FFFTPのソースコードです。
Révision | e2254d6a32e411603bd40d67fd6e174357eb6ed5 (tree) |
---|---|
l'heure | 2015-06-13 17:42:30 |
Auteur | s_kawamoto <s_kawamoto@user...> |
Commiter | s_kawamoto |
Update OpenSSL to 1.0.2c.
@@ -81,7 +81,7 @@ | ||
81 | 81 | // ソフトウェア自動更新 |
82 | 82 | // リリースバージョンはリリース予定年(10進数4桁)+月(2桁)+日(2桁)+通し番号(0スタート2桁)とする |
83 | 83 | // 2014年7月31日中の30個目のリリースは2014073129 |
84 | -#define RELEASE_VERSION_NUM 2015051600 /* リリースバージョン */ | |
84 | +#define RELEASE_VERSION_NUM 2015061300 /* リリースバージョン */ | |
85 | 85 | |
86 | 86 | |
87 | 87 | // SourceForge.JPによるフォーク |
@@ -2,6 +2,96 @@ | ||
2 | 2 | OpenSSL CHANGES |
3 | 3 | _______________ |
4 | 4 | |
5 | + Changes between 1.0.2b and 1.0.2c [12 Jun 2015] | |
6 | + | |
7 | + *) Fix HMAC ABI incompatibility. The previous version introduced an ABI | |
8 | + incompatibility in the handling of HMAC. The previous ABI has now been | |
9 | + restored. | |
10 | + | |
11 | + Changes between 1.0.2a and 1.0.2b [11 Jun 2015] | |
12 | + | |
13 | + *) Malformed ECParameters causes infinite loop | |
14 | + | |
15 | + When processing an ECParameters structure OpenSSL enters an infinite loop | |
16 | + if the curve specified is over a specially malformed binary polynomial | |
17 | + field. | |
18 | + | |
19 | + This can be used to perform denial of service against any | |
20 | + system which processes public keys, certificate requests or | |
21 | + certificates. This includes TLS clients and TLS servers with | |
22 | + client authentication enabled. | |
23 | + | |
24 | + This issue was reported to OpenSSL by Joseph Barr-Pixton. | |
25 | + (CVE-2015-1788) | |
26 | + [Andy Polyakov] | |
27 | + | |
28 | + *) Exploitable out-of-bounds read in X509_cmp_time | |
29 | + | |
30 | + X509_cmp_time does not properly check the length of the ASN1_TIME | |
31 | + string and can read a few bytes out of bounds. In addition, | |
32 | + X509_cmp_time accepts an arbitrary number of fractional seconds in the | |
33 | + time string. | |
34 | + | |
35 | + An attacker can use this to craft malformed certificates and CRLs of | |
36 | + various sizes and potentially cause a segmentation fault, resulting in | |
37 | + a DoS on applications that verify certificates or CRLs. TLS clients | |
38 | + that verify CRLs are affected. TLS clients and servers with client | |
39 | + authentication enabled may be affected if they use custom verification | |
40 | + callbacks. | |
41 | + | |
42 | + This issue was reported to OpenSSL by Robert Swiecki (Google), and | |
43 | + independently by Hanno B?k. | |
44 | + (CVE-2015-1789) | |
45 | + [Emilia K?per] | |
46 | + | |
47 | + *) PKCS7 crash with missing EnvelopedContent | |
48 | + | |
49 | + The PKCS#7 parsing code does not handle missing inner EncryptedContent | |
50 | + correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs | |
51 | + with missing content and trigger a NULL pointer dereference on parsing. | |
52 | + | |
53 | + Applications that decrypt PKCS#7 data or otherwise parse PKCS#7 | |
54 | + structures from untrusted sources are affected. OpenSSL clients and | |
55 | + servers are not affected. | |
56 | + | |
57 | + This issue was reported to OpenSSL by Michal Zalewski (Google). | |
58 | + (CVE-2015-1790) | |
59 | + [Emilia K?per] | |
60 | + | |
61 | + *) CMS verify infinite loop with unknown hash function | |
62 | + | |
63 | + When verifying a signedData message the CMS code can enter an infinite loop | |
64 | + if presented with an unknown hash function OID. This can be used to perform | |
65 | + denial of service against any system which verifies signedData messages using | |
66 | + the CMS code. | |
67 | + This issue was reported to OpenSSL by Johannes Bauer. | |
68 | + (CVE-2015-1792) | |
69 | + [Stephen Henson] | |
70 | + | |
71 | + *) Race condition handling NewSessionTicket | |
72 | + | |
73 | + If a NewSessionTicket is received by a multi-threaded client when attempting to | |
74 | + reuse a previous ticket then a race condition can occur potentially leading to | |
75 | + a double free of the ticket data. | |
76 | + (CVE-2015-1791) | |
77 | + [Matt Caswell] | |
78 | + | |
79 | + *) Removed support for the two export grade static DH ciphersuites | |
80 | + EXP-DH-RSA-DES-CBC-SHA and EXP-DH-DSS-DES-CBC-SHA. These two ciphersuites | |
81 | + were newly added (along with a number of other static DH ciphersuites) to | |
82 | + 1.0.2. However the two export ones have *never* worked since they were | |
83 | + introduced. It seems strange in any case to be adding new export | |
84 | + ciphersuites, and given "logjam" it also does not seem correct to fix them. | |
85 | + [Matt Caswell] | |
86 | + | |
87 | + *) Only support 256-bit or stronger elliptic curves with the | |
88 | + 'ecdh_auto' setting (server) or by default (client). Of supported | |
89 | + curves, prefer P-256 (both). | |
90 | + [Emilia Kasper] | |
91 | + | |
92 | + *) Reject DH handshakes with parameters shorter than 768 bits. | |
93 | + [Kurt Roeckx and Emilia Kasper] | |
94 | + | |
5 | 95 | Changes between 1.0.2 and 1.0.2a [19 Mar 2015] |
6 | 96 | |
7 | 97 | *) ClientHello sigalgs DoS fix |
@@ -779,6 +779,7 @@ int RAND_pseudo_bytes(unsigned char *buf, int num); | ||
779 | 779 | * wouldn't be constructed with top!=dmax. */ \ |
780 | 780 | BN_ULONG *_not_const; \ |
781 | 781 | memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \ |
782 | + /* Debug only - safe to ignore error return */ \ | |
782 | 783 | RAND_pseudo_bytes(&_tmp_char, 1); \ |
783 | 784 | memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \ |
784 | 785 | (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \ |
@@ -892,6 +893,7 @@ void ERR_load_BN_strings(void); | ||
892 | 893 | # define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135 |
893 | 894 | # define BN_F_BN_GF2M_MOD_SQR 136 |
894 | 895 | # define BN_F_BN_GF2M_MOD_SQRT 137 |
896 | +# define BN_F_BN_LSHIFT 145 | |
895 | 897 | # define BN_F_BN_MOD_EXP2_MONT 118 |
896 | 898 | # define BN_F_BN_MOD_EXP_MONT 109 |
897 | 899 | # define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 |
@@ -907,12 +909,14 @@ void ERR_load_BN_strings(void); | ||
907 | 909 | # define BN_F_BN_NEW 113 |
908 | 910 | # define BN_F_BN_RAND 114 |
909 | 911 | # define BN_F_BN_RAND_RANGE 122 |
912 | +# define BN_F_BN_RSHIFT 146 | |
910 | 913 | # define BN_F_BN_USUB 115 |
911 | 914 | |
912 | 915 | /* Reason codes. */ |
913 | 916 | # define BN_R_ARG2_LT_ARG3 100 |
914 | 917 | # define BN_R_BAD_RECIPROCAL 101 |
915 | 918 | # define BN_R_BIGNUM_TOO_LONG 114 |
919 | +# define BN_R_BITS_TOO_SMALL 118 | |
916 | 920 | # define BN_R_CALLED_WITH_EVEN_MODULUS 102 |
917 | 921 | # define BN_R_DIV_BY_ZERO 103 |
918 | 922 | # define BN_R_ENCODING_ERROR 104 |
@@ -920,6 +924,7 @@ void ERR_load_BN_strings(void); | ||
920 | 924 | # define BN_R_INPUT_NOT_REDUCED 110 |
921 | 925 | # define BN_R_INVALID_LENGTH 106 |
922 | 926 | # define BN_R_INVALID_RANGE 115 |
927 | +# define BN_R_INVALID_SHIFT 119 | |
923 | 928 | # define BN_R_NOT_A_SQUARE 111 |
924 | 929 | # define BN_R_NOT_INITIALIZED 107 |
925 | 930 | # define BN_R_NO_INVERSE 108 |
@@ -109,6 +109,12 @@ extern "C" { | ||
109 | 109 | # undef OPENSSL_SYS_UNIX |
110 | 110 | # define OPENSSL_SYS_WIN32 |
111 | 111 | # endif |
112 | +# if defined(_WIN64) || defined(OPENSSL_SYSNAME_WIN64) | |
113 | +# undef OPENSSL_SYS_UNIX | |
114 | +# if !defined(OPENSSL_SYS_WIN64) | |
115 | +# define OPENSSL_SYS_WIN64 | |
116 | +# endif | |
117 | +# endif | |
112 | 118 | # if defined(OPENSSL_SYSNAME_WINNT) |
113 | 119 | # undef OPENSSL_SYS_UNIX |
114 | 120 | # define OPENSSL_SYS_WINNT |
@@ -121,7 +127,7 @@ extern "C" { | ||
121 | 127 | # endif |
122 | 128 | |
123 | 129 | /* Anything that tries to look like Microsoft is "Windows" */ |
124 | -# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE) | |
130 | +# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN64) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE) | |
125 | 131 | # undef OPENSSL_SYS_UNIX |
126 | 132 | # define OPENSSL_SYS_WINDOWS |
127 | 133 | # ifndef OPENSSL_SYS_MSDOS |
@@ -1097,6 +1097,12 @@ void ERR_load_EC_strings(void); | ||
1097 | 1097 | # define EC_F_ECPARAMETERS_PRINT_FP 148 |
1098 | 1098 | # define EC_F_ECPKPARAMETERS_PRINT 149 |
1099 | 1099 | # define EC_F_ECPKPARAMETERS_PRINT_FP 150 |
1100 | +# define EC_F_ECP_NISTZ256_GET_AFFINE 240 | |
1101 | +# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243 | |
1102 | +# define EC_F_ECP_NISTZ256_POINTS_MUL 241 | |
1103 | +# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244 | |
1104 | +# define EC_F_ECP_NISTZ256_SET_WORDS 245 | |
1105 | +# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242 | |
1100 | 1106 | # define EC_F_ECP_NIST_MOD_192 203 |
1101 | 1107 | # define EC_F_ECP_NIST_MOD_224 204 |
1102 | 1108 | # define EC_F_ECP_NIST_MOD_256 205 |
@@ -1208,11 +1214,6 @@ void ERR_load_EC_strings(void); | ||
1208 | 1214 | # define EC_F_NISTP224_PRE_COMP_NEW 227 |
1209 | 1215 | # define EC_F_NISTP256_PRE_COMP_NEW 236 |
1210 | 1216 | # define EC_F_NISTP521_PRE_COMP_NEW 237 |
1211 | -# define EC_F_ECP_NISTZ256_GET_AFFINE 240 | |
1212 | -# define EC_F_ECP_NISTZ256_POINTS_MUL 241 | |
1213 | -# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242 | |
1214 | -# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243 | |
1215 | -# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244 | |
1216 | 1217 | # define EC_F_O2I_ECPUBLICKEY 152 |
1217 | 1218 | # define EC_F_OLD_EC_PRIV_DECODE 222 |
1218 | 1219 | # define EC_F_PKEY_EC_CTRL 197 |
@@ -103,7 +103,6 @@ | ||
103 | 103 | # define EVP_PKS_RSA 0x0100 |
104 | 104 | # define EVP_PKS_DSA 0x0200 |
105 | 105 | # define EVP_PKS_EC 0x0400 |
106 | -# define EVP_PKT_EXP 0x1000 /* <= 512 bit key */ | |
107 | 106 | |
108 | 107 | # define EVP_PKEY_NONE NID_undef |
109 | 108 | # define EVP_PKEY_RSA NID_rsaEncryption |
@@ -424,6 +423,9 @@ struct evp_cipher_st { | ||
424 | 423 | # define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b |
425 | 424 | # define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c |
426 | 425 | |
426 | +/* RFC 5246 defines additional data to be 13 bytes in length */ | |
427 | +# define EVP_AEAD_TLS1_AAD_LEN 13 | |
428 | + | |
427 | 429 | typedef struct { |
428 | 430 | unsigned char *out; |
429 | 431 | const unsigned char *inp; |
@@ -1121,6 +1123,19 @@ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, | ||
1121 | 1123 | void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, |
1122 | 1124 | int (*pkey_ctrl) (EVP_PKEY *pkey, int op, |
1123 | 1125 | long arg1, void *arg2)); |
1126 | +void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth, | |
1127 | + int (*item_verify) (EVP_MD_CTX *ctx, | |
1128 | + const ASN1_ITEM *it, | |
1129 | + void *asn, | |
1130 | + X509_ALGOR *a, | |
1131 | + ASN1_BIT_STRING *sig, | |
1132 | + EVP_PKEY *pkey), | |
1133 | + int (*item_sign) (EVP_MD_CTX *ctx, | |
1134 | + const ASN1_ITEM *it, | |
1135 | + void *asn, | |
1136 | + X509_ALGOR *alg1, | |
1137 | + X509_ALGOR *alg2, | |
1138 | + ASN1_BIT_STRING *sig)); | |
1124 | 1139 | |
1125 | 1140 | # define EVP_PKEY_OP_UNDEFINED 0 |
1126 | 1141 | # define EVP_PKEY_OP_PARAMGEN (1<<1) |
@@ -30,11 +30,11 @@ extern "C" { | ||
30 | 30 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for |
31 | 31 | * major minor fix final patch/beta) |
32 | 32 | */ |
33 | -# define OPENSSL_VERSION_NUMBER 0x1000201fL | |
33 | +# define OPENSSL_VERSION_NUMBER 0x1000203fL | |
34 | 34 | # ifdef OPENSSL_FIPS |
35 | -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2a-fips 19 Mar 2015" | |
35 | +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2c-fips 12 Jun 2015" | |
36 | 36 | # else |
37 | -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2a 19 Mar 2015" | |
37 | +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2c 12 Jun 2015" | |
38 | 38 | # endif |
39 | 39 | # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT |
40 | 40 |
@@ -1727,6 +1727,7 @@ extern "C" { | ||
1727 | 1727 | # define SSL_ST_BEFORE 0x4000 |
1728 | 1728 | # define SSL_ST_OK 0x03 |
1729 | 1729 | # define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT) |
1730 | +# define SSL_ST_ERR 0x05 | |
1730 | 1731 | |
1731 | 1732 | # define SSL_CB_LOOP 0x01 |
1732 | 1733 | # define SSL_CB_EXIT 0x02 |
@@ -2640,6 +2641,7 @@ void ERR_load_SSL_strings(void); | ||
2640 | 2641 | # define SSL_F_GET_CLIENT_MASTER_KEY 107 |
2641 | 2642 | # define SSL_F_GET_SERVER_FINISHED 108 |
2642 | 2643 | # define SSL_F_GET_SERVER_HELLO 109 |
2644 | +# define SSL_F_GET_SERVER_STATIC_DH_KEY 340 | |
2643 | 2645 | # define SSL_F_GET_SERVER_VERIFY 110 |
2644 | 2646 | # define SSL_F_I2D_SSL_SESSION 111 |
2645 | 2647 | # define SSL_F_READ_N 112 |
@@ -2670,6 +2672,7 @@ void ERR_load_SSL_strings(void); | ||
2670 | 2672 | # define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 |
2671 | 2673 | # define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 |
2672 | 2674 | # define SSL_F_SSL3_CHECK_CLIENT_HELLO 304 |
2675 | +# define SSL_F_SSL3_CHECK_FINISHED 339 | |
2673 | 2676 | # define SSL_F_SSL3_CLIENT_HELLO 131 |
2674 | 2677 | # define SSL_F_SSL3_CONNECT 132 |
2675 | 2678 | # define SSL_F_SSL3_CTRL 213 |
@@ -2784,6 +2787,7 @@ void ERR_load_SSL_strings(void); | ||
2784 | 2787 | # define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 |
2785 | 2788 | # define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 320 |
2786 | 2789 | # define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 321 |
2790 | +# define SSL_F_SSL_SESSION_DUP 348 | |
2787 | 2791 | # define SSL_F_SSL_SESSION_NEW 189 |
2788 | 2792 | # define SSL_F_SSL_SESSION_PRINT_FP 190 |
2789 | 2793 | # define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312 |
@@ -2904,6 +2908,7 @@ void ERR_load_SSL_strings(void); | ||
2904 | 2908 | # define SSL_R_DATA_LENGTH_TOO_LONG 146 |
2905 | 2909 | # define SSL_R_DECRYPTION_FAILED 147 |
2906 | 2910 | # define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281 |
2911 | +# define SSL_R_DH_KEY_TOO_SMALL 372 | |
2907 | 2912 | # define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 |
2908 | 2913 | # define SSL_R_DIGEST_CHECK_FAILED 149 |
2909 | 2914 | # define SSL_R_DTLS_MESSAGE_TOO_BIG 334 |
@@ -432,6 +432,12 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); | ||
432 | 432 | |
433 | 433 | /* Allow partial chains if at least one certificate is in trusted store */ |
434 | 434 | # define X509_V_FLAG_PARTIAL_CHAIN 0x80000 |
435 | +/* | |
436 | + * If the initial chain is not trusted, do not attempt to build an alternative | |
437 | + * chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag | |
438 | + * will force the behaviour to match that of previous versions. | |
439 | + */ | |
440 | +# define X509_V_FLAG_NO_ALT_CHAINS 0x100000 | |
435 | 441 | |
436 | 442 | # define X509_VP_FLAG_DEFAULT 0x1 |
437 | 443 | # define X509_VP_FLAG_OVERWRITE 0x2 |
@@ -5,6 +5,18 @@ | ||
5 | 5 | This file gives a brief overview of the major changes between each OpenSSL |
6 | 6 | release. For more details please read the CHANGES file. |
7 | 7 | |
8 | + Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015] | |
9 | + | |
10 | + o Fix HMAC ABI incompatibility | |
11 | + | |
12 | + Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015] | |
13 | + | |
14 | + o Malformed ECParameters causes infinite loop (CVE-2015-1788) | |
15 | + o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) | |
16 | + o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) | |
17 | + o CMS verify infinite loop with unknown hash function (CVE-2015-1792) | |
18 | + o Race condition handling NewSessionTicket (CVE-2015-1791) | |
19 | + | |
8 | 20 | Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015] |
9 | 21 | |
10 | 22 | o OpenSSL 1.0.2 ClientHello sigalgs DoS fix (CVE-2015-0291) |
@@ -1,5 +1,5 @@ | ||
1 | 1 | |
2 | - OpenSSL 1.0.2a 19 Mar 2015 | |
2 | + OpenSSL 1.0.2c 12 Jun 2015 | |
3 | 3 | |
4 | 4 | Copyright (c) 1998-2011 The OpenSSL Project |
5 | 5 | Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson |
@@ -153,15 +153,15 @@ BOOL LoadOpenSSL() | ||
153 | 153 | #ifdef ENABLE_PROCESS_PROTECTION |
154 | 154 | // 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること |
155 | 155 | #if defined(_M_IX86) |
156 | - // ssleay32.dll 1.0.2a | |
157 | - RegisterTrustedModuleSHA1Hash("\xBF\x60\xD4\x6E\xCE\xC6\xC8\xD1\xF8\xE6\xEE\x9D\x1B\x47\x4E\x7B\x71\xBC\xBC\x3E"); | |
158 | - // libeay32.dll 1.0.2a | |
159 | - RegisterTrustedModuleSHA1Hash("\xD7\xFF\x8B\xB9\xBD\x31\xAE\x3C\x7F\xE3\xC6\xC5\xEF\xEA\x0E\x4D\xA0\x57\x94\x9E"); | |
156 | + // ssleay32.dll 1.0.2c | |
157 | + RegisterTrustedModuleSHA1Hash("\x52\x8D\x30\xE5\xF5\x41\x8E\x16\x8A\x31\x8D\x36\xEA\xB7\xE0\x93\x4F\x13\x0B\x48"); | |
158 | + // libeay32.dll 1.0.2c | |
159 | + RegisterTrustedModuleSHA1Hash("\x22\x3A\xCE\x78\xAC\x4B\x02\x20\x05\x61\x1B\xC5\xBF\xE7\x37\x7D\xD9\xDF\xE6\x1B"); | |
160 | 160 | #elif defined(_M_AMD64) |
161 | - // ssleay32.dll 1.0.2a | |
162 | - RegisterTrustedModuleSHA1Hash("\x65\x59\x15\x76\x68\x21\xE0\x5D\xA8\xF5\x9D\x45\x31\x67\x1C\x48\xE3\x36\x82\xCF"); | |
163 | - // libeay32.dll 1.0.2a | |
164 | - RegisterTrustedModuleSHA1Hash("\x6B\x8E\x8B\x48\xE2\xFC\x8F\xE7\xFA\xBD\x84\x71\x4D\x16\xB9\x8F\x54\x00\xD0\x9A"); | |
161 | + // ssleay32.dll 1.0.2c | |
162 | + RegisterTrustedModuleSHA1Hash("\x9E\xE1\xA7\x17\x2C\x78\xA7\x11\xEB\x11\x95\x95\x21\x18\x0F\x29\x6B\xDF\xE6\xDF"); | |
163 | + // libeay32.dll 1.0.2c | |
164 | + RegisterTrustedModuleSHA1Hash("\x86\x8B\x4B\x13\x3C\x51\x29\x91\x2D\xD3\x81\x8D\x03\x8E\x5E\x43\xEB\x1C\xA8\x5C"); | |
165 | 165 | #endif |
166 | 166 | #endif |
167 | 167 | g_hOpenSSL = LoadLibrary("ssleay32.dll"); |