FFFTPのソースコードです。
| Revision | aac1eb09918d65dc2e50c0df14b002ad9bba9612 (tree) |
|---|---|
| Zeit | 2013-02-12 12:05:52 |
| Autor | s_kawamoto <s_kawamoto@user...> |
| Commiter | s_kawamoto |
Update OpenSSL to 1.0.1e.
FFFTP_Eng_Release/FFFTP.exe (diff) Release/FFFTP.exe (diff) contrib/openssl/bin/libeay32.dll (diff) contrib/openssl/bin/libssl32.dll (diff) contrib/openssl/bin/ssleay32.dll (diff)
contrib/openssl/changes.txt (diff) contrib/openssl/faq.txt (diff)
contrib/openssl/include/openssl/opensslv.h (diff) contrib/openssl/news.txt (diff) contrib/openssl/readme.txt (diff) dist/libeay32.dll (diff) dist/ssleay32.dll (diff)
socketwrapper.c (diff)| @@ -2,6 +2,10 @@ | ||
| 2 | 2 | OpenSSL CHANGES |
| 3 | 3 | _______________ |
| 4 | 4 | |
| 5 | + Changes between 1.0.1d and 1.0.1e [11 Feb 2013] | |
| 6 | + | |
| 7 | + *) | |
| 8 | + | |
| 5 | 9 | Changes between 1.0.1c and 1.0.1d [5 Feb 2013] |
| 6 | 10 | |
| 7 | 11 | *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time. |
| @@ -83,11 +83,11 @@ OpenSSL - Frequently Asked Questions | ||
| 83 | 83 | * Which is the current version of OpenSSL? |
| 84 | 84 | |
| 85 | 85 | The current version is available from <URL: http://www.openssl.org>. |
| 86 | -OpenSSL 1.0.1d was released on Feb 5th, 2013. | |
| 86 | +OpenSSL 1.0.1e was released on Feb 11th, 2013. | |
| 87 | 87 | |
| 88 | 88 | In addition to the current stable release, you can also access daily |
| 89 | 89 | snapshots of the OpenSSL development version at <URL: |
| 90 | -ftp://ftp.openssl.org/snapshot/>, or get it by anonymous CVS access. | |
| 90 | +ftp://ftp.openssl.org/snapshot/>, or get it by anonymous Git access. | |
| 91 | 91 | |
| 92 | 92 | |
| 93 | 93 | * Where is the documentation? |
| @@ -25,11 +25,11 @@ | ||
| 25 | 25 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for |
| 26 | 26 | * major minor fix final patch/beta) |
| 27 | 27 | */ |
| 28 | -#define OPENSSL_VERSION_NUMBER 0x1000104fL | |
| 28 | +#define OPENSSL_VERSION_NUMBER 0x1000105fL | |
| 29 | 29 | #ifdef OPENSSL_FIPS |
| 30 | -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1d-fips 5 Feb 2013" | |
| 30 | +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e-fips 11 Feb 2013" | |
| 31 | 31 | #else |
| 32 | -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1d 5 Feb 2013" | |
| 32 | +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e 11 Feb 2013" | |
| 33 | 33 | #endif |
| 34 | 34 | #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT |
| 35 | 35 |
| @@ -5,6 +5,10 @@ | ||
| 5 | 5 | This file gives a brief overview of the major changes between each OpenSSL |
| 6 | 6 | release. For more details please read the CHANGES file. |
| 7 | 7 | |
| 8 | + Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e: | |
| 9 | + | |
| 10 | + o Corrected fix for CVE-2013-0169 | |
| 11 | + | |
| 8 | 12 | Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d: |
| 9 | 13 | |
| 10 | 14 | o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. |
| @@ -1,5 +1,5 @@ | ||
| 1 | 1 | |
| 2 | - OpenSSL 1.0.1d 5 Feb 2013 | |
| 2 | + OpenSSL 1.0.1e 11 Feb 2013 | |
| 3 | 3 | |
| 4 | 4 | Copyright (c) 1998-2011 The OpenSSL Project |
| 5 | 5 | Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson |
| @@ -190,7 +190,7 @@ | ||
| 190 | 190 | reason as to why that feature isn't implemented. |
| 191 | 191 | |
| 192 | 192 | Patches should be as up to date as possible, preferably relative to the |
| 193 | - current CVS or the last snapshot. They should follow the coding style of | |
| 193 | + current Git or the last snapshot. They should follow the coding style of | |
| 194 | 194 | OpenSSL and compile without warnings. Some of the core team developer targets |
| 195 | 195 | can be used for testing purposes, (debug-steve64, debug-geoff etc). OpenSSL |
| 196 | 196 | compiles on many varied platforms: try to ensure you only use portable |
| @@ -116,10 +116,10 @@ BOOL LoadOpenSSL() | ||
| 116 | 116 | return FALSE; |
| 117 | 117 | #ifdef ENABLE_PROCESS_PROTECTION |
| 118 | 118 | // 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること |
| 119 | - // ssleay32.dll 1.0.1d | |
| 120 | - RegisterTrustedModuleSHA1Hash("\x52\x2F\xA2\x9D\xDC\x20\x73\x1D\xDF\x08\xEF\x79\x63\xA8\xB7\xC7\x68\xAC\x9F\xF4"); | |
| 121 | - // libeay32.dll 1.0.1d | |
| 122 | - RegisterTrustedModuleSHA1Hash("\x16\x46\x92\xB4\x55\x67\xA4\x0B\x25\x0B\xBF\x05\xA7\xC7\x9E\xB7\x0F\x6E\xBE\x0D"); | |
| 119 | + // ssleay32.dll 1.0.1e | |
| 120 | + RegisterTrustedModuleSHA1Hash("\xE8\x9A\x16\xDF\xCE\xA2\x7E\x55\x28\xC4\x78\x1A\x21\x40\xCB\x57\xDC\x40\xCD\x61"); | |
| 121 | + // libeay32.dll 1.0.1e | |
| 122 | + RegisterTrustedModuleSHA1Hash("\x38\xC8\x30\xCB\xE0\x5D\x4E\xF7\xA1\x93\xBB\xF7\x54\xA5\x21\xC8\xF7\xA1\x85\xC5"); | |
| 123 | 123 | #endif |
| 124 | 124 | g_hOpenSSL = LoadLibrary("ssleay32.dll"); |
| 125 | 125 | // バージョン固定のためlibssl32.dllの読み込みは脆弱性の原因になり得るので廃止 |
Fork