OSDN > Developer >

amalsyah1 > Chamber > ffftp > Commit

amalsyah1

Fork

Fork origin: ffftp / ffftp

R/O
HTTP
SSH
HTTPS

Commit

Commit MetaInfo

Revision	8a99c5529bb8702acca4ebf2dd764a4cb7acaaad (tree)
Time	2016-09-27 20:59:04
Author	s_kawamoto <s_kawamoto@user...>
Commiter	s_kawamoto

Log Message

Update OpenSSL to 1.1.0b.

Change Summary

modified: FFFTP_Eng_Release/FFFTP.exe (diff)
modified: FFFTP_Eng_Release_64/FFFTP.exe (diff)
modified: Release/FFFTP.exe (diff)
modified: Release_64/FFFTP.exe (diff)
modified: Resource/FFFTP.rc (diff)
modified: Resource_eng/ffftp.rc (diff)
modified: common.h (diff)
modified: contrib/openssl/CHANGES (diff)
modified: contrib/openssl/NEWS (diff)
modified: contrib/openssl/README (diff)
modified: contrib/openssl/include/openssl/opensslv.h (diff)
modified: dist/amd64/libeay32.dll (diff)
modified: dist/amd64/ssleay32.dll (diff)
modified: dist/libeay32.dll (diff)
modified: dist/ssleay32.dll (diff)
modified: socketwrapper.c (diff)

Incremental Difference

Binary files a/FFFTP_Eng_Release/FFFTP.exe and b/FFFTP_Eng_Release/FFFTP.exe differ

Binary files a/FFFTP_Eng_Release_64/FFFTP.exe and b/FFFTP_Eng_Release_64/FFFTP.exe differ

Binary files a/Release/FFFTP.exe and b/Release/FFFTP.exe differ

Binary files a/Release_64/FFFTP.exe and b/Release_64/FFFTP.exe differ

--- a/Resource/FFFTP.rc

+++ b/Resource/FFFTP.rc

		@@ -242,7 +242,7 @@ FONT 9, "MS Shell Dlg", 0, 0, 0x0
242	242	BEGIN
243	243	DEFPUSHBUTTON "OK",IDOK,133,294,50,14
244	244	ICON ffftp,-1,7,4,20,20
245		- CTEXT "FFFTP Ver 1.99a-20160924",-1,113,11,90,8
	245	+ CTEXT "FFFTP Ver 1.99a-20160927",-1,113,11,90,8
246	246	CTEXT "FFFTPÍfreewareÅ·",-1,7,279,305,8
247	247	CTEXT "Copyright(C) 1997-2010 Sota & ²¦Í¢½¾¢½ûX\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, ¤È[, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, Ó¤¹ñ)",-1,7,25,305,44,SS_NOPREFIX
248	248	CTEXT "",ABOUT_JRE,7,96,305,8

		@@ -2213,8 +2213,8 @@ nodrop_csr CURSOR "nodrop_c.cur"
2213	2213	//
2214	2214
2215	2215	VS_VERSION_INFO VERSIONINFO
2216		- FILEVERSION 1,99,1,6
2217		- PRODUCTVERSION 1,99,1,6
	2216	+ FILEVERSION 1,99,1,7
	2217	+ PRODUCTVERSION 1,99,1,7
2218	2218	FILEFLAGSMASK 0x3fL
2219	2219	#ifdef _DEBUG
2220	2220	FILEFLAGS 0x1L

		@@ -2232,12 +2232,12 @@ BEGIN
2232	2232	VALUE "Comments", "±êÍt[\tgEGAÅ·B"
2233	2233	VALUE "CompanyName", "Sota, FFFTP Project"
2234	2234	VALUE "FileDescription", "FFFTP"
2235		- VALUE "FileVersion", "1, 99, 1, 6"
	2235	+ VALUE "FileVersion", "1, 99, 1, 7"
2236	2236	VALUE "InternalName", "FFFTP"
2237	2237	VALUE "LegalCopyright", "Copyright (C) 1997-2010 Sota & ²¦Í¢½¾¢½ûX\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, ¤È[, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, Ó¤¹ñ)."
2238	2238	VALUE "OriginalFilename", "FFFTP.exe"
2239	2239	VALUE "ProductName", "FFFTP"
2240		- VALUE "ProductVersion", "1, 99, 1, 6"
	2240	+ VALUE "ProductVersion", "1, 99, 1, 7"
2241	2241	END
2242	2242	END
2243	2243	BLOCK "VarFileInfo"

--- a/Resource_eng/ffftp.rc

+++ b/Resource_eng/ffftp.rc

		@@ -242,7 +242,7 @@ FONT 9, "MS Shell Dlg", 0, 0, 0x0
242	242	BEGIN
243	243	DEFPUSHBUTTON "OK",IDOK,132,296,50,14
244	244	ICON ffftp,-1,7,4,20,20
245		- CTEXT "FFFTP Ver 1.99a-20160924",-1,110,11,90,8
	245	+ CTEXT "FFFTP Ver 1.99a-20160927",-1,110,11,90,8
246	246	CTEXT "FFFTP is freeware",-1,7,281,301,8
247	247	CTEXT "Copyright(C) 1997-2010 Sota && cooperators\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, unarist, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, Fu-sen)",-1,7,25,301,44
248	248	CTEXT "",ABOUT_JRE,7,93,301,8

		@@ -2253,8 +2253,8 @@ nodrop_csr CURSOR "nodrop_c.cur"
2253	2253	//
2254	2254
2255	2255	VS_VERSION_INFO VERSIONINFO
2256		- FILEVERSION 1,99,1,6
2257		- PRODUCTVERSION 1,99,1,6
	2256	+ FILEVERSION 1,99,1,7
	2257	+ PRODUCTVERSION 1,99,1,7
2258	2258	FILEFLAGSMASK 0x3fL
2259	2259	#ifdef _DEBUG
2260	2260	FILEFLAGS 0x1L

		@@ -2272,12 +2272,12 @@ BEGIN
2272	2272	VALUE "Comments", "This software is Free Software"
2273	2273	VALUE "CompanyName", "Sota, FFFTP Project"
2274	2274	VALUE "FileDescription", "FFFTP"
2275		- VALUE "FileVersion", "1, 99, 1, 6"
	2275	+ VALUE "FileVersion", "1, 99, 1, 7"
2276	2276	VALUE "InternalName", "FFFTP"
2277	2277	VALUE "LegalCopyright", "Copyright (C) 1997-2010 Sota & cooperators\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, unarist, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, Fu-sen)."
2278	2278	VALUE "OriginalFilename", "FFFTP.exe"
2279	2279	VALUE "ProductName", "FFFTP"
2280		- VALUE "ProductVersion", "1, 99, 1, 6"
	2280	+ VALUE "ProductVersion", "1, 99, 1, 7"
2281	2281	END
2282	2282	END
2283	2283	BLOCK "VarFileInfo"

--- a/common.h

+++ b/common.h

		@@ -72,16 +72,16 @@
72	72	//#define PROGRAM_VERSION_NUM 1972 /* バージョン */
73	73	// 64ビット対応
74	74	#ifdef _WIN64
75		-#define VER_STR "1.99a-20160924 64bit"
	75	+#define VER_STR "1.99a-20160927 64bit"
76	76	#else
77		-#define VER_STR "1.99a-20160924"
	77	+#define VER_STR "1.99a-20160927"
78	78	#endif
79	79	#define VER_NUM 1990 /* 設定バージョン */
80	80	#define PROGRAM_VERSION_NUM 1990 /* バージョン */
81	81	// ソフトウェア自動更新
82	82	// リリースバージョンはリリース予定年（10進数4桁）+月（2桁）+日（2桁）+通し番号（0スタート2桁）とする
83	83	// 2014年7月31日中の30個目のリリースは2014073129
84		-#define RELEASE_VERSION_NUM 2016092400 /* リリースバージョン */
	84	+#define RELEASE_VERSION_NUM 2016092700 /* リリースバージョン */
85	85
86	86
87	87	// SourceForge.JPによるフォーク

--- a/contrib/openssl/CHANGES

+++ b/contrib/openssl/CHANGES

		@@ -2,6 +2,23 @@
2	2	OpenSSL CHANGES
3	3	_______________
4	4
	5	+ Changes between 1.1.0a and 1.1.0b [26 Sep 2016]
	6	+
	7	+ *) Fix Use After Free for large message sizes
	8	+
	9	+ The patch applied to address CVE-2016-6307 resulted in an issue where if a
	10	+ message larger than approx 16k is received then the underlying buffer to
	11	+ store the incoming message is reallocated and moved. Unfortunately a
	12	+ dangling pointer to the old location is left which results in an attempt to
	13	+ write to the previously freed location. This is likely to result in a
	14	+ crash, however it could potentially lead to execution of arbitrary code.
	15	+
	16	+ This issue only affects OpenSSL 1.1.0a.
	17	+
	18	+ This issue was reported to OpenSSL by Robert Święcki.
	19	+ (CVE-2016-6309)
	20	+ [Matt Caswell]
	21	+
5	22	Changes between 1.1.0 and 1.1.0a [22 Sep 2016]
6	23
7	24	*) OCSP Status Request extension unbounded memory growth

--- a/contrib/openssl/NEWS

+++ b/contrib/openssl/NEWS

		@@ -5,6 +5,10 @@
5	5	This file gives a brief overview of the major changes between each OpenSSL
6	6	release. For more details please read the CHANGES file.
7	7
	8	+ Major changes between OpenSSL 1.1.0a and OpenSSL 1.1.0b [26 Sep 2016]
	9	+
	10	+ o Fix Use After Free for large message sizes (CVE-2016-6309)
	11	+
8	12	Major changes between OpenSSL 1.1.0 and OpenSSL 1.1.0a [22 Sep 2016]
9	13
10	14	o OCSP Status Request extension unbounded memory growth (CVE-2016-6304)

--- a/contrib/openssl/README

+++ b/contrib/openssl/README

		@@ -1,5 +1,5 @@
1	1
2		- OpenSSL 1.1.0a 22 Sep 2016
	2	+ OpenSSL 1.1.0b 26 Sep 2016
3	3
4	4	Copyright (c) 1998-2016 The OpenSSL Project
5	5	Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

--- a/contrib/openssl/include/openssl/opensslv.h

+++ b/contrib/openssl/include/openssl/opensslv.h

		@@ -39,11 +39,11 @@ extern "C" {
39	39	* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
40	40	* major minor fix final patch/beta)
41	41	*/
42		-# define OPENSSL_VERSION_NUMBER 0x1010001fL
	42	+# define OPENSSL_VERSION_NUMBER 0x1010002fL
43	43	# ifdef OPENSSL_FIPS
44		-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0a-fips 22 Sep 2016"
	44	+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0b-fips 26 Sep 2016"
45	45	# else
46		-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0a 22 Sep 2016"
	46	+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0b 26 Sep 2016"
47	47	# endif
48	48
49	49	/*-

Binary files a/dist/amd64/libeay32.dll and b/dist/amd64/libeay32.dll differ

Binary files a/dist/amd64/ssleay32.dll and b/dist/amd64/ssleay32.dll differ

Binary files a/dist/libeay32.dll and b/dist/libeay32.dll differ

Binary files a/dist/ssleay32.dll and b/dist/ssleay32.dll differ

--- a/socketwrapper.c

+++ b/socketwrapper.c

		@@ -161,15 +161,15 @@ BOOL LoadOpenSSL()
161	161	#ifdef ENABLE_PROCESS_PROTECTION
162	162	// 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること
163	163	#if defined(_M_IX86)
164		- // ssleay32.dll 1.1.0a
165		- RegisterTrustedModuleSHA1Hash("\xBF\x25\x75\x85\x71\x67\x5D\x3E\x07\x11\x40\xE2\x47\xC0\xE0\x5C\xB2\xCD\xC3\x12");
166		- // libeay32.dll 1.1.0a
167		- RegisterTrustedModuleSHA1Hash("\x0A\x29\x8D\xAC\x2C\xA2\xB1\x43\x2B\x9F\xA4\xD8\x14\x80\x9B\x04\xD9\x23\x73\x41");
	164	+ // ssleay32.dll 1.1.0b
	165	+ RegisterTrustedModuleSHA1Hash("\x62\xF4\x7E\xA1\xD9\x24\xE5\xCF\xA7\xBE\x04\xD9\x55\x89\xA6\xF8\x96\x62\x43\xAD");
	166	+ // libeay32.dll 1.1.0b
	167	+ RegisterTrustedModuleSHA1Hash("\xB7\x63\x47\x26\x24\xE7\x99\x68\xC7\x46\xAD\x59\xBD\xAF\xD0\x44\x86\x35\xB4\x27");
168	168	#elif defined(_M_AMD64)
169		- // ssleay32.dll 1.1.0a
170		- RegisterTrustedModuleSHA1Hash("\xCE\x74\x3E\x3D\x88\x2C\xC4\xAC\x33\x53\xD4\x5A\xAE\x17\x4F\x59\x01\x8A\x6E\xAB");
171		- // libeay32.dll 1.1.0a
172		- RegisterTrustedModuleSHA1Hash("\xA1\x40\x78\xD1\xD5\x47\xCA\x47\x8A\x03\x93\xBC\x9E\xAD\xFA\xCA\x65\x1F\x36\x78");
	169	+ // ssleay32.dll 1.1.0b
	170	+ RegisterTrustedModuleSHA1Hash("\x10\xCD\x83\x06\x6F\xBE\x4D\x58\xE3\x0B\x2C\xF0\xA1\x13\x1B\xA2\x55\xB0\x6D\xE1");
	171	+ // libeay32.dll 1.1.0b
	172	+ RegisterTrustedModuleSHA1Hash("\x4F\x8E\xFB\xF6\x10\x50\x62\xA0\xB4\xF3\x28\x08\x10\x63\x67\x9E\xFD\xBE\xAC\x17");
173	173	#endif
174	174	#endif
175	175	g_hOpenSSL = LoadLibrary("ssleay32.dll");

ffftp.http://sabah.net/ Fork