deps: upgrade openssl to 1.0.0f

deps/openssl/README.chromium

@@ -1,20 +1,34 @@
 Name: openssl
 URL: http://openssl.org/source/
-Version: 0.9.8o
+Version: 1.0.0f
 License: BSDish
 License File: openssl/LICENSE
 
 Description:
-This is OpenSSL, the standard SSL/TLS library, which is used only for testing.
+This is OpenSSL, the standard SSL/TLS library, which is used only in Android.
+
 It's an unmodified, upstream source except for the patches listed below.
 
 
-Patches are applied in this order:
+********************************************************************************
+The following patches are taken from Android Open Source Project.
+
+
+progs.patch:
 
-missing_stddef.patch
+Fixup sources under the apps/ directory that are not built under the android environment.
 
-Add stddef.h to header files which use size_t, otherwise apps that include
-those headers get compiler errors.
+
+small_records.patch:
+
+Reduce OpenSSL memory consumption.
+SSL records may be as large as 16K, but are typically < 2K.  In
+addition, a historic bug in Windows allowed records to be as large
+32K.  OpenSSL statically allocates read and write buffers (34K and
+18K respectively) used for processing records.
+With this patch, OpenSSL statically allocates 4K + 4K buffers, with
+the option of dynamically growing buffers to 34K + 4K, which is a
+saving of 44K per connection for the typical case.
 
 
 handshake_cutthrough.patch
@@ -25,24 +39,58 @@ clients can negotiate SSL connections in 1-RTT even when performing
 full-handshakes.
 
 
-next_proto_neg.patch
+jsse.patch
+
+Support for JSSE implementation based on OpenSSL.
+
+
+npn.patch
+
+Transport Layer Security (TLS) Next Protocol Negotiation Extension
+
+
+sha1_armv4_large.patch
+
+This patch eliminates memory stores to addresses below SP.
+
+
+openssl_no_dtls1.patch
+
+Add missing #ifndef OPENSSL_NO_DTLS1
+
+
+********************************************************************************
+The following patches are needed to compile this openssl on Chromium and pass
+the related net unit tests.
+
+
+empty_OPENSSL_cpuid_setup.patch
+
+Use a empty implementation for function OPENSSL_cpuid_setup to resolve link
+error. We should figure out how to geenrate platform specific implementation
+of OPENSSL_cpuid_setup by leveraging crypto/*cpuid.pl.
+
 
-Adds next-protocol-negotation support:
-  http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00
+x509_hash_name_algorithm_change.patch
 
-EXPERIMENTAL: this patches uses extension and handshake numbers that are not
-assigned by IANA.
+There are many symbolic links under /etc/ssl/certs created by using hash of
+the pem certificates in order for OpenSSL to find those certificate.
+Openssl has a tool to help you create hash symbolic links. (See tools/c_rehash)
+However the new openssl changed the hash algorithm, Unless you compile/install
+the latest openssl library and re-create all related symbolic links, the new
+openssl can not find some certificates because the links of those certificates
+were created by using old hash algorithm, which causes some tests failed.
+This patch gives a way to find a certificate according to its hash by using both
+new algorithm and old algorithm.
+crbug.com/111045 is used to track this issue.
 
-This patch implements server and client side support. Additionally, it includes
-code that assumes the structure of the 'opaque' protocol strings in the draft.
 
+tls_exporter.patch
 
-snap_start.patch
+Keying Material Exporters for Transport Layer Security (RFC 5705).
 
-Adds server-side support for Snap Start. This allows for 0-RTT handshakes in
-the case that the application protocol involves the client side speaking first.
 
-http://tools.ietf.org/html/draft-agl-tls-snapstart-00
+Android platform support
 
-EXPERIMENTAL: this patches uses an extension number that is not assigned by
-IANA.
+Copy config/android/openssl/opensslconf.h from Android's
+external/openssl/include/openssl/opensslconf.h

deps/openssl/config/k8/openssl/opensslconf-posix.h → deps/openssl/config/android/openssl/opensslconf.h

@@ -5,17 +5,8 @@
 #ifndef OPENSSL_DOING_MAKEDEPEND
 
 
-#ifndef OPENSSL_NO_CAMELLIA
-# define OPENSSL_NO_CAMELLIA
-#endif
-#ifndef OPENSSL_NO_CAPIENG
-# define OPENSSL_NO_CAPIENG
-#endif
-#ifndef OPENSSL_NO_CMS
-# define OPENSSL_NO_CMS
-#endif
-#ifndef OPENSSL_NO_FIPS
-# define OPENSSL_NO_FIPS
+#ifndef OPENSSL_NO_CAST
+# define OPENSSL_NO_CAST
 #endif
 #ifndef OPENSSL_NO_GMP
 # define OPENSSL_NO_GMP
@@ -29,8 +20,8 @@
 #ifndef OPENSSL_NO_KRB5
 # define OPENSSL_NO_KRB5
 #endif
-#ifndef OPENSSL_NO_MDC2
-# define OPENSSL_NO_MDC2
+#ifndef OPENSSL_NO_MD2
+# define OPENSSL_NO_MD2
 #endif
 #ifndef OPENSSL_NO_RC5
 # define OPENSSL_NO_RC5
@@ -41,8 +32,14 @@
 #ifndef OPENSSL_NO_SEED
 # define OPENSSL_NO_SEED
 #endif
-#ifndef OPENSSL_NO_ASM
-# define OPENSSL_NO_ASM
+#ifndef OPENSSL_NO_SHA0
+# define OPENSSL_NO_SHA0
+#endif
+#ifndef OPENSSL_NO_STORE
+# define OPENSSL_NO_STORE
+#endif
+#ifndef OPENSSL_NO_WHRLPOOL
+# define OPENSSL_NO_WHRLPOOL
 #endif
 
 #endif /* OPENSSL_DOING_MAKEDEPEND */
@@ -59,17 +56,8 @@
    who haven't had the time to do the appropriate changes in their
    applications.  */
 #ifdef OPENSSL_ALGORITHM_DEFINES
-# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA)
-#  define NO_CAMELLIA
-# endif
-# if defined(OPENSSL_NO_CAPIENG) && !defined(NO_CAPIENG)
-#  define NO_CAPIENG
-# endif
-# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS)
-#  define NO_CMS
-# endif
-# if defined(OPENSSL_NO_FIPS) && !defined(NO_FIPS)
-#  define NO_FIPS
+# if defined(OPENSSL_NO_CAST) && !defined(NO_CAST)
+#  define NO_CAST
 # endif
 # if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
 #  define NO_GMP
@@ -83,8 +71,8 @@
 # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
 #  define NO_KRB5
 # endif
-# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
-#  define NO_MDC2
+# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
+#  define NO_MD2
 # endif
 # if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
 #  define NO_RC5
@@ -95,27 +83,19 @@
 # if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
 #  define NO_SEED
 # endif
+# if defined(OPENSSL_NO_SHA0) && !defined(NO_SHA0)
+#  define NO_SHA0
+# endif
+# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
+#  define NO_STORE
+# endif
+# if defined(OPENSSL_NO_WHRLPOOL) && !defined(NO_WHRLPOOL)
+#  define NO_WHRLPOOL
+# endif
 #endif
 
-#define OPENSSL_CPUID_OBJ
-
 /* crypto/opensslconf.h.in */
 
-#ifdef OPENSSL_DOING_MAKEDEPEND
-
-/* Include any symbols here that have to be explicitly set to enable a feature
- * that should be visible to makedepend.
- *
- * [Our "make depend" doesn't actually look at this, we use actual build settings
- * instead; we want to make it easy to remove subdirectories with disabled algorithms.]
- */
-
-#ifndef OPENSSL_FIPS
-#define OPENSSL_FIPS
-#endif
-
-#endif
-
 /* Generate 80386 code? */
 #undef I386_ONLY
 
@@ -128,9 +108,6 @@
 
 #undef OPENSSL_UNISTD
 #define OPENSSL_UNISTD <unistd.h>
-#if !defined(SWIG)
-#include <unistd.h>
-#endif
 
 #undef OPENSSL_EXPORT_VAR_AS_FUNCTION
 
@@ -156,7 +133,7 @@
  * - Intel P6 because partial register stalls are very expensive;
  * - elder Alpha because it lacks byte load/store instructions;
  */
-#define RC4_INT unsigned int
+#define RC4_INT unsigned char
 #endif
 #if !defined(RC4_CHUNK)
 /*
@@ -177,19 +154,14 @@
 
 #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
 #define CONFIG_HEADER_BN_H
-#undef BN_LLONG
+#define BN_LLONG
 
 /* Should we define BN_DIV2W here? */
 
 /* Only one for the following should be defined */
-/* The prime number generation stuff may not work when
- * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
-#define SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
-#undef THIRTY_TWO_BIT
-#undef SIXTEEN_BIT
-#undef EIGHT_BIT
+#define THIRTY_TWO_BIT
 #endif
 
 #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
@@ -201,7 +173,7 @@
 
 #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
 #define CONFIG_HEADER_BF_LOCL_H
-#undef BF_PTR
+#define BF_PTR
 #endif /* HEADER_BF_LOCL_H */
 
 #if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)