diff --git a/README.md b/README.md index b14a9f5..3b533ff 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ Default support is in bold type. - [Google(Gmail)](https://gmail.com/) : _TLSv1.3_ **final** - [NSS TLS 1.3(Mozilla)](https://tls13.crypto.mozilla.org/) : _TLSv1.3_ **final** -[Compatible OpenSSL-3.0.0-dev (OpenSSL, 23649 commits)](https://github.com/openssl/openssl/tree/0b45d8eec051fd9816b6bf46a975fa461ffc983d) +[Compatible OpenSSL-3.0.0-dev (OpenSSL, 23705 commits)](https://github.com/openssl/openssl/tree/ee215c7eea91f193d4765127eb31332758753058) ## Patch files diff --git a/openssl-3.0.0-dev-chacha_draft.patch b/openssl-3.0.0-dev-chacha_draft.patch index 750f2e5..2fd9d91 100644 --- a/openssl-3.0.0-dev-chacha_draft.patch +++ b/openssl-3.0.0-dev-chacha_draft.patch @@ -291,10 +291,10 @@ index 2240916ff4..2a61f1a23a 100644 ISO-US 10046 2 1 : dhpublicnumber : X9.42 DH diff --git a/include/openssl/evp.h b/include/openssl/evp.h -index db8eec12f2..52319cc4af 100644 +index a903b29ffe..059a38eb2e 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h -@@ -928,6 +928,7 @@ const EVP_CIPHER *EVP_camellia_256_ctr(void); +@@ -930,6 +930,7 @@ const EVP_CIPHER *EVP_camellia_256_ctr(void); const EVP_CIPHER *EVP_chacha20(void); # ifndef OPENSSL_NO_POLY1305 const EVP_CIPHER *EVP_chacha20_poly1305(void); @@ -480,7 +480,7 @@ index 5aa04dbd53..8b2b7e7b36 100644 } else if (c->algorithm_mac & SSL_AEAD) { /* We're supposed to have handled all the AEAD modes above */ diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h -index 1d3397d880..d5ff8520b6 100644 +index a5df3cfb7f..a049c7653a 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -234,12 +234,13 @@ @@ -499,11 +499,11 @@ index 1d3397d880..d5ff8520b6 100644 # define SSL_ARIA (SSL_ARIAGCM) diff --git a/util/libcrypto.num b/util/libcrypto.num -index 5b488d0e4d..8b153624c4 100644 +index 9569bf43f3..6cc9ce933c 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num -@@ -4793,3 +4793,4 @@ X509_get0_sm2_id 4740 3_0_0 EXIST::FUNCTION:SM2 - EVP_PKEY_get0_engine 4741 3_0_0 EXIST::FUNCTION:ENGINE - EVP_MD_upref 4742 3_0_0 EXIST::FUNCTION: +@@ -4795,3 +4795,4 @@ EVP_MD_upref 4742 3_0_0 EXIST::FUNCTION: EVP_MD_fetch 4743 3_0_0 EXIST::FUNCTION: -+EVP_chacha20_poly1305_draft 4744 3_0_0 EXIST::FUNCTION:CHACHA,POLY1305 + EVP_set_default_properties 4744 3_0_0 EXIST::FUNCTION: + OSSL_PARAM_construct_end 4745 3_0_0 EXIST::FUNCTION: ++EVP_chacha20_poly1305_draft 4746 3_0_0 EXIST::FUNCTION:CHACHA,POLY1305 diff --git a/openssl-equal-3.0.0-dev.patch b/openssl-equal-3.0.0-dev.patch index 9568b75..6e79c45 100644 --- a/openssl-equal-3.0.0-dev.patch +++ b/openssl-equal-3.0.0-dev.patch @@ -1,8 +1,8 @@ diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt -index 27e1890393..df8690a1bd 100644 +index a3d15c9a5f..86aa9acdb7 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt -@@ -2879,6 +2879,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key +@@ -2892,6 +2892,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key SSL_R_MISSING_TMP_ECDH_KEY:311:missing tmp ecdh key SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA:293:\ mixed handshake and non handshake data @@ -11,7 +11,7 @@ index 27e1890393..df8690a1bd 100644 SSL_R_NOT_ON_RECORD_BOUNDARY:182:not on record boundary SSL_R_NOT_REPLACING_CERTIFICATE:289:not replacing certificate SSL_R_NOT_SERVER:284:not server -@@ -2985,7 +2987,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines +@@ -2998,7 +3000,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data @@ -936,7 +936,7 @@ index f63e16b592..8f462b7108 100644 /* Dup the client_CA list */ if (!dup_ca_names(&ret->ca_names, s->ca_names) diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h -index 1d3397d880..265c32d15e 100644 +index a5df3cfb7f..ac455639ea 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -744,9 +744,46 @@ typedef struct ssl_ctx_ext_secure_st { diff --git a/openssl-equal-3.0.0-dev_ciphers.patch b/openssl-equal-3.0.0-dev_ciphers.patch index 98053d1..a3d45fa 100644 --- a/openssl-equal-3.0.0-dev_ciphers.patch +++ b/openssl-equal-3.0.0-dev_ciphers.patch @@ -1,8 +1,8 @@ diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt -index 27e1890393..df8690a1bd 100644 +index a3d15c9a5f..86aa9acdb7 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt -@@ -2879,6 +2879,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key +@@ -2892,6 +2892,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key SSL_R_MISSING_TMP_ECDH_KEY:311:missing tmp ecdh key SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA:293:\ mixed handshake and non handshake data @@ -11,7 +11,7 @@ index 27e1890393..df8690a1bd 100644 SSL_R_NOT_ON_RECORD_BOUNDARY:182:not on record boundary SSL_R_NOT_REPLACING_CERTIFICATE:289:not replacing certificate SSL_R_NOT_SERVER:284:not server -@@ -2985,7 +2987,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines +@@ -2998,7 +3000,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data @@ -1009,7 +1009,7 @@ index f63e16b592..9828b43b0c 100644 /* Dup the client_CA list */ if (!dup_ca_names(&ret->ca_names, s->ca_names) diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h -index 1d3397d880..265c32d15e 100644 +index a5df3cfb7f..ac455639ea 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -744,9 +744,46 @@ typedef struct ssl_ctx_ext_secure_st {