Update PEM file.
BEGIN\r
DEFPUSHBUTTON "OK",IDOK,133,294,50,14\r
ICON ffftp,-1,7,4,20,20\r
- CTEXT "FFFTP Ver 1.99a-20160927",-1,113,11,90,8\r
+ CTEXT "FFFTP Ver 1.99a-20161113",-1,113,11,90,8\r
CTEXT "FFFTP\82Ífreeware\82Å\82·",-1,7,279,305,8\r
CTEXT "Copyright(C) 1997-2010 Sota & \82²\8b¦\97Í\82¢\82½\82¾\82¢\82½\95û\81X\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, \82¤\82È\81[, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, \82Ó\82¤\82¹\82ñ)",-1,7,25,305,44,SS_NOPREFIX\r
CTEXT "",ABOUT_JRE,7,96,305,8\r
//\r
\r
VS_VERSION_INFO VERSIONINFO\r
- FILEVERSION 1,99,1,7\r
- PRODUCTVERSION 1,99,1,7\r
+ FILEVERSION 1,99,1,8\r
+ PRODUCTVERSION 1,99,1,8\r
FILEFLAGSMASK 0x3fL\r
#ifdef _DEBUG\r
FILEFLAGS 0x1L\r
VALUE "Comments", "\82±\82ê\82Í\83t\83\8a\81[\83\\83t\83g\83E\83G\83A\82Å\82·\81B"\r
VALUE "CompanyName", "Sota, FFFTP Project"\r
VALUE "FileDescription", "FFFTP"\r
- VALUE "FileVersion", "1, 99, 1, 7"\r
+ VALUE "FileVersion", "1, 99, 1, 8"\r
VALUE "InternalName", "FFFTP"\r
VALUE "LegalCopyright", "Copyright (C) 1997-2010 Sota & \82²\8b¦\97Í\82¢\82½\82¾\82¢\82½\95û\81X\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, \82¤\82È\81[, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, \82Ó\82¤\82¹\82ñ)."\r
VALUE "OriginalFilename", "FFFTP.exe"\r
VALUE "ProductName", "FFFTP"\r
- VALUE "ProductVersion", "1, 99, 1, 7"\r
+ VALUE "ProductVersion", "1, 99, 1, 8"\r
END\r
END\r
BLOCK "VarFileInfo"\r
BEGIN\r
DEFPUSHBUTTON "OK",IDOK,132,296,50,14\r
ICON ffftp,-1,7,4,20,20\r
- CTEXT "FFFTP Ver 1.99a-20160927",-1,110,11,90,8\r
+ CTEXT "FFFTP Ver 1.99a-20161113",-1,110,11,90,8\r
CTEXT "FFFTP is freeware",-1,7,281,301,8\r
CTEXT "Copyright(C) 1997-2010 Sota && cooperators\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, unarist, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, Fu-sen)",-1,7,25,301,44\r
CTEXT "",ABOUT_JRE,7,93,301,8\r
//\r
\r
VS_VERSION_INFO VERSIONINFO\r
- FILEVERSION 1,99,1,7\r
- PRODUCTVERSION 1,99,1,7\r
+ FILEVERSION 1,99,1,8\r
+ PRODUCTVERSION 1,99,1,8\r
FILEFLAGSMASK 0x3fL\r
#ifdef _DEBUG\r
FILEFLAGS 0x1L\r
VALUE "Comments", "This software is Free Software"\r
VALUE "CompanyName", "Sota, FFFTP Project"\r
VALUE "FileDescription", "FFFTP"\r
- VALUE "FileVersion", "1, 99, 1, 7"\r
+ VALUE "FileVersion", "1, 99, 1, 8"\r
VALUE "InternalName", "FFFTP"\r
VALUE "LegalCopyright", "Copyright (C) 1997-2010 Sota & cooperators\nCopyright (C) 2011-2016 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto, IWAMOTO Kouichi, vitamin0x, unarist, Asami, fortran90, tomo1192, Yuji Tanaka, Moriguchi Hirokazu, Fu-sen)."\r
VALUE "OriginalFilename", "FFFTP.exe"\r
VALUE "ProductName", "FFFTP"\r
- VALUE "ProductVersion", "1, 99, 1, 7"\r
+ VALUE "ProductVersion", "1, 99, 1, 8"\r
END\r
END\r
BLOCK "VarFileInfo"\r
//#define PROGRAM_VERSION_NUM 1972 /* バージョン */\r
// 64ビット対応\r
#ifdef _WIN64\r
-#define VER_STR "1.99a-20160927 64bit"\r
+#define VER_STR "1.99a-20161113 64bit"\r
#else\r
-#define VER_STR "1.99a-20160927"\r
+#define VER_STR "1.99a-20161113"\r
#endif\r
#define VER_NUM 1990 /* 設定バージョン */\r
#define PROGRAM_VERSION_NUM 1990 /* バージョン */\r
// ソフトウェア自動更新\r
// リリースバージョンはリリース予定年(10進数4桁)+月(2桁)+日(2桁)+通し番号(0スタート2桁)とする\r
// 2014年7月31日中の30個目のリリースは2014073129\r
-#define RELEASE_VERSION_NUM 2016092700 /* リリースバージョン */\r
+#define RELEASE_VERSION_NUM 2016111300 /* リリースバージョン */\r
\r
\r
// SourceForge.JPによるフォーク\r
OpenSSL CHANGES
_______________
+ Changes between 1.1.0b and 1.1.0c [10 Nov 2016]
+
+ *) ChaCha20/Poly1305 heap-buffer-overflow
+
+ TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to
+ a DoS attack by corrupting larger payloads. This can result in an OpenSSL
+ crash. This issue is not considered to be exploitable beyond a DoS.
+
+ This issue was reported to OpenSSL by Robert Święcki (Google Security Team)
+ (CVE-2016-7054)
+ [Richard Levitte]
+
+ *) CMS Null dereference
+
+ Applications parsing invalid CMS structures can crash with a NULL pointer
+ dereference. This is caused by a bug in the handling of the ASN.1 CHOICE
+ type in OpenSSL 1.1.0 which can result in a NULL value being passed to the
+ structure callback if an attempt is made to free certain invalid encodings.
+ Only CHOICE structures using a callback which do not handle NULL value are
+ affected.
+
+ This issue was reported to OpenSSL by Tyler Nighswander of ForAllSecure.
+ (CVE-2016-7053)
+ [Stephen Henson]
+
+ *) Montgomery multiplication may produce incorrect results
+
+ There is a carry propagating bug in the Broadwell-specific Montgomery
+ multiplication procedure that handles input lengths divisible by, but
+ longer than 256 bits. Analysis suggests that attacks against RSA, DSA
+ and DH private keys are impossible. This is because the subroutine in
+ question is not used in operations with the private key itself and an input
+ of the attacker's direct choice. Otherwise the bug can manifest itself as
+ transient authentication and key negotiation failures or reproducible
+ erroneous outcome of public-key operations with specially crafted input.
+ Among EC algorithms only Brainpool P-512 curves are affected and one
+ presumably can attack ECDH key negotiation. Impact was not analyzed in
+ detail, because pre-requisites for attack are considered unlikely. Namely
+ multiple clients have to choose the curve in question and the server has to
+ share the private key among them, neither of which is default behaviour.
+ Even then only clients that chose the curve will be affected.
+
+ This issue was publicly reported as transient failures and was not
+ initially recognized as a security issue. Thanks to Richard Morgan for
+ providing reproducible case.
+ (CVE-2016-7055)
+ [Andy Polyakov]
+
+ *) OpenSSL now fails if it receives an unrecognised record type in TLS1.0
+ or TLS1.1. Previously this only happened in SSLv3 and TLS1.2. This is to
+ prevent issues where no progress is being made and the peer continually
+ sends unrecognised record types, using up resources processing them.
+ [Matt Caswell]
+
+ *) Removed automatic addition of RPATH in shared libraries and executables,
+ as this was a remainder from OpenSSL 1.0.x and isn't needed any more.
+ [Richard Levitte]
+
Changes between 1.1.0a and 1.1.0b [26 Sep 2016]
*) Fix Use After Free for large message sizes
template in Configurations, like unix-Makefile.tmpl or
descrip.mms.tmpl.
+ With this change, the library names were also renamed on Windows
+ and on VMS. They now have names that are closer to the standard
+ on Unix, and include the major version number, and in certain
+ cases, the architecture they are built for. See "Notes on shared
+ libraries" in INSTALL.
+
We rely heavily on the perl module Text::Template.
[Richard Levitte]
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.1.0b and OpenSSL 1.1.0c [10 Nov 2016]
+
+ o ChaCha20/Poly1305 heap-buffer-overflow (CVE-2016-7054)
+ o CMS Null dereference (CVE-2016-7053)
+ o Montgomery multiplication may produce incorrect results (CVE-2016-7055)
+
Major changes between OpenSSL 1.1.0a and OpenSSL 1.1.0b [26 Sep 2016]
o Fix Use After Free for large message sizes (CVE-2016-6309)
- OpenSSL 1.1.0b 26 Sep 2016
+ OpenSSL 1.1.0c 10 Nov 2016
Copyright (c) 1998-2016 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
If you have any problems with OpenSSL then please take the following steps
first:
- - Download the current snapshot from ftp://ftp.openssl.org/snapshot/
+ - Download the latest version from the repository
to see if the problem has already been addressed
- - Remove ASM versions of libraries
+ - Configure with no-asm
- Remove compiler optimisation flags
- If you wish to report a bug then please include the following information in
- any bug report:
+ If you wish to report a bug then please include the following information
+ and create an issue on GitHub:
- OpenSSL version: output of 'openssl version -a'
- Any "Configure" options that you selected during compilation of the
- Problem Description (steps that will reproduce the problem, if known)
- Stack Traceback (if the application dumps core)
- Email the report to:
-
- rt@openssl.org
-
- In order to avoid spam, this is a moderated mailing list, and it might
- take a couple of days for the ticket to show up. (We also scan posts to make
- sure that security disclosures aren't publicly posted by mistake.) Mail
- to this address is recorded in the public RT (request tracker) database
- (see https://www.openssl.org/community/index.html#bugs for details) and
- also forwarded the public openssl-dev mailing list. Confidential mail
- may be sent to openssl-security@openssl.org (PGP key available from the
- key servers).
-
- Please do NOT use this for general assistance or support queries.
Just because something doesn't work the way you expect does not mean it
is necessarily a bug in OpenSSL. Use the openssl-users email list for this type
of query.
- You can also make GitHub pull requests. See the CONTRIBUTING file for more
- details.
-
HOW TO CONTRIBUTE TO OpenSSL
----------------------------
LEGALITIES
----------
- A number of nations, in particular the U.S., restrict the use or export
- of cryptography. If you are potentially subject to such restrictions
- you should seek competent professional legal advice before attempting to
- develop or distribute cryptographic code.
+ A number of nations restrict the use or export of cryptography. If you
+ are potentially subject to such restrictions you should seek competent
+ professional legal advice before attempting to develop or distribute
+ cryptographic code.
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x1010002fL
+# define OPENSSL_VERSION_NUMBER 0x1010003fL
# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0b-fips 26 Sep 2016"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0c-fips 10 Nov 2016"
# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0b 26 Sep 2016"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0c 10 Nov 2016"
# endif
/*-
/* Function codes. */
# define RSA_F_CHECK_PADDING_MD 140
+# define RSA_F_ENCODE_PKCS1 146
# define RSA_F_INT_RSA_VERIFY 145
# define RSA_F_OLD_RSA_PRIV_DECODE 147
# define RSA_F_PKEY_RSA_CTRL 143
# define SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY 358
# define SSL_F_TLS_CONSTRUCT_FINISHED 359
# define SSL_F_TLS_CONSTRUCT_HELLO_REQUEST 373
+# define SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET 428
# define SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE 374
# define SSL_F_TLS_CONSTRUCT_SERVER_DONE 375
# define SSL_F_TLS_CONSTRUCT_SERVER_HELLO 376
##
## Bundle of CA Root Certificates
##
-## Certificate data from Mozilla as of: Wed Sep 14 03:12:05 2016
+## Certificate data from Mozilla as of: Wed Nov 2 04:12:05 2016 GMT
##
## This is a bundle of X.509 certificates of public Certificate Authorities
## (CA). These were automatically extracted from Mozilla's root certificates
## file (certdata.txt). This file can be found in the mozilla source tree:
-## http://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
+## https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
##
## It contains the certificates in PEM format and therefore
## can be directly used with curl / libcurl / php_curl, or with
## an Apache+mod_ssl webserver for SSL client authentication.
## Just configure this file as the SSLCACertificateFile.
##
-## Conversion done with mk-ca-bundle.pl version 1.26.
-## SHA256: 01bbf1ecdd693f554ff4dcbe15880b3e6c33188a956c15ff845d313ca69cfeb8
+## Conversion done with mk-ca-bundle.pl version 1.27.
+## SHA256: 17e2a90c8a5cfd6a675b3475d3d467e1ab1fe0d5397e907b08206182389caa08
##
-----END CERTIFICATE-----
NetLock Arany (Class Gold) Főtanúsítvány
-============================================
+========================================
-----BEGIN CERTIFICATE-----
MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQGEwJIVTERMA8G
A1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610
-----END CERTIFICATE-----
Certinomis - Autorité Racine
-=============================
+============================
-----BEGIN CERTIFICATE-----
MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjETMBEGA1UEChMK
Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAkBgNVBAMMHUNlcnRpbm9taXMg
-----END CERTIFICATE-----
TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
-=========================================================
+====================================================
-----BEGIN CERTIFICATE-----
MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UEBhMCVFIxDzAN
BgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp
-----END CERTIFICATE-----
TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6
-=========================================================
+====================================================
-----BEGIN CERTIFICATE-----
MIIEJjCCAw6gAwIBAgIGfaHyZeyKMA0GCSqGSIb3DQEBCwUAMIGxMQswCQYDVQQGEwJUUjEPMA0G
A1UEBwwGQW5rYXJhMU0wSwYDVQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmls
BBf6Fek9LykBl7+BFjNAk2z8+e2AcG+qj9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta
3U1fJAuwACEl74+nBCZx4nxp5V2a+EEfOzmTk51V6s2N8fvB
-----END CERTIFICATE-----
+
+ISRG Root X1
+============
+-----BEGIN CERTIFICATE-----
+MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UE
+BhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQD
+EwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQG
+EwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMT
+DElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54r
+Vygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj1
+3Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8K
+b4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCN
+Aymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ
+4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf
+1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFu
+hjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQH
+usEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/r
+OPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4G
+A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY
+9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
+ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV
+0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwt
+hDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJw
+TdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nx
+e5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZA
+JzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahD
+YVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9n
+JEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJ
+m+kXQ99b21/+jh5Xos1AnX5iItreGCc=
+-----END CERTIFICATE-----
--- /dev/null
+// ファイルハッシュ一覧\r
+// 同梱するファイルに合わせてハッシュ値を変更すること\r
+\r
+// ssl.pem\r
+#define FILEHASH_SSL_PEM_SHA1 "\x75\x32\x98\x3C\xD9\xC7\xB7\xC0\x50\xEF\xB5\x02\xF0\xDE\x28\x7C\x49\x5B\x8B\x77"\r
+#if defined(_M_IX86)\r
+// libeay32.dll\r
+#define FILEHASH_LIBEAY32_DLL_SHA1 "\x55\x6F\xFE\x92\xDB\xA8\x78\x38\xE7\x90\xDA\xB8\x94\x37\x58\x5C\xD6\x38\x6F\x7D"\r
+// ssleay32.dll\r
+#define FILEHASH_SSLEAY32_DLL_SHA1 "\x3C\x0F\x7F\x89\xC8\x91\xF9\x0F\x8F\xA9\x27\x16\xC6\x64\xEA\x00\x34\xC8\x39\xDF"\r
+#elif defined(_M_AMD64)\r
+// libeay32.dll\r
+#define FILEHASH_LIBEAY32_DLL_SHA1 "\x26\x5F\xCF\x35\x83\x37\x28\xA4\x31\xB0\xD0\x85\x3A\xF1\x33\x17\x98\x2B\xEB\x83"\r
+// ssleay32.dll\r
+#define FILEHASH_SSLEAY32_DLL_SHA1 "\xB0\x05\xB2\x4D\x64\x76\x1B\xE7\x31\xED\xB7\x03\xB7\xE1\x5C\xEB\x74\xC2\xE6\xFC"\r
+#endif\r
+\r
#undef __MBSWRAPPER_H__\r
#include "mbswrapper.h"\r
\r
+// 暗号化通信対応\r
+#include "filehash.h"\r
+\r
\r
#define RESIZE_OFF 0 /* ウインドウの区切り位置変更していない */\r
#define RESIZE_ON 1 /* ウインドウの区切り位置変更中 */\r
// sha.cはビッグエンディアンのため\r
for(i = 0; i < 5; i++)\r
Hash[i] = _byteswap_ulong(Hash[i]);\r
- // 同梱する"ssl.pem"に合わせてSHA1ハッシュ値を変更すること\r
- if(memcmp(&Hash, &SSLRootCAFileHash, 20) == 0 || memcmp(&Hash, "\x73\xB7\x54\x80\xEE\x1C\x4C\x66\x1C\x57\xD2\x0B\xDF\x85\xAD\x11\x69\xAF\x14\x8B", 20) == 0\r
+ if(memcmp(&Hash, &SSLRootCAFileHash, 20) == 0 || memcmp(&Hash, FILEHASH_SSL_PEM_SHA1, 20) == 0\r
|| DialogBox(GetFtpInst(), MAKEINTRESOURCE(updatesslroot_dlg), GetMainHwnd(), ExeEscDialogProc) == YES)\r
{\r
memcpy(&SSLRootCAFileHash, &Hash, 20);\r
#include "protectprocess.h"\r
#include "mbswrapper.h"\r
#include "punycode.h"\r
+#include "filehash.h"\r
\r
// FTPS対応\r
\r
if(g_bOpenSSLLoaded)\r
return FALSE;\r
#ifdef ENABLE_PROCESS_PROTECTION\r
- // 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること\r
-#if defined(_M_IX86)\r
// ssleay32.dll 1.1.0b\r
- RegisterTrustedModuleSHA1Hash("\x62\xF4\x7E\xA1\xD9\x24\xE5\xCF\xA7\xBE\x04\xD9\x55\x89\xA6\xF8\x96\x62\x43\xAD");\r
+ RegisterTrustedModuleSHA1Hash(FILEHASH_SSLEAY32_DLL_SHA1);\r
// libeay32.dll 1.1.0b\r
- RegisterTrustedModuleSHA1Hash("\xB7\x63\x47\x26\x24\xE7\x99\x68\xC7\x46\xAD\x59\xBD\xAF\xD0\x44\x86\x35\xB4\x27");\r
-#elif defined(_M_AMD64)\r
- // ssleay32.dll 1.1.0b\r
- RegisterTrustedModuleSHA1Hash("\x10\xCD\x83\x06\x6F\xBE\x4D\x58\xE3\x0B\x2C\xF0\xA1\x13\x1B\xA2\x55\xB0\x6D\xE1");\r
- // libeay32.dll 1.1.0b\r
- RegisterTrustedModuleSHA1Hash("\x4F\x8E\xFB\xF6\x10\x50\x62\xA0\xB4\xF3\x28\x08\x10\x63\x67\x9E\xFD\xBE\xAC\x17");\r
-#endif\r
+ RegisterTrustedModuleSHA1Hash(FILEHASH_LIBEAY32_DLL_SHA1);\r
#endif\r
g_hOpenSSL = LoadLibrary("ssleay32.dll");\r
// バージョン固定のためlibssl32.dllの読み込みは脆弱性の原因になり得るので廃止\r
OSDN Git Service
