FFFTPのソースコードです。
| Révision | e2254d6a32e411603bd40d67fd6e174357eb6ed5 (tree) |
|---|---|
| l'heure | 2015-06-13 17:42:30 |
| Auteur | s_kawamoto <s_kawamoto@user...> |
| Commiter | s_kawamoto |
Update OpenSSL to 1.0.2c.
FFFTP_Eng_Release/FFFTP.exe (diff) FFFTP_Eng_Release_64/FFFTP.exe (diff) Release/FFFTP.exe (diff) Release_64/FFFTP.exe (diff)
common.h (diff) contrib/openssl/bin/libeay32.dll (diff) contrib/openssl/bin/ssleay32.dll (diff)
contrib/openssl/changes.txt (diff) contrib/openssl/include/openssl/bn.h (diff) contrib/openssl/include/openssl/e_os2.h (diff) contrib/openssl/include/openssl/ec.h (diff) contrib/openssl/include/openssl/evp.h (diff) contrib/openssl/include/openssl/opensslv.h (diff) contrib/openssl/include/openssl/ssl.h (diff) contrib/openssl/include/openssl/x509_vfy.h (diff) contrib/openssl/news.txt (diff) contrib/openssl/readme.txt (diff) dist/amd64/libeay32.dll (diff) dist/amd64/ssleay32.dll (diff) dist/libeay32.dll (diff) dist/ssleay32.dll (diff)
socketwrapper.c (diff)| @@ -81,7 +81,7 @@ | ||
| 81 | 81 | // ソフトウェア自動更新 |
| 82 | 82 | // リリースバージョンはリリース予定年(10進数4桁)+月(2桁)+日(2桁)+通し番号(0スタート2桁)とする |
| 83 | 83 | // 2014年7月31日中の30個目のリリースは2014073129 |
| 84 | -#define RELEASE_VERSION_NUM 2015051600 /* リリースバージョン */ | |
| 84 | +#define RELEASE_VERSION_NUM 2015061300 /* リリースバージョン */ | |
| 85 | 85 | |
| 86 | 86 | |
| 87 | 87 | // SourceForge.JPによるフォーク |
| @@ -2,6 +2,96 @@ | ||
| 2 | 2 | OpenSSL CHANGES |
| 3 | 3 | _______________ |
| 4 | 4 | |
| 5 | + Changes between 1.0.2b and 1.0.2c [12 Jun 2015] | |
| 6 | + | |
| 7 | + *) Fix HMAC ABI incompatibility. The previous version introduced an ABI | |
| 8 | + incompatibility in the handling of HMAC. The previous ABI has now been | |
| 9 | + restored. | |
| 10 | + | |
| 11 | + Changes between 1.0.2a and 1.0.2b [11 Jun 2015] | |
| 12 | + | |
| 13 | + *) Malformed ECParameters causes infinite loop | |
| 14 | + | |
| 15 | + When processing an ECParameters structure OpenSSL enters an infinite loop | |
| 16 | + if the curve specified is over a specially malformed binary polynomial | |
| 17 | + field. | |
| 18 | + | |
| 19 | + This can be used to perform denial of service against any | |
| 20 | + system which processes public keys, certificate requests or | |
| 21 | + certificates. This includes TLS clients and TLS servers with | |
| 22 | + client authentication enabled. | |
| 23 | + | |
| 24 | + This issue was reported to OpenSSL by Joseph Barr-Pixton. | |
| 25 | + (CVE-2015-1788) | |
| 26 | + [Andy Polyakov] | |
| 27 | + | |
| 28 | + *) Exploitable out-of-bounds read in X509_cmp_time | |
| 29 | + | |
| 30 | + X509_cmp_time does not properly check the length of the ASN1_TIME | |
| 31 | + string and can read a few bytes out of bounds. In addition, | |
| 32 | + X509_cmp_time accepts an arbitrary number of fractional seconds in the | |
| 33 | + time string. | |
| 34 | + | |
| 35 | + An attacker can use this to craft malformed certificates and CRLs of | |
| 36 | + various sizes and potentially cause a segmentation fault, resulting in | |
| 37 | + a DoS on applications that verify certificates or CRLs. TLS clients | |
| 38 | + that verify CRLs are affected. TLS clients and servers with client | |
| 39 | + authentication enabled may be affected if they use custom verification | |
| 40 | + callbacks. | |
| 41 | + | |
| 42 | + This issue was reported to OpenSSL by Robert Swiecki (Google), and | |
| 43 | + independently by Hanno B?k. | |
| 44 | + (CVE-2015-1789) | |
| 45 | + [Emilia K?per] | |
| 46 | + | |
| 47 | + *) PKCS7 crash with missing EnvelopedContent | |
| 48 | + | |
| 49 | + The PKCS#7 parsing code does not handle missing inner EncryptedContent | |
| 50 | + correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs | |
| 51 | + with missing content and trigger a NULL pointer dereference on parsing. | |
| 52 | + | |
| 53 | + Applications that decrypt PKCS#7 data or otherwise parse PKCS#7 | |
| 54 | + structures from untrusted sources are affected. OpenSSL clients and | |
| 55 | + servers are not affected. | |
| 56 | + | |
| 57 | + This issue was reported to OpenSSL by Michal Zalewski (Google). | |
| 58 | + (CVE-2015-1790) | |
| 59 | + [Emilia K?per] | |
| 60 | + | |
| 61 | + *) CMS verify infinite loop with unknown hash function | |
| 62 | + | |
| 63 | + When verifying a signedData message the CMS code can enter an infinite loop | |
| 64 | + if presented with an unknown hash function OID. This can be used to perform | |
| 65 | + denial of service against any system which verifies signedData messages using | |
| 66 | + the CMS code. | |
| 67 | + This issue was reported to OpenSSL by Johannes Bauer. | |
| 68 | + (CVE-2015-1792) | |
| 69 | + [Stephen Henson] | |
| 70 | + | |
| 71 | + *) Race condition handling NewSessionTicket | |
| 72 | + | |
| 73 | + If a NewSessionTicket is received by a multi-threaded client when attempting to | |
| 74 | + reuse a previous ticket then a race condition can occur potentially leading to | |
| 75 | + a double free of the ticket data. | |
| 76 | + (CVE-2015-1791) | |
| 77 | + [Matt Caswell] | |
| 78 | + | |
| 79 | + *) Removed support for the two export grade static DH ciphersuites | |
| 80 | + EXP-DH-RSA-DES-CBC-SHA and EXP-DH-DSS-DES-CBC-SHA. These two ciphersuites | |
| 81 | + were newly added (along with a number of other static DH ciphersuites) to | |
| 82 | + 1.0.2. However the two export ones have *never* worked since they were | |
| 83 | + introduced. It seems strange in any case to be adding new export | |
| 84 | + ciphersuites, and given "logjam" it also does not seem correct to fix them. | |
| 85 | + [Matt Caswell] | |
| 86 | + | |
| 87 | + *) Only support 256-bit or stronger elliptic curves with the | |
| 88 | + 'ecdh_auto' setting (server) or by default (client). Of supported | |
| 89 | + curves, prefer P-256 (both). | |
| 90 | + [Emilia Kasper] | |
| 91 | + | |
| 92 | + *) Reject DH handshakes with parameters shorter than 768 bits. | |
| 93 | + [Kurt Roeckx and Emilia Kasper] | |
| 94 | + | |
| 5 | 95 | Changes between 1.0.2 and 1.0.2a [19 Mar 2015] |
| 6 | 96 | |
| 7 | 97 | *) ClientHello sigalgs DoS fix |
| @@ -779,6 +779,7 @@ int RAND_pseudo_bytes(unsigned char *buf, int num); | ||
| 779 | 779 | * wouldn't be constructed with top!=dmax. */ \ |
| 780 | 780 | BN_ULONG *_not_const; \ |
| 781 | 781 | memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \ |
| 782 | + /* Debug only - safe to ignore error return */ \ | |
| 782 | 783 | RAND_pseudo_bytes(&_tmp_char, 1); \ |
| 783 | 784 | memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \ |
| 784 | 785 | (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \ |
| @@ -892,6 +893,7 @@ void ERR_load_BN_strings(void); | ||
| 892 | 893 | # define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135 |
| 893 | 894 | # define BN_F_BN_GF2M_MOD_SQR 136 |
| 894 | 895 | # define BN_F_BN_GF2M_MOD_SQRT 137 |
| 896 | +# define BN_F_BN_LSHIFT 145 | |
| 895 | 897 | # define BN_F_BN_MOD_EXP2_MONT 118 |
| 896 | 898 | # define BN_F_BN_MOD_EXP_MONT 109 |
| 897 | 899 | # define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 |
| @@ -907,12 +909,14 @@ void ERR_load_BN_strings(void); | ||
| 907 | 909 | # define BN_F_BN_NEW 113 |
| 908 | 910 | # define BN_F_BN_RAND 114 |
| 909 | 911 | # define BN_F_BN_RAND_RANGE 122 |
| 912 | +# define BN_F_BN_RSHIFT 146 | |
| 910 | 913 | # define BN_F_BN_USUB 115 |
| 911 | 914 | |
| 912 | 915 | /* Reason codes. */ |
| 913 | 916 | # define BN_R_ARG2_LT_ARG3 100 |
| 914 | 917 | # define BN_R_BAD_RECIPROCAL 101 |
| 915 | 918 | # define BN_R_BIGNUM_TOO_LONG 114 |
| 919 | +# define BN_R_BITS_TOO_SMALL 118 | |
| 916 | 920 | # define BN_R_CALLED_WITH_EVEN_MODULUS 102 |
| 917 | 921 | # define BN_R_DIV_BY_ZERO 103 |
| 918 | 922 | # define BN_R_ENCODING_ERROR 104 |
| @@ -920,6 +924,7 @@ void ERR_load_BN_strings(void); | ||
| 920 | 924 | # define BN_R_INPUT_NOT_REDUCED 110 |
| 921 | 925 | # define BN_R_INVALID_LENGTH 106 |
| 922 | 926 | # define BN_R_INVALID_RANGE 115 |
| 927 | +# define BN_R_INVALID_SHIFT 119 | |
| 923 | 928 | # define BN_R_NOT_A_SQUARE 111 |
| 924 | 929 | # define BN_R_NOT_INITIALIZED 107 |
| 925 | 930 | # define BN_R_NO_INVERSE 108 |
| @@ -109,6 +109,12 @@ extern "C" { | ||
| 109 | 109 | # undef OPENSSL_SYS_UNIX |
| 110 | 110 | # define OPENSSL_SYS_WIN32 |
| 111 | 111 | # endif |
| 112 | +# if defined(_WIN64) || defined(OPENSSL_SYSNAME_WIN64) | |
| 113 | +# undef OPENSSL_SYS_UNIX | |
| 114 | +# if !defined(OPENSSL_SYS_WIN64) | |
| 115 | +# define OPENSSL_SYS_WIN64 | |
| 116 | +# endif | |
| 117 | +# endif | |
| 112 | 118 | # if defined(OPENSSL_SYSNAME_WINNT) |
| 113 | 119 | # undef OPENSSL_SYS_UNIX |
| 114 | 120 | # define OPENSSL_SYS_WINNT |
| @@ -121,7 +127,7 @@ extern "C" { | ||
| 121 | 127 | # endif |
| 122 | 128 | |
| 123 | 129 | /* Anything that tries to look like Microsoft is "Windows" */ |
| 124 | -# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE) | |
| 130 | +# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN64) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE) | |
| 125 | 131 | # undef OPENSSL_SYS_UNIX |
| 126 | 132 | # define OPENSSL_SYS_WINDOWS |
| 127 | 133 | # ifndef OPENSSL_SYS_MSDOS |
| @@ -1097,6 +1097,12 @@ void ERR_load_EC_strings(void); | ||
| 1097 | 1097 | # define EC_F_ECPARAMETERS_PRINT_FP 148 |
| 1098 | 1098 | # define EC_F_ECPKPARAMETERS_PRINT 149 |
| 1099 | 1099 | # define EC_F_ECPKPARAMETERS_PRINT_FP 150 |
| 1100 | +# define EC_F_ECP_NISTZ256_GET_AFFINE 240 | |
| 1101 | +# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243 | |
| 1102 | +# define EC_F_ECP_NISTZ256_POINTS_MUL 241 | |
| 1103 | +# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244 | |
| 1104 | +# define EC_F_ECP_NISTZ256_SET_WORDS 245 | |
| 1105 | +# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242 | |
| 1100 | 1106 | # define EC_F_ECP_NIST_MOD_192 203 |
| 1101 | 1107 | # define EC_F_ECP_NIST_MOD_224 204 |
| 1102 | 1108 | # define EC_F_ECP_NIST_MOD_256 205 |
| @@ -1208,11 +1214,6 @@ void ERR_load_EC_strings(void); | ||
| 1208 | 1214 | # define EC_F_NISTP224_PRE_COMP_NEW 227 |
| 1209 | 1215 | # define EC_F_NISTP256_PRE_COMP_NEW 236 |
| 1210 | 1216 | # define EC_F_NISTP521_PRE_COMP_NEW 237 |
| 1211 | -# define EC_F_ECP_NISTZ256_GET_AFFINE 240 | |
| 1212 | -# define EC_F_ECP_NISTZ256_POINTS_MUL 241 | |
| 1213 | -# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242 | |
| 1214 | -# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243 | |
| 1215 | -# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244 | |
| 1216 | 1217 | # define EC_F_O2I_ECPUBLICKEY 152 |
| 1217 | 1218 | # define EC_F_OLD_EC_PRIV_DECODE 222 |
| 1218 | 1219 | # define EC_F_PKEY_EC_CTRL 197 |
| @@ -103,7 +103,6 @@ | ||
| 103 | 103 | # define EVP_PKS_RSA 0x0100 |
| 104 | 104 | # define EVP_PKS_DSA 0x0200 |
| 105 | 105 | # define EVP_PKS_EC 0x0400 |
| 106 | -# define EVP_PKT_EXP 0x1000 /* <= 512 bit key */ | |
| 107 | 106 | |
| 108 | 107 | # define EVP_PKEY_NONE NID_undef |
| 109 | 108 | # define EVP_PKEY_RSA NID_rsaEncryption |
| @@ -424,6 +423,9 @@ struct evp_cipher_st { | ||
| 424 | 423 | # define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b |
| 425 | 424 | # define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c |
| 426 | 425 | |
| 426 | +/* RFC 5246 defines additional data to be 13 bytes in length */ | |
| 427 | +# define EVP_AEAD_TLS1_AAD_LEN 13 | |
| 428 | + | |
| 427 | 429 | typedef struct { |
| 428 | 430 | unsigned char *out; |
| 429 | 431 | const unsigned char *inp; |
| @@ -1121,6 +1123,19 @@ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, | ||
| 1121 | 1123 | void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, |
| 1122 | 1124 | int (*pkey_ctrl) (EVP_PKEY *pkey, int op, |
| 1123 | 1125 | long arg1, void *arg2)); |
| 1126 | +void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth, | |
| 1127 | + int (*item_verify) (EVP_MD_CTX *ctx, | |
| 1128 | + const ASN1_ITEM *it, | |
| 1129 | + void *asn, | |
| 1130 | + X509_ALGOR *a, | |
| 1131 | + ASN1_BIT_STRING *sig, | |
| 1132 | + EVP_PKEY *pkey), | |
| 1133 | + int (*item_sign) (EVP_MD_CTX *ctx, | |
| 1134 | + const ASN1_ITEM *it, | |
| 1135 | + void *asn, | |
| 1136 | + X509_ALGOR *alg1, | |
| 1137 | + X509_ALGOR *alg2, | |
| 1138 | + ASN1_BIT_STRING *sig)); | |
| 1124 | 1139 | |
| 1125 | 1140 | # define EVP_PKEY_OP_UNDEFINED 0 |
| 1126 | 1141 | # define EVP_PKEY_OP_PARAMGEN (1<<1) |
| @@ -30,11 +30,11 @@ extern "C" { | ||
| 30 | 30 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for |
| 31 | 31 | * major minor fix final patch/beta) |
| 32 | 32 | */ |
| 33 | -# define OPENSSL_VERSION_NUMBER 0x1000201fL | |
| 33 | +# define OPENSSL_VERSION_NUMBER 0x1000203fL | |
| 34 | 34 | # ifdef OPENSSL_FIPS |
| 35 | -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2a-fips 19 Mar 2015" | |
| 35 | +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2c-fips 12 Jun 2015" | |
| 36 | 36 | # else |
| 37 | -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2a 19 Mar 2015" | |
| 37 | +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2c 12 Jun 2015" | |
| 38 | 38 | # endif |
| 39 | 39 | # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT |
| 40 | 40 |
| @@ -1727,6 +1727,7 @@ extern "C" { | ||
| 1727 | 1727 | # define SSL_ST_BEFORE 0x4000 |
| 1728 | 1728 | # define SSL_ST_OK 0x03 |
| 1729 | 1729 | # define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT) |
| 1730 | +# define SSL_ST_ERR 0x05 | |
| 1730 | 1731 | |
| 1731 | 1732 | # define SSL_CB_LOOP 0x01 |
| 1732 | 1733 | # define SSL_CB_EXIT 0x02 |
| @@ -2640,6 +2641,7 @@ void ERR_load_SSL_strings(void); | ||
| 2640 | 2641 | # define SSL_F_GET_CLIENT_MASTER_KEY 107 |
| 2641 | 2642 | # define SSL_F_GET_SERVER_FINISHED 108 |
| 2642 | 2643 | # define SSL_F_GET_SERVER_HELLO 109 |
| 2644 | +# define SSL_F_GET_SERVER_STATIC_DH_KEY 340 | |
| 2643 | 2645 | # define SSL_F_GET_SERVER_VERIFY 110 |
| 2644 | 2646 | # define SSL_F_I2D_SSL_SESSION 111 |
| 2645 | 2647 | # define SSL_F_READ_N 112 |
| @@ -2670,6 +2672,7 @@ void ERR_load_SSL_strings(void); | ||
| 2670 | 2672 | # define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 |
| 2671 | 2673 | # define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 |
| 2672 | 2674 | # define SSL_F_SSL3_CHECK_CLIENT_HELLO 304 |
| 2675 | +# define SSL_F_SSL3_CHECK_FINISHED 339 | |
| 2673 | 2676 | # define SSL_F_SSL3_CLIENT_HELLO 131 |
| 2674 | 2677 | # define SSL_F_SSL3_CONNECT 132 |
| 2675 | 2678 | # define SSL_F_SSL3_CTRL 213 |
| @@ -2784,6 +2787,7 @@ void ERR_load_SSL_strings(void); | ||
| 2784 | 2787 | # define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 |
| 2785 | 2788 | # define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 320 |
| 2786 | 2789 | # define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 321 |
| 2790 | +# define SSL_F_SSL_SESSION_DUP 348 | |
| 2787 | 2791 | # define SSL_F_SSL_SESSION_NEW 189 |
| 2788 | 2792 | # define SSL_F_SSL_SESSION_PRINT_FP 190 |
| 2789 | 2793 | # define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312 |
| @@ -2904,6 +2908,7 @@ void ERR_load_SSL_strings(void); | ||
| 2904 | 2908 | # define SSL_R_DATA_LENGTH_TOO_LONG 146 |
| 2905 | 2909 | # define SSL_R_DECRYPTION_FAILED 147 |
| 2906 | 2910 | # define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281 |
| 2911 | +# define SSL_R_DH_KEY_TOO_SMALL 372 | |
| 2907 | 2912 | # define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 |
| 2908 | 2913 | # define SSL_R_DIGEST_CHECK_FAILED 149 |
| 2909 | 2914 | # define SSL_R_DTLS_MESSAGE_TOO_BIG 334 |
| @@ -432,6 +432,12 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); | ||
| 432 | 432 | |
| 433 | 433 | /* Allow partial chains if at least one certificate is in trusted store */ |
| 434 | 434 | # define X509_V_FLAG_PARTIAL_CHAIN 0x80000 |
| 435 | +/* | |
| 436 | + * If the initial chain is not trusted, do not attempt to build an alternative | |
| 437 | + * chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag | |
| 438 | + * will force the behaviour to match that of previous versions. | |
| 439 | + */ | |
| 440 | +# define X509_V_FLAG_NO_ALT_CHAINS 0x100000 | |
| 435 | 441 | |
| 436 | 442 | # define X509_VP_FLAG_DEFAULT 0x1 |
| 437 | 443 | # define X509_VP_FLAG_OVERWRITE 0x2 |
| @@ -5,6 +5,18 @@ | ||
| 5 | 5 | This file gives a brief overview of the major changes between each OpenSSL |
| 6 | 6 | release. For more details please read the CHANGES file. |
| 7 | 7 | |
| 8 | + Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015] | |
| 9 | + | |
| 10 | + o Fix HMAC ABI incompatibility | |
| 11 | + | |
| 12 | + Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015] | |
| 13 | + | |
| 14 | + o Malformed ECParameters causes infinite loop (CVE-2015-1788) | |
| 15 | + o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) | |
| 16 | + o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) | |
| 17 | + o CMS verify infinite loop with unknown hash function (CVE-2015-1792) | |
| 18 | + o Race condition handling NewSessionTicket (CVE-2015-1791) | |
| 19 | + | |
| 8 | 20 | Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015] |
| 9 | 21 | |
| 10 | 22 | o OpenSSL 1.0.2 ClientHello sigalgs DoS fix (CVE-2015-0291) |
| @@ -1,5 +1,5 @@ | ||
| 1 | 1 | |
| 2 | - OpenSSL 1.0.2a 19 Mar 2015 | |
| 2 | + OpenSSL 1.0.2c 12 Jun 2015 | |
| 3 | 3 | |
| 4 | 4 | Copyright (c) 1998-2011 The OpenSSL Project |
| 5 | 5 | Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson |
| @@ -153,15 +153,15 @@ BOOL LoadOpenSSL() | ||
| 153 | 153 | #ifdef ENABLE_PROCESS_PROTECTION |
| 154 | 154 | // 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること |
| 155 | 155 | #if defined(_M_IX86) |
| 156 | - // ssleay32.dll 1.0.2a | |
| 157 | - RegisterTrustedModuleSHA1Hash("\xBF\x60\xD4\x6E\xCE\xC6\xC8\xD1\xF8\xE6\xEE\x9D\x1B\x47\x4E\x7B\x71\xBC\xBC\x3E"); | |
| 158 | - // libeay32.dll 1.0.2a | |
| 159 | - RegisterTrustedModuleSHA1Hash("\xD7\xFF\x8B\xB9\xBD\x31\xAE\x3C\x7F\xE3\xC6\xC5\xEF\xEA\x0E\x4D\xA0\x57\x94\x9E"); | |
| 156 | + // ssleay32.dll 1.0.2c | |
| 157 | + RegisterTrustedModuleSHA1Hash("\x52\x8D\x30\xE5\xF5\x41\x8E\x16\x8A\x31\x8D\x36\xEA\xB7\xE0\x93\x4F\x13\x0B\x48"); | |
| 158 | + // libeay32.dll 1.0.2c | |
| 159 | + RegisterTrustedModuleSHA1Hash("\x22\x3A\xCE\x78\xAC\x4B\x02\x20\x05\x61\x1B\xC5\xBF\xE7\x37\x7D\xD9\xDF\xE6\x1B"); | |
| 160 | 160 | #elif defined(_M_AMD64) |
| 161 | - // ssleay32.dll 1.0.2a | |
| 162 | - RegisterTrustedModuleSHA1Hash("\x65\x59\x15\x76\x68\x21\xE0\x5D\xA8\xF5\x9D\x45\x31\x67\x1C\x48\xE3\x36\x82\xCF"); | |
| 163 | - // libeay32.dll 1.0.2a | |
| 164 | - RegisterTrustedModuleSHA1Hash("\x6B\x8E\x8B\x48\xE2\xFC\x8F\xE7\xFA\xBD\x84\x71\x4D\x16\xB9\x8F\x54\x00\xD0\x9A"); | |
| 161 | + // ssleay32.dll 1.0.2c | |
| 162 | + RegisterTrustedModuleSHA1Hash("\x9E\xE1\xA7\x17\x2C\x78\xA7\x11\xEB\x11\x95\x95\x21\x18\x0F\x29\x6B\xDF\xE6\xDF"); | |
| 163 | + // libeay32.dll 1.0.2c | |
| 164 | + RegisterTrustedModuleSHA1Hash("\x86\x8B\x4B\x13\x3C\x51\x29\x91\x2D\xD3\x81\x8D\x03\x8E\x5E\x43\xEB\x1C\xA8\x5C"); | |
| 165 | 165 | #endif |
| 166 | 166 | #endif |
| 167 | 167 | g_hOpenSSL = LoadLibrary("ssleay32.dll"); |
Fork