Update to latest BearSSL (#6337)

earlephilhower · web-flow · commit 4e7f5afc5438 · 2019-07-23T22:05:47.000-07:00
Fix a buffer overflow error in private key decoding. https://bearssl.org/gitweb/?p=BearSSL;a=commit;h=b715b43e411dc5d5949df6f75ef7bb65952db11c
diff --git a/tools/sdk/include/bearssl/bearssl_git.h b/tools/sdk/include/bearssl/bearssl_git.h
@@ -1,2 +1,2 @@
 // Do not edit -- Automatically generated by tools/sdk/ssl/bearssl/Makefile
-#define BEARSSL_GIT 9247320
+#define BEARSSL_GIT 89454af
diff --git a/tools/sdk/include/bearssl/bearssl_ssl.h b/tools/sdk/include/bearssl/bearssl_ssl.h
@@ -1251,8 +1251,8 @@ static inline void
 br_ssl_engine_set_versions(br_ssl_engine_context *cc,
 	unsigned version_min, unsigned version_max)
 {
-	cc->version_min = version_min;
-	cc->version_max = version_max;
+	cc->version_min = (uint16_t)version_min;
+	cc->version_max = (uint16_t)version_max;
 }
 
 /**
@@ -1325,7 +1325,7 @@ br_ssl_engine_set_protocol_names(br_ssl_engine_context *ctx,
 	const char **names, size_t num)
 {
 	ctx->protocol_names = names;
-	ctx->protocol_names_num = num;
+	ctx->protocol_names_num = (uint16_t)num;
 }
 
 /**
diff --git a/tools/sdk/lib/libbearssl.a b/tools/sdk/lib/libbearssl.a
diff --git a/tools/sdk/ssl/bearssl b/tools/sdk/ssl/bearssl
@@ -1 +1 @@
-Subproject commit 924732095f12fe01e0b0b6cb6b4e8a6756f98837
+Subproject commit 89454af34e3e61ddfc9837f3da5a0bc8ed44c3aa

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,2 @@`
`1`	`1`	`// Do not edit -- Automatically generated by tools/sdk/ssl/bearssl/Makefile`
`2`		`-#define BEARSSL_GIT 9247320`
	`2`	`+#define BEARSSL_GIT 89454af`
Original file line number	Diff line number	Diff line change
`@@ -1251,8 +1251,8 @@ static inline void`
`1251`	`1251`	`br_ssl_engine_set_versions(br_ssl_engine_context *cc,`
`1252`	`1252`	`unsigned version_min, unsigned version_max)`
`1253`	`1253`	`{`
`1254`		`- cc->version_min = version_min;`
`1255`		`- cc->version_max = version_max;`
	`1254`	`+ cc->version_min = (uint16_t)version_min;`
	`1255`	`+ cc->version_max = (uint16_t)version_max;`
`1256`	`1256`	`}`
`1257`	`1257`
`1258`	`1258`	`/**`
`@@ -1325,7 +1325,7 @@ br_ssl_engine_set_protocol_names(br_ssl_engine_context *ctx,`
`1325`	`1325`	`const char **names, size_t num)`
`1326`	`1326`	`{`
`1327`	`1327`	`ctx->protocol_names = names;`
`1328`		`- ctx->protocol_names_num = num;`
	`1328`	`+ ctx->protocol_names_num = (uint16_t)num;`
`1329`	`1329`	`}`
`1330`	`1330`
`1331`	`1331`	`/**`