deps: upgrade openssl sources to OpenSSL_1_1_1m+quic

This updates all sources in deps/openssl/openssl by:
    $ git clone https://github.com/quictls/openssl
    $ cd openssl
    $ git checkout OpenSSL_1_1_1m+quic
    $ cd ../node/deps/openssl
    $ rm -rf openssl
    $ cp -R ../openssl openssl
    $ rm -rf openssl/.git* openssl/.travis*
    $ git add --all openssl
    $ git commit openssl

Author: richardlau

deps/openssl/openssl/CHANGES

@@ -7,6 +7,26 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1l and 1.1.1m [14 Dec 2021]
+
+  *) Avoid loading of a dynamic engine twice.
+
+     [Bernd Edlinger]
+
+  *) Fixed building on Debian with kfreebsd kernels
+
+     [Mattias Ellert]
+
+  *) Prioritise DANE TLSA issuer certs over peer certs
+
+     [Viktor Dukhovni]
+
+  *) Fixed random API for MacOS prior to 10.12
+
+     These MacOS versions don't support the CommonCrypto APIs
+
+     [Lenny Primak]
+
  Changes between 1.1.1k and 1.1.1l [24 Aug 2021]
 
   *) Fixed an SM2 Decryption Buffer Overflow.

deps/openssl/openssl/Configure

@@ -486,7 +486,7 @@ my @disable_cascades = (
     "ssl3-method"       => [ "ssl3" ],
     "zlib"              => [ "zlib-dynamic" ],
     "des"               => [ "mdc2" ],
-    "ec"                => [ "ecdsa", "ecdh" ],
+    "ec"                => [ "ecdsa", "ecdh", "quic" ],
 
     "dgram"             => [ "dtls", "sctp" ],
     "sock"              => [ "dgram" ],
@@ -1307,16 +1307,19 @@ if ($disabled{"dynamic-engine"}) {
 
 unless ($disabled{asan}) {
     push @{$config{cflags}}, "-fsanitize=address";
+    push @{$config{cxxflags}}, "-fsanitize=address" if $config{CXX};
 }
 
 unless ($disabled{ubsan}) {
     # -DPEDANTIC or -fnosanitize=alignment may also be required on some
     # platforms.
     push @{$config{cflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all";
+    push @{$config{cxxflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all" if $config{CXX};
 }
 
 unless ($disabled{msan}) {
   push @{$config{cflags}}, "-fsanitize=memory";
+  push @{$config{cxxflags}}, "-fsanitize=memory" if $config{CXX};
 }
 
 unless ($disabled{"fuzz-libfuzzer"} && $disabled{"fuzz-afl"}

deps/openssl/openssl/NEWS

@@ -5,6 +5,10 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1l and OpenSSL 1.1.1m [14 Dec 2021]
+
+      o None
+
   Major changes between OpenSSL 1.1.1k and OpenSSL 1.1.1l [24 Aug 2021]
 
       o Fixed an SM2 Decryption Buffer Overflow (CVE-2021-3711)

deps/openssl/openssl/README-OpenSSL.md

@@ -1,5 +1,5 @@
 
- OpenSSL 1.1.1l 24 Aug 2021
+ OpenSSL 1.1.1m 14 Dec 2021
 
  Copyright (c) 1998-2021 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

deps/openssl/openssl/README.md

@@ -1,29 +1,31 @@
 What This Is
 ============
 
-This is a fork of [OpenSSL](https://www.openssl.org) to enable QUIC. In addition to the
-website, the official source distribution is at https://github.com/openssl/openssl.
-The OpenSSL `README` can be found at [README-OpenSSL.md](README-OpenSSL.md).
+This is a fork of [OpenSSL](https://www.openssl.org) to enable QUIC. In addition
+to the website, the official source distribution is at
+<https://github.com/openssl/openssl>. The OpenSSL `README` can be found at
+[README-OpenSSL.md](https://github.com/quictls/openssl/blob/OpenSSL_1_1_1m%2Bquic/README-OpenSSL.md).
 
-This fork adds API that can be used by QUIC implementations for connection
+This fork adds APIs that can be used by QUIC implementations for connection
 handshakes. Quoting the IETF Working group
 [charter](https://datatracker.ietf.org/wg/quic/about/), QUIC is a "UDP-based,
 stream-multiplexing, encrypted transport protocol." If you don't need QUIC, you
 should use the official OpenSSL distributions.
 
-This API's here are used by Microsoft's
+The APIs here are used by Microsoft's
 [MsQuic](https://github.com/microsoft/msquic) and Google's
 [Chromium QUIC](https://chromium.googlesource.com/chromium/src/+/master/net/quic/)
 
 We are not in competition with OpenSSL project. We informed them of
 our plans to fork the code before we went public. We do not speak for the
 OpenSSL project, and can only point to a
-[blog post](https://www.openssl.org/blog/blog/2020/02/17/QUIC-and-OpenSSL/) that
-provides their view of QUIC support.
+[blog post](https://www.openssl.org/blog/blog/2020/02/17/QUIC-and-OpenSSL/) and
+[openssl-project email](https://github.com/quictls/openssl/discussions/54)
+that provides their view of QUIC support.
 
 As stated in their blog post, the OpenSSL team is focused on their 3.0 release
-which is still in alpha, and does not intend to add QUIC functionality to 1.1.x.
-There is a community need for a QUIC capable TLS library. This fork is intended
+(released 2021-09-07), and does not intend to add QUIC functionality to 1.1.x.
+There is a community need for a QUIC-capable TLS library. This fork is intended
 as stopgap solution to enable higher level frameworks and runtimes to use QUIC
 with the proven and reliable TLS functionality from OpenSSL. This fork will be
 maintained until OpenSSL officially provides reasonable support for QUIC
@@ -40,8 +42,8 @@ What about branches?
 --------------------
 We don't want to conflict with OpenSSL branch names. Our current plan is to append
 `+quic`. Release tags are likely to be the QUIC branch with `-releaseX` appended.
-For example, the OpenSSL tag `openssl-3.0.0-alpha12` would have a branch named
-`openssl-3.0.0-alpha12+quic` and a release tag of `openssl-3.0.0-alpha12+quic-release1`
+For example, the OpenSSL tag `openssl-3.0.0` would have a branch named
+`openssl-3.0.0+quic` and a release tag of `openssl-3.0.0+quic-release1`.
 
 How are you keeping current with OpenSSL?
 -----------------------------------------
@@ -60,13 +62,14 @@ What about library names?
 -------------------------
 Library names will be the same, but will use a different version number. The version
 numbers for the current OpenSSL libraries are `1.1` (for the 1.1.0 and 1.1.1 branches)
-and `3` (for the to-be-3.0 branch). We will be prefixing 81 (ASCII for 'Q') to
+and `3` (for the 3.0 branch). We will be prefixing `81` (ASCII for 'Q') to
 the version numbers to generate a unique version number.
 
-```
-libcrypto.so.81.3   libcrypto.so.81.1.1   libcrypto.so.1.1   libcrypto.so.3
-libssl.so.81.3      libssl.so.81.1.1      libsslo.so.1.1     libssl.so.3
-```
+- `libcrypto.so.81.3` vs `libcrypto.so.3`
+- `libcrypto.so.81.1.1` vs `libcrypto.so.1.1`
+- `libssl.so.81.3` vs `libssl.so.3`
+- `libssl.so.81.1.1` vs `libssl.so.1.1`
+
 The SONAME of these libraries are all different, guaranteeing the correct library
 will be used.
 

deps/openssl/openssl/apps/ciphers.c

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -172,6 +172,7 @@ int ciphers_main(int argc, char **argv)
     if (convert != NULL) {
         BIO_printf(bio_out, "OpenSSL cipher name: %s\n",
                    OPENSSL_cipher_name(convert));
+        ret = 0;
         goto end;
     }
 

deps/openssl/openssl/apps/dgst.c

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -316,7 +316,7 @@ int dgst_main(int argc, char **argv)
         EVP_MD_CTX *mctx = NULL;
         EVP_PKEY_CTX *pctx = NULL;
         int r;
-        if (!BIO_get_md_ctx(bmd, &mctx)) {
+        if (BIO_get_md_ctx(bmd, &mctx) <= 0) {
             BIO_printf(bio_err, "Error getting context\n");
             ERR_print_errors(bio_err);
             goto end;
@@ -345,7 +345,7 @@ int dgst_main(int argc, char **argv)
     /* we use md as a filter, reading from 'in' */
     else {
         EVP_MD_CTX *mctx = NULL;
-        if (!BIO_get_md_ctx(bmd, &mctx)) {
+        if (BIO_get_md_ctx(bmd, &mctx) <= 0) {
             BIO_printf(bio_err, "Error getting context\n");
             ERR_print_errors(bio_err);
             goto end;

deps/openssl/openssl/apps/s_cb.c

@@ -819,7 +819,9 @@ int generate_stateless_cookie_callback(SSL *ssl, unsigned char *cookie,
 {
     unsigned int temp;
     int res = generate_cookie_callback(ssl, cookie, &temp);
-    *cookie_len = temp;
+
+    if (res != 0)
+        *cookie_len = temp;
     return res;
 }
 

deps/openssl/openssl/apps/s_client.c

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright 2005 Nokia. All rights reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -3151,6 +3151,8 @@ int s_client_main(int argc, char **argv)
 #endif
     OPENSSL_free(connectstr);
     OPENSSL_free(bindstr);
+    OPENSSL_free(bindhost);
+    OPENSSL_free(bindport);
     OPENSSL_free(host);
     OPENSSL_free(port);
     X509_VERIFY_PARAM_free(vpm);

deps/openssl/openssl/apps/s_server.c

@@ -134,12 +134,12 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
     if (s_debug)
         BIO_printf(bio_s_out, "psk_server_cb\n");
 
-    if (SSL_version(ssl) >= TLS1_3_VERSION) {
+    if (!SSL_is_dtls(ssl) && SSL_version(ssl) >= TLS1_3_VERSION) {
         /*
-         * This callback is designed for use in TLSv1.2. It is possible to use
-         * a single callback for all protocol versions - but it is preferred to
-         * use a dedicated callback for TLSv1.3. For TLSv1.3 we have
-         * psk_find_session_cb.
+         * This callback is designed for use in (D)TLSv1.2 (or below). It is
+         * possible to use a single callback for all protocol versions - but it
+         * is preferred to use a dedicated callback for TLSv1.3. For TLSv1.3 we
+         * have psk_find_session_cb.
          */
         return 0;
     }

deps/openssl/openssl/apps/speed.c

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -1590,6 +1590,10 @@ int speed_main(int argc, char **argv)
         case OPT_MULTI:
 #ifndef NO_FORK
             multi = atoi(opt_arg());
+            if (multi >= INT_MAX / (int)sizeof(int)) {
+                BIO_printf(bio_err, "%s: multi argument too large\n", prog);
+                return 0;
+            }
 #endif
             break;
         case OPT_ASYNCJOBS:
@@ -3490,7 +3494,7 @@ static int do_multi(int multi, int size_num)
             close(fd[1]);
             mr = 1;
             usertime = 0;
-            free(fds);
+            OPENSSL_free(fds);
             return 0;
         }
         printf("Forked child %d\n", n);
@@ -3603,7 +3607,7 @@ static int do_multi(int multi, int size_num)
 
         fclose(f);
     }
-    free(fds);
+    OPENSSL_free(fds);
     return 1;
 }
 #endif

deps/openssl/openssl/crypto/armcap.c

@@ -106,20 +106,23 @@ static unsigned long getauxval(unsigned long key)
  * ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas
  * AArch64 used AT_HWCAP.
  */
+# ifndef AT_HWCAP
+#  define AT_HWCAP               16
+# endif
+# ifndef AT_HWCAP2
+#  define AT_HWCAP2              26
+# endif
 # if defined(__arm__) || defined (__arm)
-#  define HWCAP                  16
-                                  /* AT_HWCAP */
+#  define HWCAP                  AT_HWCAP
 #  define HWCAP_NEON             (1 << 12)
 
-#  define HWCAP_CE               26
-                                  /* AT_HWCAP2 */
+#  define HWCAP_CE               AT_HWCAP2
 #  define HWCAP_CE_AES           (1 << 0)
 #  define HWCAP_CE_PMULL         (1 << 1)
 #  define HWCAP_CE_SHA1          (1 << 2)
 #  define HWCAP_CE_SHA256        (1 << 3)
 # elif defined(__aarch64__)
-#  define HWCAP                  16
-                                  /* AT_HWCAP */
+#  define HWCAP                  AT_HWCAP
 #  define HWCAP_NEON             (1 << 1)
 
 #  define HWCAP_CE               HWCAP

deps/openssl/openssl/crypto/asn1/a_print.c

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -18,12 +18,13 @@ int ASN1_PRINTABLE_type(const unsigned char *s, int len)
     int ia5 = 0;
     int t61 = 0;
 
-    if (len <= 0)
-        len = -1;
     if (s == NULL)
         return V_ASN1_PRINTABLESTRING;
 
-    while ((*s) && (len-- != 0)) {
+    if (len < 0)
+        len = strlen((const char *)s);
+
+    while (len-- > 0) {
         c = *(s++);
         if (!ossl_isasn1print(c))
             ia5 = 1;

deps/openssl/openssl/crypto/asn1/asn1_lib.c

@@ -294,7 +294,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len_in)
         c = str->data;
 #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
         /* No NUL terminator in fuzzing builds */
-        str->data = OPENSSL_realloc(c, len);
+        str->data = OPENSSL_realloc(c, len != 0 ? len : 1);
 #else
         str->data = OPENSSL_realloc(c, len + 1);
 #endif
@@ -307,7 +307,11 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len_in)
     str->length = len;
     if (data != NULL) {
         memcpy(str->data, data, len);
-#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+        /* Set the unused byte to something non NUL and printable. */
+        if (len == 0)
+            str->data[len] = '~';
+#else
         /*
          * Add a NUL terminator. This should not be necessary - but we add it as
          * a safety precaution
@@ -375,7 +379,8 @@ int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
 
     i = (a->length - b->length);
     if (i == 0) {
-        i = memcmp(a->data, b->data, a->length);
+        if (a->length != 0)
+            i = memcmp(a->data, b->data, a->length);
         if (i == 0)
             return a->type - b->type;
         else

deps/openssl/openssl/crypto/bio/bss_dgram.c

@@ -1,12 +1,16 @@
 /*
- * Copyright 2005-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
  * in the file LICENSE in the source distribution or at
  * https://www.openssl.org/source/license.html
  */
 
+#ifndef _GNU_SOURCE
+# define _GNU_SOURCE
+#endif
+
 #include <stdio.h>
 #include <errno.h>
 

deps/openssl/openssl/crypto/bio/bss_mem.c

@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -280,7 +280,7 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
         ret = (long)bm->length;
         if (ptr != NULL) {
             pptr = (char **)ptr;
-            *pptr = (char *)&(bm->data[0]);
+            *pptr = (char *)bm->data;
         }
         break;
     case BIO_C_SET_BUF_MEM: