• R/O
  • HTTP
  • SSH
  • HTTPS

Commit

Tags
Keine Tags

Frequently used words (click to add to your profile)

javaandroidc++linuxc#objective-ccocoa誰得qtrubybathyscaphegamephpguiwindowsc翻訳pythonomegattwitterframeworkbtronarduinovb.net計画中(planning stage)directxpreviewertestゲームエンジンdom

FFFTPのソースコードです。


Commit MetaInfo

Revisiona6deff84784c0a05b574f8998f9dd00ed6a0209d (tree)
Zeit2016-11-13 10:27:45
Autors_kawamoto <s_kawamoto@user...>
Commiters_kawamoto

Log Message

Update OpenSSL to 1.1.0c.
Update PEM file.

Ändern Zusammenfassung

Diff

Binary files a/FFFTP_Eng_Release/FFFTP.exe and b/FFFTP_Eng_Release/FFFTP.exe differ
Binary files a/FFFTP_Eng_Release_64/FFFTP.exe and b/FFFTP_Eng_Release_64/FFFTP.exe differ
Binary files a/Release/FFFTP.exe and b/Release/FFFTP.exe differ
Binary files a/Release_64/FFFTP.exe and b/Release_64/FFFTP.exe differ
--- a/Resource/FFFTP.rc
+++ b/Resource/FFFTP.rc
@@ -242,7 +242,7 @@ FONT 9, "MS Shell Dlg", 0, 0, 0x0
242242 BEGIN
243243 DEFPUSHBUTTON "OK",IDOK,133,294,50,14
244244 ICON ffftp,-1,7,4,20,20
245- CTEXT "FFFTP Ver 1.99a-20160927",-1,113,11,90,8
245+ CTEXT "FFFTP Ver 1.99a-20161113",-1,113,11,90,8
246246 CTEXT "FFFTP‚Ífreeware‚Å‚·",-1,7,279,305,8
247247 CTEXT "Copyright(C) 1997-2010 Sota & ‚²‹¦—Í‚¢‚½‚¾‚¢‚½•ûX\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, ‚¤‚ȁ[, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, ‚Ó‚¤‚¹‚ñ)",-1,7,25,305,44,SS_NOPREFIX
248248 CTEXT "",ABOUT_JRE,7,96,305,8
@@ -2213,8 +2213,8 @@ nodrop_csr CURSOR "nodrop_c.cur"
22132213 //
22142214
22152215 VS_VERSION_INFO VERSIONINFO
2216- FILEVERSION 1,99,1,7
2217- PRODUCTVERSION 1,99,1,7
2216+ FILEVERSION 1,99,1,8
2217+ PRODUCTVERSION 1,99,1,8
22182218 FILEFLAGSMASK 0x3fL
22192219 #ifdef _DEBUG
22202220 FILEFLAGS 0x1L
@@ -2232,12 +2232,12 @@ BEGIN
22322232 VALUE "Comments", "‚±‚ê‚̓tƒŠ[ƒ\ƒtƒgƒEƒGƒA‚Å‚·B"
22332233 VALUE "CompanyName", "Sota, FFFTP Project"
22342234 VALUE "FileDescription", "FFFTP"
2235- VALUE "FileVersion", "1, 99, 1, 7"
2235+ VALUE "FileVersion", "1, 99, 1, 8"
22362236 VALUE "InternalName", "FFFTP"
22372237 VALUE "LegalCopyright", "Copyright (C) 1997-2010 Sota & ‚²‹¦—Í‚¢‚½‚¾‚¢‚½•ûX\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, ‚¤‚ȁ[, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, ‚Ó‚¤‚¹‚ñ)."
22382238 VALUE "OriginalFilename", "FFFTP.exe"
22392239 VALUE "ProductName", "FFFTP"
2240- VALUE "ProductVersion", "1, 99, 1, 7"
2240+ VALUE "ProductVersion", "1, 99, 1, 8"
22412241 END
22422242 END
22432243 BLOCK "VarFileInfo"
--- a/Resource_eng/ffftp.rc
+++ b/Resource_eng/ffftp.rc
@@ -242,7 +242,7 @@ FONT 9, "MS Shell Dlg", 0, 0, 0x0
242242 BEGIN
243243 DEFPUSHBUTTON "OK",IDOK,132,296,50,14
244244 ICON ffftp,-1,7,4,20,20
245- CTEXT "FFFTP Ver 1.99a-20160927",-1,110,11,90,8
245+ CTEXT "FFFTP Ver 1.99a-20161113",-1,110,11,90,8
246246 CTEXT "FFFTP is freeware",-1,7,281,301,8
247247 CTEXT "Copyright(C) 1997-2010 Sota && cooperators\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, unarist, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, Fu-sen)",-1,7,25,301,44
248248 CTEXT "",ABOUT_JRE,7,93,301,8
@@ -2253,8 +2253,8 @@ nodrop_csr CURSOR "nodrop_c.cur"
22532253 //
22542254
22552255 VS_VERSION_INFO VERSIONINFO
2256- FILEVERSION 1,99,1,7
2257- PRODUCTVERSION 1,99,1,7
2256+ FILEVERSION 1,99,1,8
2257+ PRODUCTVERSION 1,99,1,8
22582258 FILEFLAGSMASK 0x3fL
22592259 #ifdef _DEBUG
22602260 FILEFLAGS 0x1L
@@ -2272,12 +2272,12 @@ BEGIN
22722272 VALUE "Comments", "This software is Free Software"
22732273 VALUE "CompanyName", "Sota, FFFTP Project"
22742274 VALUE "FileDescription", "FFFTP"
2275- VALUE "FileVersion", "1, 99, 1, 7"
2275+ VALUE "FileVersion", "1, 99, 1, 8"
22762276 VALUE "InternalName", "FFFTP"
22772277 VALUE "LegalCopyright", "Copyright (C) 1997-2010 Sota & cooperators\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, unarist, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, Fu-sen)."
22782278 VALUE "OriginalFilename", "FFFTP.exe"
22792279 VALUE "ProductName", "FFFTP"
2280- VALUE "ProductVersion", "1, 99, 1, 7"
2280+ VALUE "ProductVersion", "1, 99, 1, 8"
22812281 END
22822282 END
22832283 BLOCK "VarFileInfo"
--- a/common.h
+++ b/common.h
@@ -72,16 +72,16 @@
7272 //#define PROGRAM_VERSION_NUM 1972 /* バージョン */
7373 // 64ビット対応
7474 #ifdef _WIN64
75-#define VER_STR "1.99a-20160927 64bit"
75+#define VER_STR "1.99a-20161113 64bit"
7676 #else
77-#define VER_STR "1.99a-20160927"
77+#define VER_STR "1.99a-20161113"
7878 #endif
7979 #define VER_NUM 1990 /* 設定バージョン */
8080 #define PROGRAM_VERSION_NUM 1990 /* バージョン */
8181 // ソフトウェア自動更新
8282 // リリースバージョンはリリース予定年(10進数4桁)+月(2桁)+日(2桁)+通し番号(0スタート2桁)とする
8383 // 2014年7月31日中の30個目のリリースは2014073129
84-#define RELEASE_VERSION_NUM 2016092700 /* リリースバージョン */
84+#define RELEASE_VERSION_NUM 2016111300 /* リリースバージョン */
8585
8686
8787 // SourceForge.JPによるフォーク
--- a/contrib/openssl/CHANGES
+++ b/contrib/openssl/CHANGES
@@ -2,6 +2,64 @@
22 OpenSSL CHANGES
33 _______________
44
5+ Changes between 1.1.0b and 1.1.0c [10 Nov 2016]
6+
7+ *) ChaCha20/Poly1305 heap-buffer-overflow
8+
9+ TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to
10+ a DoS attack by corrupting larger payloads. This can result in an OpenSSL
11+ crash. This issue is not considered to be exploitable beyond a DoS.
12+
13+ This issue was reported to OpenSSL by Robert Święcki (Google Security Team)
14+ (CVE-2016-7054)
15+ [Richard Levitte]
16+
17+ *) CMS Null dereference
18+
19+ Applications parsing invalid CMS structures can crash with a NULL pointer
20+ dereference. This is caused by a bug in the handling of the ASN.1 CHOICE
21+ type in OpenSSL 1.1.0 which can result in a NULL value being passed to the
22+ structure callback if an attempt is made to free certain invalid encodings.
23+ Only CHOICE structures using a callback which do not handle NULL value are
24+ affected.
25+
26+ This issue was reported to OpenSSL by Tyler Nighswander of ForAllSecure.
27+ (CVE-2016-7053)
28+ [Stephen Henson]
29+
30+ *) Montgomery multiplication may produce incorrect results
31+
32+ There is a carry propagating bug in the Broadwell-specific Montgomery
33+ multiplication procedure that handles input lengths divisible by, but
34+ longer than 256 bits. Analysis suggests that attacks against RSA, DSA
35+ and DH private keys are impossible. This is because the subroutine in
36+ question is not used in operations with the private key itself and an input
37+ of the attacker's direct choice. Otherwise the bug can manifest itself as
38+ transient authentication and key negotiation failures or reproducible
39+ erroneous outcome of public-key operations with specially crafted input.
40+ Among EC algorithms only Brainpool P-512 curves are affected and one
41+ presumably can attack ECDH key negotiation. Impact was not analyzed in
42+ detail, because pre-requisites for attack are considered unlikely. Namely
43+ multiple clients have to choose the curve in question and the server has to
44+ share the private key among them, neither of which is default behaviour.
45+ Even then only clients that chose the curve will be affected.
46+
47+ This issue was publicly reported as transient failures and was not
48+ initially recognized as a security issue. Thanks to Richard Morgan for
49+ providing reproducible case.
50+ (CVE-2016-7055)
51+ [Andy Polyakov]
52+
53+ *) OpenSSL now fails if it receives an unrecognised record type in TLS1.0
54+ or TLS1.1. Previously this only happened in SSLv3 and TLS1.2. This is to
55+ prevent issues where no progress is being made and the peer continually
56+ sends unrecognised record types, using up resources processing them.
57+ [Matt Caswell]
58+
59+ *) Removed automatic addition of RPATH in shared libraries and executables,
60+ as this was a remainder from OpenSSL 1.0.x and isn't needed any more.
61+ [Richard Levitte]
62+
563 Changes between 1.1.0a and 1.1.0b [26 Sep 2016]
664
765 *) Fix Use After Free for large message sizes
@@ -391,6 +449,12 @@
391449 template in Configurations, like unix-Makefile.tmpl or
392450 descrip.mms.tmpl.
393451
452+ With this change, the library names were also renamed on Windows
453+ and on VMS. They now have names that are closer to the standard
454+ on Unix, and include the major version number, and in certain
455+ cases, the architecture they are built for. See "Notes on shared
456+ libraries" in INSTALL.
457+
394458 We rely heavily on the perl module Text::Template.
395459 [Richard Levitte]
396460
--- a/contrib/openssl/NEWS
+++ b/contrib/openssl/NEWS
@@ -5,6 +5,12 @@
55 This file gives a brief overview of the major changes between each OpenSSL
66 release. For more details please read the CHANGES file.
77
8+ Major changes between OpenSSL 1.1.0b and OpenSSL 1.1.0c [10 Nov 2016]
9+
10+ o ChaCha20/Poly1305 heap-buffer-overflow (CVE-2016-7054)
11+ o CMS Null dereference (CVE-2016-7053)
12+ o Montgomery multiplication may produce incorrect results (CVE-2016-7055)
13+
814 Major changes between OpenSSL 1.1.0a and OpenSSL 1.1.0b [26 Sep 2016]
915
1016 o Fix Use After Free for large message sizes (CVE-2016-6309)
--- a/contrib/openssl/README
+++ b/contrib/openssl/README
@@ -1,5 +1,5 @@
11
2- OpenSSL 1.1.0b 26 Sep 2016
2+ OpenSSL 1.1.0c 10 Nov 2016
33
44 Copyright (c) 1998-2016 The OpenSSL Project
55 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
@@ -59,13 +59,13 @@
5959 If you have any problems with OpenSSL then please take the following steps
6060 first:
6161
62- - Download the current snapshot from ftp://ftp.openssl.org/snapshot/
62+ - Download the latest version from the repository
6363 to see if the problem has already been addressed
64- - Remove ASM versions of libraries
64+ - Configure with no-asm
6565 - Remove compiler optimisation flags
6666
67- If you wish to report a bug then please include the following information in
68- any bug report:
67+ If you wish to report a bug then please include the following information
68+ and create an issue on GitHub:
6969
7070 - OpenSSL version: output of 'openssl version -a'
7171 - Any "Configure" options that you selected during compilation of the
@@ -76,27 +76,10 @@
7676 - Problem Description (steps that will reproduce the problem, if known)
7777 - Stack Traceback (if the application dumps core)
7878
79- Email the report to:
80-
81- rt@openssl.org
82-
83- In order to avoid spam, this is a moderated mailing list, and it might
84- take a couple of days for the ticket to show up. (We also scan posts to make
85- sure that security disclosures aren't publicly posted by mistake.) Mail
86- to this address is recorded in the public RT (request tracker) database
87- (see https://www.openssl.org/community/index.html#bugs for details) and
88- also forwarded the public openssl-dev mailing list. Confidential mail
89- may be sent to openssl-security@openssl.org (PGP key available from the
90- key servers).
91-
92- Please do NOT use this for general assistance or support queries.
9379 Just because something doesn't work the way you expect does not mean it
9480 is necessarily a bug in OpenSSL. Use the openssl-users email list for this type
9581 of query.
9682
97- You can also make GitHub pull requests. See the CONTRIBUTING file for more
98- details.
99-
10083 HOW TO CONTRIBUTE TO OpenSSL
10184 ----------------------------
10285
@@ -105,7 +88,7 @@
10588 LEGALITIES
10689 ----------
10790
108- A number of nations, in particular the U.S., restrict the use or export
109- of cryptography. If you are potentially subject to such restrictions
110- you should seek competent professional legal advice before attempting to
111- develop or distribute cryptographic code.
91+ A number of nations restrict the use or export of cryptography. If you
92+ are potentially subject to such restrictions you should seek competent
93+ professional legal advice before attempting to develop or distribute
94+ cryptographic code.
--- a/contrib/openssl/include/openssl/opensslv.h
+++ b/contrib/openssl/include/openssl/opensslv.h
@@ -39,11 +39,11 @@ extern "C" {
3939 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
4040 * major minor fix final patch/beta)
4141 */
42-# define OPENSSL_VERSION_NUMBER 0x1010002fL
42+# define OPENSSL_VERSION_NUMBER 0x1010003fL
4343 # ifdef OPENSSL_FIPS
44-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0b-fips 26 Sep 2016"
44+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0c-fips 10 Nov 2016"
4545 # else
46-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0b 26 Sep 2016"
46+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0c 10 Nov 2016"
4747 # endif
4848
4949 /*-
--- a/contrib/openssl/include/openssl/rsa.h
+++ b/contrib/openssl/include/openssl/rsa.h
@@ -462,6 +462,7 @@ int ERR_load_RSA_strings(void);
462462
463463 /* Function codes. */
464464 # define RSA_F_CHECK_PADDING_MD 140
465+# define RSA_F_ENCODE_PKCS1 146
465466 # define RSA_F_INT_RSA_VERIFY 145
466467 # define RSA_F_OLD_RSA_PRIV_DECODE 147
467468 # define RSA_F_PKEY_RSA_CTRL 143
--- a/contrib/openssl/include/openssl/ssl.h
+++ b/contrib/openssl/include/openssl/ssl.h
@@ -2231,6 +2231,7 @@ int ERR_load_SSL_strings(void);
22312231 # define SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY 358
22322232 # define SSL_F_TLS_CONSTRUCT_FINISHED 359
22332233 # define SSL_F_TLS_CONSTRUCT_HELLO_REQUEST 373
2234+# define SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET 428
22342235 # define SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE 374
22352236 # define SSL_F_TLS_CONSTRUCT_SERVER_DONE 375
22362237 # define SSL_F_TLS_CONSTRUCT_SERVER_HELLO 376
Binary files a/dist/amd64/libeay32.dll and b/dist/amd64/libeay32.dll differ
Binary files a/dist/amd64/ssleay32.dll and b/dist/amd64/ssleay32.dll differ
Binary files a/dist/libeay32.dll and b/dist/libeay32.dll differ
--- a/dist/ssl.pem
+++ b/dist/ssl.pem
@@ -1,20 +1,20 @@
11 ##
22 ## Bundle of CA Root Certificates
33 ##
4-## Certificate data from Mozilla as of: Wed Sep 14 03:12:05 2016
4+## Certificate data from Mozilla as of: Wed Nov 2 04:12:05 2016 GMT
55 ##
66 ## This is a bundle of X.509 certificates of public Certificate Authorities
77 ## (CA). These were automatically extracted from Mozilla's root certificates
88 ## file (certdata.txt). This file can be found in the mozilla source tree:
9-## http://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
9+## https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
1010 ##
1111 ## It contains the certificates in PEM format and therefore
1212 ## can be directly used with curl / libcurl / php_curl, or with
1313 ## an Apache+mod_ssl webserver for SSL client authentication.
1414 ## Just configure this file as the SSLCACertificateFile.
1515 ##
16-## Conversion done with mk-ca-bundle.pl version 1.26.
17-## SHA256: 01bbf1ecdd693f554ff4dcbe15880b3e6c33188a956c15ff845d313ca69cfeb8
16+## Conversion done with mk-ca-bundle.pl version 1.27.
17+## SHA256: 17e2a90c8a5cfd6a675b3475d3d467e1ab1fe0d5397e907b08206182389caa08
1818 ##
1919
2020
@@ -1764,7 +1764,7 @@ AJw9SDkjOVgaFRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA==
17641764 -----END CERTIFICATE-----
17651765
17661766 NetLock Arany (Class Gold) Főtanúsítvány
1767-============================================
1767+========================================
17681768 -----BEGIN CERTIFICATE-----
17691769 MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQGEwJIVTERMA8G
17701770 A1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610
@@ -2280,7 +2280,7 @@ Zt3hrvJBW8qYVoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI
22802280 -----END CERTIFICATE-----
22812281
22822282 Certinomis - Autorité Racine
2283-=============================
2283+============================
22842284 -----BEGIN CERTIFICATE-----
22852285 MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjETMBEGA1UEChMK
22862286 Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAkBgNVBAMMHUNlcnRpbm9taXMg
@@ -3675,7 +3675,7 @@ ekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su
36753675 -----END CERTIFICATE-----
36763676
36773677 TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
3678-=========================================================
3678+====================================================
36793679 -----BEGIN CERTIFICATE-----
36803680 MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UEBhMCVFIxDzAN
36813681 BgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp
@@ -3699,7 +3699,7 @@ B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW+qtB4Uu2NQvAmxU=
36993699 -----END CERTIFICATE-----
37003700
37013701 TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6
3702-=========================================================
3702+====================================================
37033703 -----BEGIN CERTIFICATE-----
37043704 MIIEJjCCAw6gAwIBAgIGfaHyZeyKMA0GCSqGSIb3DQEBCwUAMIGxMQswCQYDVQQGEwJUUjEPMA0G
37053705 A1UEBwwGQW5rYXJhMU0wSwYDVQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmls
@@ -4034,3 +4034,33 @@ BgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAKBggqhkjOPQQDAwNpADBmAjEAj6jcnboM
40344034 BBf6Fek9LykBl7+BFjNAk2z8+e2AcG+qj9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta
40354035 3U1fJAuwACEl74+nBCZx4nxp5V2a+EEfOzmTk51V6s2N8fvB
40364036 -----END CERTIFICATE-----
4037+
4038+ISRG Root X1
4039+============
4040+-----BEGIN CERTIFICATE-----
4041+MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UE
4042+BhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQD
4043+EwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQG
4044+EwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMT
4045+DElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54r
4046+Vygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj1
4047+3Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8K
4048+b4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCN
4049+Aymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ
4050+4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf
4051+1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFu
4052+hjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQH
4053+usEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/r
4054+OPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4G
4055+A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY
4056+9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
4057+ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV
4058+0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwt
4059+hDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJw
4060+TdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nx
4061+e5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZA
4062+JzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahD
4063+YVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9n
4064+JEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJ
4065+m+kXQ99b21/+jh5Xos1AnX5iItreGCc=
4066+-----END CERTIFICATE-----
Binary files a/dist/ssleay32.dll and b/dist/ssleay32.dll differ
--- /dev/null
+++ b/filehash.h
@@ -0,0 +1,17 @@
1+// ファイルハッシュ一覧
2+// 同梱するファイルに合わせてハッシュ値を変更すること
3+
4+// ssl.pem
5+#define FILEHASH_SSL_PEM_SHA1 "\x75\x32\x98\x3C\xD9\xC7\xB7\xC0\x50\xEF\xB5\x02\xF0\xDE\x28\x7C\x49\x5B\x8B\x77"
6+#if defined(_M_IX86)
7+// libeay32.dll
8+#define FILEHASH_LIBEAY32_DLL_SHA1 "\x55\x6F\xFE\x92\xDB\xA8\x78\x38\xE7\x90\xDA\xB8\x94\x37\x58\x5C\xD6\x38\x6F\x7D"
9+// ssleay32.dll
10+#define FILEHASH_SSLEAY32_DLL_SHA1 "\x3C\x0F\x7F\x89\xC8\x91\xF9\x0F\x8F\xA9\x27\x16\xC6\x64\xEA\x00\x34\xC8\x39\xDF"
11+#elif defined(_M_AMD64)
12+// libeay32.dll
13+#define FILEHASH_LIBEAY32_DLL_SHA1 "\x26\x5F\xCF\x35\x83\x37\x28\xA4\x31\xB0\xD0\x85\x3A\xF1\x33\x17\x98\x2B\xEB\x83"
14+// ssleay32.dll
15+#define FILEHASH_SSLEAY32_DLL_SHA1 "\xB0\x05\xB2\x4D\x64\x76\x1B\xE7\x31\xED\xB7\x03\xB7\xE1\x5C\xEB\x74\xC2\xE6\xFC"
16+#endif
17+
--- a/main.c
+++ b/main.c
@@ -62,6 +62,9 @@
6262 #undef __MBSWRAPPER_H__
6363 #include "mbswrapper.h"
6464
65+// 暗号化通信対応
66+#include "filehash.h"
67+
6568
6669 #define RESIZE_OFF 0 /* ウインドウの区切り位置変更していない */
6770 #define RESIZE_ON 1 /* ウインドウの区切り位置変更中 */
@@ -3595,8 +3598,7 @@ BOOL LoadSSLRootCAFile()
35953598 // sha.cはビッグエンディアンのため
35963599 for(i = 0; i < 5; i++)
35973600 Hash[i] = _byteswap_ulong(Hash[i]);
3598- // 同梱する"ssl.pem"に合わせてSHA1ハッシュ値を変更すること
3599- if(memcmp(&Hash, &SSLRootCAFileHash, 20) == 0 || memcmp(&Hash, "\x73\xB7\x54\x80\xEE\x1C\x4C\x66\x1C\x57\xD2\x0B\xDF\x85\xAD\x11\x69\xAF\x14\x8B", 20) == 0
3601+ if(memcmp(&Hash, &SSLRootCAFileHash, 20) == 0 || memcmp(&Hash, FILEHASH_SSL_PEM_SHA1, 20) == 0
36003602 || DialogBox(GetFtpInst(), MAKEINTRESOURCE(updatesslroot_dlg), GetMainHwnd(), ExeEscDialogProc) == YES)
36013603 {
36023604 memcpy(&SSLRootCAFileHash, &Hash, 20);
--- a/socketwrapper.c
+++ b/socketwrapper.c
@@ -15,6 +15,7 @@
1515 #include "protectprocess.h"
1616 #include "mbswrapper.h"
1717 #include "punycode.h"
18+#include "filehash.h"
1819
1920 // FTPS対応
2021
@@ -159,18 +160,10 @@ BOOL LoadOpenSSL()
159160 if(g_bOpenSSLLoaded)
160161 return FALSE;
161162 #ifdef ENABLE_PROCESS_PROTECTION
162- // 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること
163-#if defined(_M_IX86)
164163 // ssleay32.dll 1.1.0b
165- RegisterTrustedModuleSHA1Hash("\x62\xF4\x7E\xA1\xD9\x24\xE5\xCF\xA7\xBE\x04\xD9\x55\x89\xA6\xF8\x96\x62\x43\xAD");
164+ RegisterTrustedModuleSHA1Hash(FILEHASH_SSLEAY32_DLL_SHA1);
166165 // libeay32.dll 1.1.0b
167- RegisterTrustedModuleSHA1Hash("\xB7\x63\x47\x26\x24\xE7\x99\x68\xC7\x46\xAD\x59\xBD\xAF\xD0\x44\x86\x35\xB4\x27");
168-#elif defined(_M_AMD64)
169- // ssleay32.dll 1.1.0b
170- RegisterTrustedModuleSHA1Hash("\x10\xCD\x83\x06\x6F\xBE\x4D\x58\xE3\x0B\x2C\xF0\xA1\x13\x1B\xA2\x55\xB0\x6D\xE1");
171- // libeay32.dll 1.1.0b
172- RegisterTrustedModuleSHA1Hash("\x4F\x8E\xFB\xF6\x10\x50\x62\xA0\xB4\xF3\x28\x08\x10\x63\x67\x9E\xFD\xBE\xAC\x17");
173-#endif
166+ RegisterTrustedModuleSHA1Hash(FILEHASH_LIBEAY32_DLL_SHA1);
174167 #endif
175168 g_hOpenSSL = LoadLibrary("ssleay32.dll");
176169 // バージョン固定のためlibssl32.dllの読み込みは脆弱性の原因になり得るので廃止