OpenSSL 3.2.1, and some android SDK updates.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@4821 ed5197a5-7fde-0310-b194-c3ffbd925b24

GNUmakefile

@@ -53,8 +53,8 @@ CFLAGS += \
 	-g
 
 ANDROID_BUILD_TOOLS := $(ANDROID_SDK)/build-tools/34.0.0
-ANDROID_PLATFORM := $(ANDROID_SDK)/platforms/android-33
+ANDROID_PLATFORM := $(ANDROID_SDK)/platforms/android-34
-ANDROID_NDK ?= $(ANDROID_SDK)/ndk/26.0.10792818
+ANDROID_NDK ?= $(ANDROID_SDK)/ndk/26.1.10909125
 ANDROID_MIN_SDK_VERSION := 24
 ANDROID_TARGET_SDK_VERSION := 34
 

deps/openssl/android/arm64-v8a/usr/local/include/crypto/aes_platform.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -65,16 +65,16 @@ void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
 #   ifdef VPAES_ASM
 #    define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC)
 #   endif
-#   define HWAES_CAPABLE  (OPENSSL_ppccap_P & PPC_CRYPTO207)
-#   define HWAES_set_encrypt_key aes_p8_set_encrypt_key
-#   define HWAES_set_decrypt_key aes_p8_set_decrypt_key
-#   define HWAES_encrypt aes_p8_encrypt
-#   define HWAES_decrypt aes_p8_decrypt
-#   define HWAES_cbc_encrypt aes_p8_cbc_encrypt
-#   define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
-#   define HWAES_xts_encrypt aes_p8_xts_encrypt
-#   define HWAES_xts_decrypt aes_p8_xts_decrypt
 #   if !defined(OPENSSL_SYS_AIX) && !defined(OPENSSL_SYS_MACOSX)
+#    define HWAES_CAPABLE  (OPENSSL_ppccap_P & PPC_CRYPTO207)
+#    define HWAES_set_encrypt_key aes_p8_set_encrypt_key
+#    define HWAES_set_decrypt_key aes_p8_set_decrypt_key
+#    define HWAES_encrypt aes_p8_encrypt
+#    define HWAES_decrypt aes_p8_decrypt
+#    define HWAES_cbc_encrypt aes_p8_cbc_encrypt
+#    define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
+#    define HWAES_xts_encrypt aes_p8_xts_encrypt
+#    define HWAES_xts_decrypt aes_p8_xts_decrypt
 #    define PPC_AES_GCM_CAPABLE (OPENSSL_ppccap_P & PPC_MADD300)
 #    define AES_GCM_ENC_BYTES 128
 #    define AES_GCM_DEC_BYTES 128

deps/openssl/android/arm64-v8a/usr/local/include/crypto/conferr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy

deps/openssl/android/arm64-v8a/usr/local/include/crypto/x509.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -371,4 +371,21 @@ int ossl_x509_check_private_key(const EVP_PKEY *k, const EVP_PKEY *pkey);
 
 int x509v3_add_len_value_uchar(const char *name, const unsigned char *value,
                                size_t vallen, STACK_OF(CONF_VALUE) **extlist);
+/* Attribute addition functions not checking for duplicate attributes */
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+                                                X509_ATTRIBUTE *attr);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       const ASN1_OBJECT *obj,
+                                                       int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       int nid, int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       const char *attrname,
+                                                       int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
 #endif  /* OSSL_CRYPTO_X509_H */

deps/openssl/android/arm64-v8a/usr/local/include/internal/ktls.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -80,6 +80,12 @@ static ossl_inline int ktls_start(int fd, ktls_crypto_info_t *tls_en, int is_tx)
 #   endif
 }
 
+/* Not supported on FreeBSD */
+static ossl_inline int ktls_enable_tx_zerocopy_sendfile(int fd)
+{
+    return 0;
+}
+
 /*
  * Send a TLS record using the tls_en provided in ktls_start and use
  * record_type instead of the default SSL3_RT_APPLICATION_DATA.

deps/openssl/android/arm64-v8a/usr/local/include/openssl/conferr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -38,6 +38,7 @@
 # define CONF_R_NUMBER_TOO_LARGE                          121
 # define CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION   124
 # define CONF_R_RECURSIVE_DIRECTORY_INCLUDE               111
+# define CONF_R_RECURSIVE_SECTION_REFERENCE               126
 # define CONF_R_RELATIVE_PATH                             125
 # define CONF_R_SSL_COMMAND_SECTION_EMPTY                 117
 # define CONF_R_SSL_COMMAND_SECTION_NOT_FOUND             118

deps/openssl/android/arm64-v8a/usr/local/include/openssl/e_ostime.h

@@ -22,7 +22,15 @@
  */
 
 # if defined(OPENSSL_SYS_WINDOWS)
-#  include <winsock2.h>
+#  if !defined(_WINSOCKAPI_)
+    /*
+     * winsock2.h defines _WINSOCK2API_ and both winsock2.h and winsock.h define
+     * _WINSOCKAPI_. Both of these provide struct timeval. Don't include
+     * winsock2.h if either header has been included to avoid breakage with
+     * applications that prefer to use <winsock.h> over <winsock2.h>.
+     */
+#   include <winsock2.h>
+#  endif
 # else
 #  include <sys/time.h>
 # endif

deps/openssl/android/arm64-v8a/usr/local/include/openssl/opensslv.h

@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  2
-# define OPENSSL_VERSION_PATCH  0
+# define OPENSSL_VERSION_PATCH  1
 
 /*
  * Additional version information
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.2.0"
+# define OPENSSL_VERSION_STR "3.2.1"
-# define OPENSSL_FULL_VERSION_STR "3.2.0"
+# define OPENSSL_FULL_VERSION_STR "3.2.1"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "23 Nov 2023"
+# define OPENSSL_RELEASE_DATE "30 Jan 2024"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.2.0 23 Nov 2023"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.2.1 30 Jan 2024"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE

deps/openssl/android/armeabi-v7a/usr/local/include/crypto/aes_platform.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -65,16 +65,16 @@ void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
 #   ifdef VPAES_ASM
 #    define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC)
 #   endif
-#   define HWAES_CAPABLE  (OPENSSL_ppccap_P & PPC_CRYPTO207)
-#   define HWAES_set_encrypt_key aes_p8_set_encrypt_key
-#   define HWAES_set_decrypt_key aes_p8_set_decrypt_key
-#   define HWAES_encrypt aes_p8_encrypt
-#   define HWAES_decrypt aes_p8_decrypt
-#   define HWAES_cbc_encrypt aes_p8_cbc_encrypt
-#   define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
-#   define HWAES_xts_encrypt aes_p8_xts_encrypt
-#   define HWAES_xts_decrypt aes_p8_xts_decrypt
 #   if !defined(OPENSSL_SYS_AIX) && !defined(OPENSSL_SYS_MACOSX)
+#    define HWAES_CAPABLE  (OPENSSL_ppccap_P & PPC_CRYPTO207)
+#    define HWAES_set_encrypt_key aes_p8_set_encrypt_key
+#    define HWAES_set_decrypt_key aes_p8_set_decrypt_key
+#    define HWAES_encrypt aes_p8_encrypt
+#    define HWAES_decrypt aes_p8_decrypt
+#    define HWAES_cbc_encrypt aes_p8_cbc_encrypt
+#    define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
+#    define HWAES_xts_encrypt aes_p8_xts_encrypt
+#    define HWAES_xts_decrypt aes_p8_xts_decrypt
 #    define PPC_AES_GCM_CAPABLE (OPENSSL_ppccap_P & PPC_MADD300)
 #    define AES_GCM_ENC_BYTES 128
 #    define AES_GCM_DEC_BYTES 128

deps/openssl/android/armeabi-v7a/usr/local/include/crypto/conferr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy

deps/openssl/android/armeabi-v7a/usr/local/include/crypto/x509.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -371,4 +371,21 @@ int ossl_x509_check_private_key(const EVP_PKEY *k, const EVP_PKEY *pkey);
 
 int x509v3_add_len_value_uchar(const char *name, const unsigned char *value,
                                size_t vallen, STACK_OF(CONF_VALUE) **extlist);
+/* Attribute addition functions not checking for duplicate attributes */
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+                                                X509_ATTRIBUTE *attr);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       const ASN1_OBJECT *obj,
+                                                       int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       int nid, int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       const char *attrname,
+                                                       int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
 #endif  /* OSSL_CRYPTO_X509_H */

deps/openssl/android/armeabi-v7a/usr/local/include/internal/ktls.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -80,6 +80,12 @@ static ossl_inline int ktls_start(int fd, ktls_crypto_info_t *tls_en, int is_tx)
 #   endif
 }
 
+/* Not supported on FreeBSD */
+static ossl_inline int ktls_enable_tx_zerocopy_sendfile(int fd)
+{
+    return 0;
+}
+
 /*
  * Send a TLS record using the tls_en provided in ktls_start and use
  * record_type instead of the default SSL3_RT_APPLICATION_DATA.

deps/openssl/android/armeabi-v7a/usr/local/include/openssl/conferr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -38,6 +38,7 @@
 # define CONF_R_NUMBER_TOO_LARGE                          121
 # define CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION   124
 # define CONF_R_RECURSIVE_DIRECTORY_INCLUDE               111
+# define CONF_R_RECURSIVE_SECTION_REFERENCE               126
 # define CONF_R_RELATIVE_PATH                             125
 # define CONF_R_SSL_COMMAND_SECTION_EMPTY                 117
 # define CONF_R_SSL_COMMAND_SECTION_NOT_FOUND             118

deps/openssl/android/armeabi-v7a/usr/local/include/openssl/e_ostime.h

@@ -22,7 +22,15 @@
  */
 
 # if defined(OPENSSL_SYS_WINDOWS)
-#  include <winsock2.h>
+#  if !defined(_WINSOCKAPI_)
+    /*
+     * winsock2.h defines _WINSOCK2API_ and both winsock2.h and winsock.h define
+     * _WINSOCKAPI_. Both of these provide struct timeval. Don't include
+     * winsock2.h if either header has been included to avoid breakage with
+     * applications that prefer to use <winsock.h> over <winsock2.h>.
+     */
+#   include <winsock2.h>
+#  endif
 # else
 #  include <sys/time.h>
 # endif

deps/openssl/android/armeabi-v7a/usr/local/include/openssl/opensslv.h

@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  2
-# define OPENSSL_VERSION_PATCH  0
+# define OPENSSL_VERSION_PATCH  1
 
 /*
  * Additional version information
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.2.0"
+# define OPENSSL_VERSION_STR "3.2.1"
-# define OPENSSL_FULL_VERSION_STR "3.2.0"
+# define OPENSSL_FULL_VERSION_STR "3.2.1"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "23 Nov 2023"
+# define OPENSSL_RELEASE_DATE "30 Jan 2024"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.2.0 23 Nov 2023"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.2.1 30 Jan 2024"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE

deps/openssl/android/x86/usr/local/include/crypto/aes_platform.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -65,16 +65,16 @@ void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
 #   ifdef VPAES_ASM
 #    define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC)
 #   endif
-#   define HWAES_CAPABLE  (OPENSSL_ppccap_P & PPC_CRYPTO207)
-#   define HWAES_set_encrypt_key aes_p8_set_encrypt_key
-#   define HWAES_set_decrypt_key aes_p8_set_decrypt_key
-#   define HWAES_encrypt aes_p8_encrypt
-#   define HWAES_decrypt aes_p8_decrypt
-#   define HWAES_cbc_encrypt aes_p8_cbc_encrypt
-#   define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
-#   define HWAES_xts_encrypt aes_p8_xts_encrypt
-#   define HWAES_xts_decrypt aes_p8_xts_decrypt
 #   if !defined(OPENSSL_SYS_AIX) && !defined(OPENSSL_SYS_MACOSX)
+#    define HWAES_CAPABLE  (OPENSSL_ppccap_P & PPC_CRYPTO207)
+#    define HWAES_set_encrypt_key aes_p8_set_encrypt_key
+#    define HWAES_set_decrypt_key aes_p8_set_decrypt_key
+#    define HWAES_encrypt aes_p8_encrypt
+#    define HWAES_decrypt aes_p8_decrypt
+#    define HWAES_cbc_encrypt aes_p8_cbc_encrypt
+#    define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
+#    define HWAES_xts_encrypt aes_p8_xts_encrypt
+#    define HWAES_xts_decrypt aes_p8_xts_decrypt
 #    define PPC_AES_GCM_CAPABLE (OPENSSL_ppccap_P & PPC_MADD300)
 #    define AES_GCM_ENC_BYTES 128
 #    define AES_GCM_DEC_BYTES 128

deps/openssl/android/x86/usr/local/include/crypto/conferr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy

deps/openssl/android/x86/usr/local/include/crypto/x509.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -371,4 +371,21 @@ int ossl_x509_check_private_key(const EVP_PKEY *k, const EVP_PKEY *pkey);
 
 int x509v3_add_len_value_uchar(const char *name, const unsigned char *value,
                                size_t vallen, STACK_OF(CONF_VALUE) **extlist);
+/* Attribute addition functions not checking for duplicate attributes */
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+                                                X509_ATTRIBUTE *attr);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       const ASN1_OBJECT *obj,
+                                                       int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       int nid, int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       const char *attrname,
+                                                       int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
 #endif  /* OSSL_CRYPTO_X509_H */

deps/openssl/android/x86/usr/local/include/internal/ktls.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -80,6 +80,12 @@ static ossl_inline int ktls_start(int fd, ktls_crypto_info_t *tls_en, int is_tx)
 #   endif
 }
 
+/* Not supported on FreeBSD */
+static ossl_inline int ktls_enable_tx_zerocopy_sendfile(int fd)
+{
+    return 0;
+}
+
 /*
  * Send a TLS record using the tls_en provided in ktls_start and use
  * record_type instead of the default SSL3_RT_APPLICATION_DATA.

deps/openssl/android/x86/usr/local/include/openssl/conferr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -38,6 +38,7 @@
 # define CONF_R_NUMBER_TOO_LARGE                          121
 # define CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION   124
 # define CONF_R_RECURSIVE_DIRECTORY_INCLUDE               111
+# define CONF_R_RECURSIVE_SECTION_REFERENCE               126
 # define CONF_R_RELATIVE_PATH                             125
 # define CONF_R_SSL_COMMAND_SECTION_EMPTY                 117
 # define CONF_R_SSL_COMMAND_SECTION_NOT_FOUND             118

deps/openssl/android/x86/usr/local/include/openssl/e_ostime.h

@@ -22,7 +22,15 @@
  */
 
 # if defined(OPENSSL_SYS_WINDOWS)
-#  include <winsock2.h>
+#  if !defined(_WINSOCKAPI_)
+    /*
+     * winsock2.h defines _WINSOCK2API_ and both winsock2.h and winsock.h define
+     * _WINSOCKAPI_. Both of these provide struct timeval. Don't include
+     * winsock2.h if either header has been included to avoid breakage with
+     * applications that prefer to use <winsock.h> over <winsock2.h>.
+     */
+#   include <winsock2.h>
+#  endif
 # else
 #  include <sys/time.h>
 # endif

deps/openssl/android/x86/usr/local/include/openssl/opensslv.h

@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  2
-# define OPENSSL_VERSION_PATCH  0
+# define OPENSSL_VERSION_PATCH  1
 
 /*
  * Additional version information
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.2.0"
+# define OPENSSL_VERSION_STR "3.2.1"
-# define OPENSSL_FULL_VERSION_STR "3.2.0"
+# define OPENSSL_FULL_VERSION_STR "3.2.1"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "23 Nov 2023"
+# define OPENSSL_RELEASE_DATE "30 Jan 2024"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.2.0 23 Nov 2023"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.2.1 30 Jan 2024"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE

deps/openssl/android/x86_64/usr/local/include/crypto/aes_platform.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -65,16 +65,16 @@ void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
 #   ifdef VPAES_ASM
 #    define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC)
 #   endif
-#   define HWAES_CAPABLE  (OPENSSL_ppccap_P & PPC_CRYPTO207)
-#   define HWAES_set_encrypt_key aes_p8_set_encrypt_key
-#   define HWAES_set_decrypt_key aes_p8_set_decrypt_key
-#   define HWAES_encrypt aes_p8_encrypt
-#   define HWAES_decrypt aes_p8_decrypt
-#   define HWAES_cbc_encrypt aes_p8_cbc_encrypt
-#   define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
-#   define HWAES_xts_encrypt aes_p8_xts_encrypt
-#   define HWAES_xts_decrypt aes_p8_xts_decrypt
 #   if !defined(OPENSSL_SYS_AIX) && !defined(OPENSSL_SYS_MACOSX)
+#    define HWAES_CAPABLE  (OPENSSL_ppccap_P & PPC_CRYPTO207)
+#    define HWAES_set_encrypt_key aes_p8_set_encrypt_key
+#    define HWAES_set_decrypt_key aes_p8_set_decrypt_key
+#    define HWAES_encrypt aes_p8_encrypt
+#    define HWAES_decrypt aes_p8_decrypt
+#    define HWAES_cbc_encrypt aes_p8_cbc_encrypt
+#    define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
+#    define HWAES_xts_encrypt aes_p8_xts_encrypt
+#    define HWAES_xts_decrypt aes_p8_xts_decrypt
 #    define PPC_AES_GCM_CAPABLE (OPENSSL_ppccap_P & PPC_MADD300)
 #    define AES_GCM_ENC_BYTES 128
 #    define AES_GCM_DEC_BYTES 128

deps/openssl/android/x86_64/usr/local/include/crypto/conferr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy

deps/openssl/android/x86_64/usr/local/include/crypto/x509.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -371,4 +371,21 @@ int ossl_x509_check_private_key(const EVP_PKEY *k, const EVP_PKEY *pkey);
 
 int x509v3_add_len_value_uchar(const char *name, const unsigned char *value,
                                size_t vallen, STACK_OF(CONF_VALUE) **extlist);
+/* Attribute addition functions not checking for duplicate attributes */
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+                                                X509_ATTRIBUTE *attr);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       const ASN1_OBJECT *obj,
+                                                       int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       int nid, int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
+STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
+                                                       const char *attrname,
+                                                       int type,
+                                                       const unsigned char *bytes,
+                                                       int len);
 #endif  /* OSSL_CRYPTO_X509_H */

deps/openssl/android/x86_64/usr/local/include/internal/ktls.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -80,6 +80,12 @@ static ossl_inline int ktls_start(int fd, ktls_crypto_info_t *tls_en, int is_tx)
 #   endif
 }
 
+/* Not supported on FreeBSD */
+static ossl_inline int ktls_enable_tx_zerocopy_sendfile(int fd)
+{
+    return 0;
+}
+
 /*
  * Send a TLS record using the tls_en provided in ktls_start and use
  * record_type instead of the default SSL3_RT_APPLICATION_DATA.

deps/openssl/android/x86_64/usr/local/include/openssl/conferr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -38,6 +38,7 @@
 # define CONF_R_NUMBER_TOO_LARGE                          121
 # define CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION   124
 # define CONF_R_RECURSIVE_DIRECTORY_INCLUDE               111
+# define CONF_R_RECURSIVE_SECTION_REFERENCE               126
 # define CONF_R_RELATIVE_PATH                             125
 # define CONF_R_SSL_COMMAND_SECTION_EMPTY                 117
 # define CONF_R_SSL_COMMAND_SECTION_NOT_FOUND             118

deps/openssl/android/x86_64/usr/local/include/openssl/e_ostime.h

@@ -22,7 +22,15 @@
  */
 
 # if defined(OPENSSL_SYS_WINDOWS)
-#  include <winsock2.h>
+#  if !defined(_WINSOCKAPI_)
+    /*
+     * winsock2.h defines _WINSOCK2API_ and both winsock2.h and winsock.h define
+     * _WINSOCKAPI_. Both of these provide struct timeval. Don't include
+     * winsock2.h if either header has been included to avoid breakage with
+     * applications that prefer to use <winsock.h> over <winsock2.h>.
+     */
+#   include <winsock2.h>
+#  endif
 # else
 #  include <sys/time.h>
 # endif

deps/openssl/android/x86_64/usr/local/include/openssl/opensslv.h

@@ -29,7 +29,7 @@ extern "C" {
  */
 # define OPENSSL_VERSION_MAJOR  3
 # define OPENSSL_VERSION_MINOR  2
-# define OPENSSL_VERSION_PATCH  0
+# define OPENSSL_VERSION_PATCH  1
 
 /*
  * Additional version information
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.2.0"
+# define OPENSSL_VERSION_STR "3.2.1"
-# define OPENSSL_FULL_VERSION_STR "3.2.0"
+# define OPENSSL_FULL_VERSION_STR "3.2.1"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "23 Nov 2023"
+# define OPENSSL_RELEASE_DATE "30 Jan 2024"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.2.0 23 Nov 2023"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.2.1 30 Jan 2024"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE

tools/ssl-android

@@ -1,7 +1,9 @@
 #!/bin/sh
 
-ANDROID_NDK=~/Android/Sdk/ndk/23.1.7779620
+if [[ -z $ANDROID_NDK ]]; then
-OPENSSL_VERSION=3.2.0
+	ANDROID_NDK=~/Android/Sdk/ndk/23.1.7779620
+fi
+OPENSSL_VERSION=3.2.1
 
 API_LEVEL=24