Mon Sep 21 21:45:45 2015
+--- include/openssl.orig/dtls1.h	Mon Dec  7 07:58:32 2015
-+++ include/openssl/dtls1.h	Mon Sep 21 21:58:56 2015
++++ include/openssl/dtls1.h	Mon Dec  7 07:56:14 2015
 @@ -60,7 +60,11 @@
  #ifndef HEADER_DTLS1_H
  #define HEADER_DTLS1_H
@@ -13,9 +13,9 @@ diff -urN include/openssl.orig/dtls1.h include/openssl/dtls1.h
  
  #include <stdio.h>
  #include <stdlib.h>
-diff -urN include/openssl.orig/opensslconf.h include/openssl/opensslconf.h
+diff -u include/openssl.orig/opensslconf.h include/openssl/opensslconf.h
---- include/openssl.orig/opensslconf.h	Mon Sep 21 21:45:45 2015
+--- include/openssl.orig/opensslconf.h	Mon Dec  7 07:58:32 2015
-+++ include/openssl/opensslconf.h	Mon Sep 21 21:56:13 2015
++++ include/openssl/opensslconf.h	Mon Dec  7 07:56:14 2015
 @@ -1,6 +1,10 @@
  #include <openssl/opensslfeatures.h>
  /* crypto/opensslconf.h.in */
@@ -27,10 +27,10 @@ diff -urN include/openssl.orig/opensslconf.h include/openssl/opensslconf.h
  /* Generate 80386 code? */
  #undef I386_ONLY
  
-diff -urN include/openssl.orig/ossl_typ.h include/openssl/ossl_typ.h
+diff -u include/openssl.orig/ossl_typ.h include/openssl/ossl_typ.h
---- include/openssl.orig/ossl_typ.h	Mon Sep 21 21:45:45 2015
+--- include/openssl.orig/ossl_typ.h	Mon Dec  7 07:58:32 2015
-+++ include/openssl/ossl_typ.h	Mon Sep 21 21:56:22 2015
++++ include/openssl/ossl_typ.h	Mon Dec  7 07:56:14 2015
-@@ -100,6 +100,22 @@
+@@ -80,6 +80,22 @@
  typedef struct ASN1_ITEM_st ASN1_ITEM;
  typedef struct asn1_pctx_st ASN1_PCTX;
  
@@ -53,9 +53,9 @@ diff -urN include/openssl.orig/ossl_typ.h include/openssl/ossl_typ.h
  #ifdef BIGNUM
  #undef BIGNUM
  #endif
-diff -urN include/openssl.orig/pkcs7.h include/openssl/pkcs7.h
+diff -u include/openssl.orig/pkcs7.h include/openssl/pkcs7.h
---- include/openssl.orig/pkcs7.h	Mon Sep 21 21:45:45 2015
+--- include/openssl.orig/pkcs7.h	Mon Dec  7 07:58:32 2015
-+++ include/openssl/pkcs7.h	Mon Sep 21 21:56:29 2015
++++ include/openssl/pkcs7.h	Mon Dec  7 07:56:14 2015
 @@ -69,6 +69,18 @@
  extern "C" {
  #endif
@@ -75,9 +75,9 @@ diff -urN include/openssl.orig/pkcs7.h include/openssl/pkcs7.h
  /*
  Encryption_ID		DES-CBC
  Digest_ID		MD5
-diff -urN include/openssl.orig/x509.h include/openssl/x509.h
+diff -u include/openssl.orig/x509.h include/openssl/x509.h
---- include/openssl.orig/x509.h	Mon Sep 21 21:45:45 2015
+--- include/openssl.orig/x509.h	Mon Dec  7 07:58:32 2015
-+++ include/openssl/x509.h	Mon Sep 21 21:56:35 2015
++++ include/openssl/x509.h	Mon Dec  7 07:56:14 2015
 @@ -112,6 +112,19 @@
  extern "C" {
  #endif

ssl/CMakeLists.txt

@@ -52,6 +52,9 @@ if (BUILD_SHARED)
 	add_library(ssl-objects OBJECT ${SSL_SRC})
 	add_library(ssl STATIC $<TARGET_OBJECTS:ssl-objects>)
 	add_library(ssl-shared SHARED $<TARGET_OBJECTS:ssl-objects>)
+	if (MSVC)
+		target_link_libraries(ssl-shared crypto-shared Ws2_32.lib)
+	endif()
 	set_target_properties(ssl-shared PROPERTIES OUTPUT_NAME ssl)
 	set_target_properties(ssl-shared PROPERTIES VERSION ${SSL_VERSION}
 		SOVERSION ${SSL_MAJOR_VERSION})

ssl/Makefile.am

@@ -6,7 +6,7 @@ EXTRA_DIST = VERSION
 EXTRA_DIST += CMakeLists.txt
 
 libssl_la_LDFLAGS = -version-info @LIBSSL_VERSION@ -no-undefined
-libssl_la_LIBADD = ../crypto/libcrypto.la
+libssl_la_LIBADD = $(abs_top_builddir)/crypto/libcrypto.la
 
 libssl_la_SOURCES = bio_ssl.c
 libssl_la_SOURCES += bs_ber.c

tests/Makefile.am

@@ -7,9 +7,9 @@ AM_CPPFLAGS += -I $(top_srcdir)/apps/openssl
 AM_CPPFLAGS += -I $(top_srcdir)/apps/openssl/compat
 
 LDADD = $(PLATFORM_LDADD) $(PROG_LDADD)
-LDADD += $(top_builddir)/ssl/libssl.la
+LDADD += $(abs_top_builddir)/ssl/libssl.la
-LDADD += $(top_builddir)/crypto/libcrypto.la
+LDADD += $(abs_top_builddir)/crypto/libcrypto.la
-LDADD += $(top_builddir)/tls/libtls.la
+LDADD += $(abs_top_builddir)/tls/libtls.la
 
 TEST_LOG_DRIVER = env AM_TAP_AWK='$(AWK)' $(SHELL) $(top_srcdir)/tap-driver.sh
 
@@ -225,8 +225,8 @@ if ENABLE_EXTRATESTS
 TESTS += pidwraptest.sh
 check_PROGRAMS += pidwraptest
 pidwraptest_SOURCES = pidwraptest.c
-EXTRA_DIST += pidwraptest.sh
 endif
+EXTRA_DIST += pidwraptest.sh
 
 # pkcs7test
 TESTS += pkcs7test

tls/CMakeLists.txt

@@ -25,6 +25,9 @@ if (BUILD_SHARED)
 	add_library(tls-objects OBJECT ${TLS_SRC})
 	add_library(tls STATIC $<TARGET_OBJECTS:tls-objects>)
 	add_library(tls-shared SHARED $<TARGET_OBJECTS:tls-objects>)
+	if (MSVC)
+		target_link_libraries(tls-shared ssl-shared crypto-shared Ws2_32.lib)
+	endif()
 	set_target_properties(tls-shared PROPERTIES OUTPUT_NAME tls)
 	set_target_properties(tls-shared PROPERTIES VERSION ${TLS_VERSION}
 		SOVERSION ${TLS_MAJOR_VERSION})

tls/Makefile.am

@@ -6,7 +6,16 @@ EXTRA_DIST = VERSION
 EXTRA_DIST += CMakeLists.txt
 
 libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined
-libtls_la_LIBADD = ../crypto/libcrypto.la ../ssl/libssl.la $(PLATFORM_LDADD)
+libtls_la_LIBADD = $(abs_top_builddir)/ssl/libssl.la
+libtls_la_LIBADD += $(abs_top_builddir)/crypto/libcrypto.la
+libtls_la_LIBADD += $(PLATFORM_LDADD)
+
+libtls_la_CPPFLAGS = $(AM_CPPFLAGS)
+if OPENSSLDIR_DEFINED
+libtls_la_CPPFLAGS += -D_PATH_SSL_CA_FILE=\"@OPENSSLDIR@/cert.pem\"
+else
+libtls_la_CPPFLAGS += -D_PATH_SSL_CA_FILE=\"$(sysconfdir)/ssl/cert.pem\"
+endif
 
 libtls_la_SOURCES = tls.c
 libtls_la_SOURCES += tls_client.c

update.sh

@@ -73,6 +73,7 @@ $CP $libtls_src/tls.h libtls-standalone/include
 
 for i in crypto/compat libtls-standalone/compat; do
 	for j in $libc_src/crypt/arc4random.c \
+	    $libc_src/crypt/arc4random_uniform.c \
 	    $libc_src/crypt/chacha_private.h \
 	    $libc_src/string/explicit_bzero.c \
 	    $libc_src/stdlib/reallocarray.c \
@@ -300,8 +301,13 @@ add_man_links() {
 }
 
 # apply local patches
+PATCH=patch
+# Prefer gnu patch on AIX systems, if available
+if [ -x /opt/freeware/bin/patch ]; then
+    PATCH=/opt/freeware/bin/patch
+fi
 for i in patches/*.patch; do
-    patch -p0 < $i
+    $PATCH -p0 < $i
 done
 
 # copy manpages