openssl/openssl-1.1.1-upstream-sync.patch

diff -up openssl-1.1.1c/crypto/dsa/dsa_ameth.c.sync openssl-1.1.1c/crypto/dsa/dsa_ameth.c
--- openssl-1.1.1c/crypto/dsa/dsa_ameth.c.sync	2019-05-28 15:12:21.000000000 +0200
+++ openssl-1.1.1c/crypto/dsa/dsa_ameth.c	2019-05-29 17:10:39.768187283 +0200
@@ -503,7 +503,7 @@ static int dsa_pkey_ctrl(EVP_PKEY *pkey,
 
     case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
         *(int *)arg2 = NID_sha256;
-        return 2;
+        return 1;
 
     default:
         return -2;
diff -up openssl-1.1.1c/crypto/err/err.c.sync openssl-1.1.1c/crypto/err/err.c
--- openssl-1.1.1c/crypto/err/err.c.sync	2019-05-28 15:12:21.000000000 +0200
+++ openssl-1.1.1c/crypto/err/err.c	2019-05-29 17:07:13.345793792 +0200
@@ -184,8 +184,8 @@ static ERR_STRING_DATA *int_err_get_item
 }
 
 #ifndef OPENSSL_NO_ERR
-/* A measurement on Linux 2018-11-21 showed about 3.5kib */
-# define SPACE_SYS_STR_REASONS 4 * 1024
+/* 2019-05-21: Russian and Ukrainian locales on Linux require more than 6,5 kB */
+# define SPACE_SYS_STR_REASONS 8 * 1024
 # define NUM_SYS_STR_REASONS 127
 
 static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
@@ -219,26 +219,30 @@ static void build_SYS_str_reasons(void)
         ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
 
         str->error = ERR_PACK(ERR_LIB_SYS, 0, i);
-        if (str->string == NULL) {
+        /*
+         * If we have used up all the space in strerror_pool,
+         * there's no point in calling openssl_strerror_r()
+         */
+        if (str->string == NULL && cnt < sizeof(strerror_pool)) {
             if (openssl_strerror_r(i, cur, sizeof(strerror_pool) - cnt)) {
-                size_t l = strlen(cur);
+                size_t l = strlen(cur) + 1;
 
                 str->string = cur;
                 cnt += l;
-                if (cnt > sizeof(strerror_pool))
-                    cnt = sizeof(strerror_pool);
                 cur += l;
 
                 /*
                  * VMS has an unusual quirk of adding spaces at the end of
-                 * some (most? all?) messages.  Lets trim them off.
+                 * some (most? all?) messages. Lets trim them off.
                  */
-                while (ossl_isspace(cur[-1])) {
-                    cur--;
-                    cnt--;
+                if (cur > strerror_pool && ossl_isspace(cur[-1])) {
+                    while (cur > strerror_pool && ossl_isspace(cur[-1])) {
+                        cur--;
+                        cnt--;
+                    }
+                    *cur++ = '\0';
+                    cnt++;
                 }
-                *cur++ = '\0';
-                cnt++;
             }
         }
         if (str->string == NULL)