diff options
author | gordon <gordon@FreeBSD.org> | 2017-12-09 03:44:26 +0000 |
---|---|---|
committer | gordon <gordon@FreeBSD.org> | 2017-12-09 03:44:26 +0000 |
commit | f9756700e2c7432a9b1f88dc9874a7c51a9fde62 (patch) | |
tree | d0790a03bdf7254146d2c6e5227e80406020a5fb /crypto | |
parent | d1ca5f865fb4b67fffd130051af6919e2c969ab1 (diff) | |
download | FreeBSD-src-f9756700e2c7432a9b1f88dc9874a7c51a9fde62.zip FreeBSD-src-f9756700e2c7432a9b1f88dc9874a7c51a9fde62.tar.gz |
Fix multiple OpenSSL vulnerabilities.
Approved by: so
Security: CVE-2017-3737
Security: CVE-2017-3738
Security: FreeBSD-SA-17:12.openssl
Diffstat (limited to 'crypto')
-rwxr-xr-x | crypto/openssl/crypto/bn/asm/rsaz-avx2.pl | 15 | ||||
-rw-r--r-- | crypto/openssl/ssl/ssl.h | 2 |
2 files changed, 8 insertions, 9 deletions
diff --git a/crypto/openssl/crypto/bn/asm/rsaz-avx2.pl b/crypto/openssl/crypto/bn/asm/rsaz-avx2.pl index 712a77f..2b3f8b0 100755 --- a/crypto/openssl/crypto/bn/asm/rsaz-avx2.pl +++ b/crypto/openssl/crypto/bn/asm/rsaz-avx2.pl @@ -239,7 +239,7 @@ $code.=<<___; vmovdqu 32*8-128($ap), $ACC8 lea 192(%rsp), $tp0 # 64+128=192 - vpbroadcastq .Land_mask(%rip), $AND_MASK + vmovdqu .Land_mask(%rip), $AND_MASK jmp .LOOP_GRANDE_SQR_1024 .align 32 @@ -1070,10 +1070,10 @@ $code.=<<___; vpmuludq 32*6-128($np),$Yi,$TEMP1 vpaddq $TEMP1,$ACC6,$ACC6 vpmuludq 32*7-128($np),$Yi,$TEMP2 - vpblendd \$3, $ZERO, $ACC9, $ACC9 # correct $ACC3 + vpblendd \$3, $ZERO, $ACC9, $TEMP1 # correct $ACC3 vpaddq $TEMP2,$ACC7,$ACC7 vpmuludq 32*8-128($np),$Yi,$TEMP0 - vpaddq $ACC9, $ACC3, $ACC3 # correct $ACC3 + vpaddq $TEMP1, $ACC3, $ACC3 # correct $ACC3 vpaddq $TEMP0,$ACC8,$ACC8 mov %rbx, %rax @@ -1086,7 +1086,9 @@ $code.=<<___; vmovdqu -8+32*2-128($ap),$TEMP2 mov $r1, %rax + vpblendd \$0xfc, $ZERO, $ACC9, $ACC9 # correct $ACC3 imull $n0, %eax + vpaddq $ACC9,$ACC4,$ACC4 # correct $ACC3 and \$0x1fffffff, %eax imulq 16-128($ap),%rbx @@ -1322,15 +1324,12 @@ ___ # But as we underutilize resources, it's possible to correct in # each iteration with marginal performance loss. But then, as # we do it in each iteration, we can correct less digits, and -# avoid performance penalties completely. Also note that we -# correct only three digits out of four. This works because -# most significant digit is subjected to less additions. +# avoid performance penalties completely. $TEMP0 = $ACC9; $TEMP3 = $Bi; $TEMP4 = $Yi; $code.=<<___; - vpermq \$0, $AND_MASK, $AND_MASK vpaddq (%rsp), $TEMP1, $ACC0 vpsrlq \$29, $ACC0, $TEMP1 @@ -1763,7 +1762,7 @@ $code.=<<___; .align 64 .Land_mask: - .quad 0x1fffffff,0x1fffffff,0x1fffffff,-1 + .quad 0x1fffffff,0x1fffffff,0x1fffffff,0x1fffffff .Lscatter_permd: .long 0,2,4,6,7,7,7,7 .Lgather_permd: diff --git a/crypto/openssl/ssl/ssl.h b/crypto/openssl/ssl/ssl.h index 90aeb0c..3cf96a2 100644 --- a/crypto/openssl/ssl/ssl.h +++ b/crypto/openssl/ssl/ssl.h @@ -1727,7 +1727,7 @@ extern "C" { # define SSL_ST_BEFORE 0x4000 # define SSL_ST_OK 0x03 # define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT) -# define SSL_ST_ERR 0x05 +# define SSL_ST_ERR (0x05|SSL_ST_INIT) # define SSL_CB_LOOP 0x01 # define SSL_CB_EXIT 0x02 |