openssl: Update to pristine 1.0.2n (security update)

2025-11-18 14:21:41 +00:00 · 2018-01-13 13:39:08 +01:00
parent de0b31edd5
commit 00abb1f201
74 changed files with 890 additions and 363 deletions
--- a/thirdparty/openssl/ssl/ssl_lib.c
+++ b/thirdparty/openssl/ssl/ssl_lib.c
@@ -1825,15 +1825,15 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,

 int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
                               const char *label, size_t llen,
-                               const unsigned char *p, size_t plen,
+                               const unsigned char *context, size_t contextlen,
                               int use_context)
 {
    if (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER)
        return -1;

    return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
-                                                       llen, p, plen,
-                                                       use_context);
+                                                       llen, context,
+                                                       contextlen, use_context);
 }

 static unsigned long ssl_session_hash(const SSL_SESSION *a)
@@ -3180,6 +3180,7 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
 #endif
    ssl->cert = ssl_cert_dup(ctx->cert);
    if (ocert) {
+        int i;
        /* Preserve any already negotiated parameters */
        if (ssl->server) {
            ssl->cert->peer_sigalgs = ocert->peer_sigalgs;
@@ -3189,6 +3190,9 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
            ssl->cert->ciphers_rawlen = ocert->ciphers_rawlen;
            ocert->ciphers_raw = NULL;
        }
+        for (i = 0; i < SSL_PKEY_NUM; i++) {
+            ssl->cert->pkeys[i].digest = ocert->pkeys[i].digest;
+        }
 #ifndef OPENSSL_NO_TLSEXT
        ssl->cert->alpn_proposed = ocert->alpn_proposed;
        ssl->cert->alpn_proposed_len = ocert->alpn_proposed_len;