Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssl/dist import of OpenSSL 1.0.2k
details: https://anonhg.NetBSD.org/src/rev/de61856e9fdb
branches: trunk
changeset: 821194:de61856e9fdb
user: spz <spz%NetBSD.org@localhost>
date: Fri Jan 27 22:53:49 2017 +0000
description:
import of OpenSSL 1.0.2k
Upstream changelog:
Changes between 1.0.2j and 1.0.2k [26 Jan 2017]
*) Truncated packet could crash via OOB read
If one side of an SSL/TLS path is running on a 32-bit host and a specific
cipher is being used, then a truncated packet can cause that host to
perform an out-of-bounds read, usually resulting in a crash.
This issue was reported to OpenSSL by Robert ?wi?cki of Google.
(CVE-2017-3731)
[Andy Polyakov]
*) BN_mod_exp may produce incorrect results on x86_64
There is a carry propagating bug in the x86_64 Montgomery squaring
procedure. No EC algorithms are affected. Analysis suggests that attacks
against RSA and DSA as a result of this defect would be very difficult to
perform and are not believed likely. Attacks against DH are considered just
feasible (although very difficult) because most of the work necessary to
deduce information about a private key may be performed offline. The amount
of resources required for such an attack would be very significant and
likely only accessible to a limited number of attackers. An attacker would
additionally need online access to an unpatched system using the target
private key in a scenario with persistent DH parameters and a private
key that is shared between multiple clients. For example this can occur by
default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very
similar to CVE-2015-3193 but must be treated as a separate problem.
This issue was reported to OpenSSL by the OSS-Fuzz project.
(CVE-2017-3732)
[Andy Polyakov]
*) Montgomery multiplication may produce incorrect results
There is a carry propagating bug in the Broadwell-specific Montgomery
multiplication procedure that handles input lengths divisible by, but
longer than 256 bits. Analysis suggests that attacks against RSA, DSA
and DH private keys are impossible. This is because the subroutine in
question is not used in operations with the private key itself and an input
of the attacker's direct choice. Otherwise the bug can manifest itself as
transient authentication and key negotiation failures or reproducible
erroneous outcome of public-key operations with specially crafted input.
Among EC algorithms only Brainpool P-512 curves are affected and one
presumably can attack ECDH key negotiation. Impact was not analyzed in
detail, because pre-requisites for attack are considered unlikely. Namely
multiple clients have to choose the curve in question and the server has to
share the private key among them, neither of which is default behaviour.
Even then only clients that chose the curve will be affected.
This issue was publicly reported as transient failures and was not
initially recognized as a security issue. Thanks to Richard Morgan for
providing reproducible case.
(CVE-2016-7055)
[Andy Polyakov]
*) OpenSSL now fails if it receives an unrecognised record type in TLS1.0
or TLS1.1. Previously this only happened in SSLv3 and TLS1.2. This is to
prevent issues where no progress is being made and the peer continually
sends unrecognised record types, using up resources processing them.
[Matt Caswell]
diffstat:
crypto/external/bsd/openssl/dist/CONTRIBUTING | 55 ++-----
crypto/external/bsd/openssl/dist/INSTALL | 65 +++++----
crypto/external/bsd/openssl/dist/Makefile.org | 3 +-
crypto/external/bsd/openssl/dist/apps/apps.c | 21 ++-
crypto/external/bsd/openssl/dist/apps/apps.h | 4 +-
crypto/external/bsd/openssl/dist/apps/cms.c | 5 +-
crypto/external/bsd/openssl/dist/apps/dgst.c | 1 +
crypto/external/bsd/openssl/dist/apps/dh.c | 6 -
crypto/external/bsd/openssl/dist/apps/dhparam.c | 8 +-
crypto/external/bsd/openssl/dist/apps/dsa.c | 7 +-
crypto/external/bsd/openssl/dist/apps/dsaparam.c | 8 +-
crypto/external/bsd/openssl/dist/apps/ec.c | 6 +-
crypto/external/bsd/openssl/dist/apps/ecparam.c | 10 +-
crypto/external/bsd/openssl/dist/apps/enc.c | 8 +-
crypto/external/bsd/openssl/dist/apps/gendh.c | 4 -
crypto/external/bsd/openssl/dist/apps/gendsa.c | 8 +-
crypto/external/bsd/openssl/dist/apps/genpkey.c | 2 +-
crypto/external/bsd/openssl/dist/apps/genrsa.c | 7 +-
crypto/external/bsd/openssl/dist/apps/pkcs12.c | 7 +-
crypto/external/bsd/openssl/dist/apps/pkcs7.c | 8 +-
crypto/external/bsd/openssl/dist/apps/pkcs8.c | 5 +-
crypto/external/bsd/openssl/dist/apps/pkey.c | 5 +-
crypto/external/bsd/openssl/dist/apps/pkeyparam.c | 8 +-
crypto/external/bsd/openssl/dist/apps/pkeyutl.c | 1 +
crypto/external/bsd/openssl/dist/apps/prime.c | 12 +-
crypto/external/bsd/openssl/dist/apps/rand.c | 8 +-
crypto/external/bsd/openssl/dist/apps/req.c | 5 +-
crypto/external/bsd/openssl/dist/apps/rsa.c | 5 +-
crypto/external/bsd/openssl/dist/apps/rsautl.c | 5 +-
crypto/external/bsd/openssl/dist/apps/s_cb.c | 4 +-
crypto/external/bsd/openssl/dist/apps/smime.c | 5 +-
crypto/external/bsd/openssl/dist/apps/spkac.c | 5 +-
crypto/external/bsd/openssl/dist/apps/srp.c | 8 +-
crypto/external/bsd/openssl/dist/apps/verify.c | 5 +-
crypto/external/bsd/openssl/dist/apps/x509.c | 5 +-
crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-s390x.pl | 8 +-
crypto/external/bsd/openssl/dist/crypto/asn1/p5_pbev2.c | 8 +-
crypto/external/bsd/openssl/dist/crypto/asn1/x_crl.c | 3 +-
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-mont.pl | 5 +-
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-mont5.pl | 16 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_mul.c | 5 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_prime.c | 3 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_sqr.c | 5 +-
crypto/external/bsd/openssl/dist/crypto/cms/cms_kari.c | 5 +-
crypto/external/bsd/openssl/dist/crypto/dh/dh_key.c | 2 +
crypto/external/bsd/openssl/dist/crypto/dsa/dsa_pmeth.c | 2 +-
crypto/external/bsd/openssl/dist/crypto/ecdh/ech_ossl.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/err/err.c | 3 +
crypto/external/bsd/openssl/dist/crypto/evp/e_rc4_hmac_md5.c | 2 +
crypto/external/bsd/openssl/dist/crypto/evp/evp.h | 6 +-
crypto/external/bsd/openssl/dist/crypto/evp/evp_err.c | 3 +-
crypto/external/bsd/openssl/dist/crypto/evp/pmeth_fn.c | 30 ++--
crypto/external/bsd/openssl/dist/crypto/evp/pmeth_lib.c | 28 +----
crypto/external/bsd/openssl/dist/crypto/modes/ctr128.c | 2 +-
crypto/external/bsd/openssl/dist/crypto/perlasm/x86_64-xlate.pl | 11 +-
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c | 3 +-
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_pmeth.c | 4 +
crypto/external/bsd/openssl/dist/crypto/s390xcap.c | 1 +
crypto/external/bsd/openssl/dist/demos/easy_tls/easy-tls.c | 1 +
crypto/external/bsd/openssl/dist/doc/apps/ocsp.pod | 9 +
crypto/external/bsd/openssl/dist/doc/crypto/EVP_DigestSignInit.pod | 2 +-
crypto/external/bsd/openssl/dist/doc/crypto/RSA_generate_key.pod | 2 +-
crypto/external/bsd/openssl/dist/doc/crypto/X509_NAME_get_index_by_NID.pod | 3 +-
crypto/external/bsd/openssl/dist/doc/crypto/X509_NAME_print_ex.pod | 8 +-
crypto/external/bsd/openssl/dist/doc/ssl/SSL_CTX_set_session_cache_mode.pod | 2 +-
crypto/external/bsd/openssl/dist/doc/ssl/SSL_get_error.pod | 22 +-
crypto/external/bsd/openssl/dist/doc/ssl/SSL_read.pod | 34 ++--
crypto/external/bsd/openssl/dist/doc/ssl/SSL_write.pod | 19 +-
crypto/external/bsd/openssl/dist/engines/ccgost/Makefile | 2 +-
crypto/external/bsd/openssl/dist/ssl/bad_dtls_test.c | 5 +-
crypto/external/bsd/openssl/dist/ssl/s23_pkt.c | 12 +-
crypto/external/bsd/openssl/dist/ssl/s2_pkt.c | 10 +-
crypto/external/bsd/openssl/dist/ssl/ssl_cert.c | 4 +-
crypto/external/bsd/openssl/dist/util/domd | 11 +-
crypto/external/bsd/openssl/dist/util/mklink.pl | 8 +-
75 files changed, 304 insertions(+), 338 deletions(-)
diffs (truncated from 2077 to 300 lines):
diff -r 576ac4cd1997 -r de61856e9fdb crypto/external/bsd/openssl/dist/CONTRIBUTING
--- a/crypto/external/bsd/openssl/dist/CONTRIBUTING Fri Jan 27 21:35:38 2017 +0000
+++ b/crypto/external/bsd/openssl/dist/CONTRIBUTING Fri Jan 27 22:53:49 2017 +0000
@@ -1,4 +1,4 @@
-HOW TO CONTRIBUTE TO PATCHES OpenSSL
+HOW TO CONTRIBUTE PATCHES TO OpenSSL
------------------------------------
(Please visit https://www.openssl.org/community/getting-started.html for
@@ -11,34 +11,12 @@
list first. Someone may be already working on the same thing or there
may be a good reason as to why that feature isn't implemented.
-The best way to submit a patch is to make a pull request on GitHub.
-(It is not necessary to send mail to rt%openssl.org@localhost to open a ticket!)
-If you think the patch could use feedback from the community, please
-start a thread on openssl-dev.
-
-You can also submit patches by sending it as mail to rt%openssl.org@localhost.
-Please include the word "PATCH" and an explanation of what the patch
-does in the subject line. If you do this, our preferred format is "git
-format-patch" output. For example to provide a patch file containing the
-last commit in your local git repository use the following command:
-
- % git format-patch --stdout HEAD^ >mydiffs.patch
+To submit a patch, make a pull request on GitHub. If you think the patch
+could use feedback from the community, please start a thread on openssl-dev
+to discuss it.
-Another method of creating an acceptable patch file without using git is as
-follows:
-
- % cd openssl-work
- ...make your changes...
- % ./Configure dist; make clean
- % cd ..
- % diff -ur openssl-orig openssl-work >mydiffs.patch
-
-Note that pull requests are generally easier for the team, and community, to
-work with. Pull requests benefit from all of the standard GitHub features,
-including code review tools, simpler integration, and CI build support.
-
-No matter how a patch is submitted, the following items will help make
-the acceptance and review process faster:
+Having addressed the following items before the PR will help make the
+acceptance and review process faster:
1. Anything other than trivial contributions will require a contributor
licensing agreement, giving us permission to use your code. See
@@ -55,21 +33,22 @@
in the file LICENSE in the source distribution or at
https://www.openssl.org/source/license.html
- 3. Patches should be as current as possible. When using GitHub, please
- expect to have to rebase and update often. Note that we do not accept merge
- commits. You will be asked to remove them before a patch is considered
- acceptable.
+ 3. Patches should be as current as possible; expect to have to rebase
+ often. We do not accept merge commits; You will be asked to remove
+ them before a patch is considered acceptable.
4. Patches should follow our coding style (see
https://www.openssl.org/policies/codingstyle.html) and compile without
warnings. Where gcc or clang is availble you should use the
--strict-warnings Configure option. OpenSSL compiles on many varied
platforms: try to ensure you only use portable features.
+ Clean builds via Travis and AppVeyor are expected, and done whenever
+ a PR is created or updated.
- 5. When at all possible, patches should include tests. These can either be
- added to an existing test, or completely new. Please see test/README
- for information on the test framework.
+ 5. When at all possible, patches should include tests. These can
+ either be added to an existing test, or completely new. Please see
+ test/README for information on the test framework.
- 6. New features or changed functionality must include documentation. Please
- look at the "pod" files in doc/apps, doc/crypto and doc/ssl for examples of
- our style.
+ 6. New features or changed functionality must include
+ documentation. Please look at the "pod" files in doc/apps, doc/crypto
+ and doc/ssl for examples of our style.
diff -r 576ac4cd1997 -r de61856e9fdb crypto/external/bsd/openssl/dist/INSTALL
--- a/crypto/external/bsd/openssl/dist/INSTALL Fri Jan 27 21:35:38 2017 +0000
+++ b/crypto/external/bsd/openssl/dist/INSTALL Fri Jan 27 22:53:49 2017 +0000
@@ -74,24 +74,26 @@
no-asm Do not use assembler code.
- 386 Use the 80386 instruction set only (the default x86 code is
- more efficient, but requires at least a 486). Note: Use
- compiler flags for any other CPU specific configuration,
- e.g. "-m32" to build x86 code on an x64 system.
+ 386 In 32-bit x86 builds, when generating assembly modules,
+ use the 80386 instruction set only (the default x86 code
+ is more efficient, but requires at least a 486). Note:
+ This doesn't affect code generated by compiler, you're
+ likely to complement configuration command line with
+ suitable compiler-specific option.
- no-sse2 Exclude SSE2 code pathes. Normally SSE2 extention is
- detected at run-time, but the decision whether or not the
- machine code will be executed is taken solely on CPU
- capability vector. This means that if you happen to run OS
- kernel which does not support SSE2 extension on Intel P4
- processor, then your application might be exposed to
- "illegal instruction" exception. There might be a way
- to enable support in kernel, e.g. FreeBSD kernel can be
- compiled with CPU_ENABLE_SSE, and there is a way to
- disengage SSE2 code pathes upon application start-up,
- but if you aim for wider "audience" running such kernel,
- consider no-sse2. Both 386 and no-asm options above imply
- no-sse2.
+ no-sse2 Exclude SSE2 code paths from 32-bit x86 assembly modules.
+ Normally SSE2 extension is detected at run-time, but the
+ decision whether or not the machine code will be executed
+ is taken solely on CPU capability vector. This means that
+ if you happen to run OS kernel which does not support SSE2
+ extension on Intel P4 processor, then your application
+ might be exposed to "illegal instruction" exception.
+ There might be a way to enable support in kernel, e.g.
+ FreeBSD kernel can be compiled with CPU_ENABLE_SSE, and
+ there is a way to disengage SSE2 code paths upon application
+ start-up, but if you aim for wider "audience" running
+ such kernel, consider no-sse2. Both the 386 and
+ no-asm options imply no-sse2.
no-<cipher> Build without the specified cipher (bf, cast, des, dh, dsa,
hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
@@ -101,7 +103,12 @@
-Dxxx, -lxxx, -Lxxx, -fxxx, -mXXX, -Kxxx These system specific options will
be passed through to the compiler to allow you to
define preprocessor symbols, specify additional libraries,
- library directories or other compiler options.
+ library directories or other compiler options. It might be
+ worth noting that some compilers generate code specifically
+ for processor the compiler currently executes on. This is
+ not necessarily what you might have in mind, since it might
+ be unsuitable for execution on other, typically older,
+ processor. Consult your compiler documentation.
-DHAVE_CRYPTODEV Enable the BSD cryptodev engine even if we are not using
BSD. Useful if you are running ocf-linux or something
@@ -159,18 +166,18 @@
OpenSSL binary ("openssl"). The libraries will be built in the top-level
directory, and the binary will be in the "apps" directory.
- If "make" fails, look at the output. There may be reasons for
- the failure that aren't problems in OpenSSL itself (like missing
- standard headers). If it is a problem with OpenSSL itself, please
- report the problem to <openssl-bugs%openssl.org@localhost> (note that your
- message will be recorded in the request tracker publicly readable
- at https://www.openssl.org/community/index.html#bugs and will be
- forwarded to a public mailing list). Include the output of "make
- report" in your message. Please check out the request tracker. Maybe
- the bug was already reported or has already been fixed.
+ If the build fails, look at the output. There may be reasons
+ for the failure that aren't problems in OpenSSL itself (like
+ missing standard headers). If you are having problems you can
+ get help by sending an email to the openssl-users email list (see
+ https://www.openssl.org/community/mailinglists.html for details). If
+ it is a bug with OpenSSL itself, please open an issue on GitHub, at
+ https://github.com/openssl/openssl/issues. Please review the existing
+ ones first; maybe the bug was already reported or has already been
+ fixed.
- [If you encounter assembler error messages, try the "no-asm"
- configuration option as an immediate fix.]
+ (If you encounter assembler error messages, try the "no-asm"
+ configuration option as an immediate fix.)
Compiling parts of OpenSSL with gcc and others with the system
compiler will result in unresolved symbols on some systems.
diff -r 576ac4cd1997 -r de61856e9fdb crypto/external/bsd/openssl/dist/Makefile.org
--- a/crypto/external/bsd/openssl/dist/Makefile.org Fri Jan 27 21:35:38 2017 +0000
+++ b/crypto/external/bsd/openssl/dist/Makefile.org Fri Jan 27 22:53:49 2017 +0000
@@ -201,7 +201,8 @@
$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
$${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
- $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+ $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS} \
+ $${APPS+APPS}
# LC_ALL=C ensures that error [and other] messages are delivered in
# same language for uniform treatment.
diff -r 576ac4cd1997 -r de61856e9fdb crypto/external/bsd/openssl/dist/apps/apps.c
--- a/crypto/external/bsd/openssl/dist/apps/apps.c Fri Jan 27 21:35:38 2017 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/apps.c Fri Jan 27 22:53:49 2017 +0000
@@ -972,7 +972,10 @@
if (!e)
BIO_printf(err, "no engine specified\n");
else {
- pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data);
+ if (ENGINE_init(e)) {
+ pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data);
+ ENGINE_finish(e);
+ }
if (!pkey) {
BIO_printf(err, "cannot load %s from engine\n", key_descrip);
ERR_print_errors(err);
@@ -1532,11 +1535,13 @@
}
return e;
}
+#endif
ENGINE *setup_engine(BIO *err, const char *engine, int debug)
{
ENGINE *e = NULL;
+#ifndef OPENSSL_NO_ENGINE
if (engine) {
if (strcmp(engine, "auto") == 0) {
BIO_printf(err, "enabling auto ENGINE support\n");
@@ -1561,13 +1566,19 @@
}
BIO_printf(err, "engine \"%s\" set.\n", ENGINE_get_id(e));
-
+ }
+#endif
+ return e;
+}
+
+void release_engine(ENGINE *e)
+{
+#ifndef OPENSSL_NO_ENGINE
+ if (e != NULL)
/* Free our "structural" reference. */
ENGINE_free(e);
- }
- return e;
+#endif
}
-#endif
int load_config(BIO *err, CONF *cnf)
{
diff -r 576ac4cd1997 -r de61856e9fdb crypto/external/bsd/openssl/dist/apps/apps.h
--- a/crypto/external/bsd/openssl/dist/apps/apps.h Fri Jan 27 21:35:38 2017 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/apps.h Fri Jan 27 22:53:49 2017 +0000
@@ -259,9 +259,9 @@
const char *pass, ENGINE *e,
const char *cert_descrip);
X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
-# ifndef OPENSSL_NO_ENGINE
+
ENGINE *setup_engine(BIO *err, const char *engine, int debug);
-# endif
+void release_engine(ENGINE *e);
# ifndef OPENSSL_NO_OCSP
OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
diff -r 576ac4cd1997 -r de61856e9fdb crypto/external/bsd/openssl/dist/apps/cms.c
--- a/crypto/external/bsd/openssl/dist/apps/cms.c Fri Jan 27 21:35:38 2017 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/cms.c Fri Jan 27 22:53:49 2017 +0000
@@ -143,9 +143,7 @@
const EVP_MD *sign_md = NULL;
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
int rctformat = FORMAT_SMIME, keyform = FORMAT_PEM;
-# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
-# endif
unsigned char *secret_key = NULL, *secret_keyid = NULL;
unsigned char *pwri_pass = NULL, *pwri_tmp = NULL;
size_t secret_keylen = 0, secret_keyidlen = 0;
@@ -665,9 +663,7 @@
"cert.pem recipient certificate(s) for encryption\n");
goto end;
}
-# ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
-# endif
if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
@@ -1170,6 +1166,7 @@
EVP_PKEY_free(key);
CMS_ContentInfo_free(cms);
CMS_ContentInfo_free(rcms);
+ release_engine(e);
BIO_free(rctin);
BIO_free(in);
BIO_free(indata);
diff -r 576ac4cd1997 -r de61856e9fdb crypto/external/bsd/openssl/dist/apps/dgst.c
--- a/crypto/external/bsd/openssl/dist/apps/dgst.c Fri Jan 27 21:35:38 2017 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/dgst.c Fri Jan 27 22:53:49 2017 +0000
@@ -537,6 +537,7 @@
OPENSSL_free(sigbuf);
if (bmd != NULL)
BIO_free(bmd);
+ release_engine(e);
apps_shutdown();
OPENSSL_EXIT(err);
}
diff -r 576ac4cd1997 -r de61856e9fdb crypto/external/bsd/openssl/dist/apps/dh.c
--- a/crypto/external/bsd/openssl/dist/apps/dh.c Fri Jan 27 21:35:38 2017 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/dh.c Fri Jan 27 22:53:49 2017 +0000
@@ -94,9 +94,7 @@
Home |
Main Index |
Thread Index |
Old Index