Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssl/dist Import OpenSSL-1.1.1n secur...
details: https://anonhg.NetBSD.org/src/rev/464dade28043
branches: trunk
changeset: 363919:464dade28043
user: christos <christos%NetBSD.org@localhost>
date: Tue Mar 15 20:47:08 2022 +0000
description:
Import OpenSSL-1.1.1n security fix
Changes between 1.1.1m and 1.1.1n [15 Mar 2022]
*) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
for non-prime moduli.
Internally this function is used when parsing certificates that contain
elliptic curve public keys in compressed form or explicit elliptic curve
parameters with a base point encoded in compressed form.
It is possible to trigger the infinite loop by crafting a certificate that
has invalid explicit curve parameters.
Since certificate parsing happens prior to verification of the certificate
signature, any process that parses an externally supplied certificate may
thus be subject to a denial of service attack. The infinite loop can also
be reached when parsing crafted private keys as they can contain explicit
elliptic curve parameters.
Thus vulnerable situations include:
- TLS clients consuming server certificates
- TLS servers consuming client certificates
- Hosting providers taking certificates or private keys from customers
- Certificate authorities parsing certification requests from subscribers
- Anything else which parses ASN.1 elliptic curve parameters
Also any other applications that use the BN_mod_sqrt() where the attacker
can control the parameter values are vulnerable to this DoS issue.
(CVE-2022-0778)
[Tomáš Mráz]
*) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489)
to the list of ciphersuites providing Perfect Forward Secrecy as
required by SECLEVEL >= 3.
[Dmitry Belyavskiy, Nicola Tuveri]
diffstat:
crypto/external/bsd/openssl/dist/Configurations/10-main.conf | 9 +-
crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl | 3 +-
crypto/external/bsd/openssl/dist/apps/apps.c | 10 +-
crypto/external/bsd/openssl/dist/apps/passwd.c | 10 +-
crypto/external/bsd/openssl/dist/apps/s_socket.c | 4 +-
crypto/external/bsd/openssl/dist/apps/vms_decc_argv.c | 66 +++++
crypto/external/bsd/openssl/dist/apps/vms_decc_init.c | 40 +---
crypto/external/bsd/openssl/dist/config | 1 +
crypto/external/bsd/openssl/dist/crypto/asn1/charmap.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/bio/b_addr.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_exp2.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_prime.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_sqrt.c | 32 +-
crypto/external/bsd/openssl/dist/crypto/conf/conf_def.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/engine/eng_dyn.c | 13 +-
crypto/external/bsd/openssl/dist/crypto/evp/digest.c | 34 +-
crypto/external/bsd/openssl/dist/crypto/objects/obj_dat.c | 7 +-
crypto/external/bsd/openssl/dist/crypto/objects/obj_dat.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/objects/obj_xref.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_utl.c | 19 +-
crypto/external/bsd/openssl/dist/doc/man1/cms.pod | 5 +-
crypto/external/bsd/openssl/dist/doc/man3/BIO_ctrl.pod | 4 +-
crypto/external/bsd/openssl/dist/doc/man3/BIO_f_base64.pod | 21 +-
crypto/external/bsd/openssl/dist/doc/man3/BN_add.pod | 17 +-
crypto/external/bsd/openssl/dist/doc/man3/DEFINE_STACK_OF.pod | 3 +-
crypto/external/bsd/openssl/dist/doc/man3/OBJ_nid2obj.pod | 34 +-
crypto/external/bsd/openssl/dist/doc/man3/SSL_CONF_cmd.pod | 4 +-
crypto/external/bsd/openssl/dist/doc/man3/X509_STORE_CTX_new.pod | 71 +++++-
crypto/external/bsd/openssl/dist/include/internal/sockets.h | 4 +-
crypto/external/bsd/openssl/dist/include/openssl/engine.h | 3 +-
crypto/external/bsd/openssl/dist/include/openssl/obj_mac.h | 2 +-
crypto/external/bsd/openssl/dist/include/openssl/opensslv.h | 4 +-
crypto/external/bsd/openssl/dist/ssl/ssl_cert.c | 7 +-
crypto/external/bsd/openssl/dist/test/asn1_internal_test.c | 29 ++-
crypto/external/bsd/openssl/dist/test/build.info | 2 +-
crypto/external/bsd/openssl/dist/test/recipes/10-test_bn_data/bnmod.txt | 14 +-
crypto/external/bsd/openssl/dist/test/recipes/15-test_genrsa.t | 9 +-
crypto/external/bsd/openssl/dist/test/recipes/20-test_dgst.t | 8 +-
crypto/external/bsd/openssl/dist/test/recipes/70-test_verify_extra.t | 9 +-
crypto/external/bsd/openssl/dist/test/recipes/80-test_ssl_old.t | 41 +++-
crypto/external/bsd/openssl/dist/test/ssltest_old.c | 72 +++++-
crypto/external/bsd/openssl/dist/test/verify_extra_test.c | 116 +++++++++-
42 files changed, 576 insertions(+), 169 deletions(-)
diffs (truncated from 1602 to 300 lines):
diff -r 448628666df8 -r 464dade28043 crypto/external/bsd/openssl/dist/Configurations/10-main.conf
--- a/crypto/external/bsd/openssl/dist/Configurations/10-main.conf Tue Mar 15 18:18:27 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/Configurations/10-main.conf Tue Mar 15 20:47:08 2022 +0000
@@ -988,6 +988,13 @@
perlasm_scheme => "elf",
},
+ # riscv64 below refers to contemporary RISCV Architecture
+ # specifications,
+ "BSD-riscv64" => {
+ inherit_from => [ "BSD-generic64"],
+ perlasm_scheme => "linux64",
+ },
+
"bsdi-elf-gcc" => {
inherit_from => [ "BASE_unix", asm("x86_elf_asm") ],
CC => "gcc",
@@ -1765,7 +1772,7 @@
disable => add('pinshared'),
- apps_aux_src => "vms_term_sock.c",
+ apps_aux_src => "vms_term_sock.c vms_decc_argv.c",
apps_init_src => "vms_decc_init.c",
},
diff -r 448628666df8 -r 464dade28043 crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl
--- a/crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl Tue Mar 15 18:18:27 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl Tue Mar 15 20:47:08 2022 +0000
@@ -438,7 +438,8 @@
DEFINE SRCTOP {- sourcedir() -}
DEFINE BLDTOP {- builddir() -}
DEFINE RESULT_D {- builddir(qw(test test-runs)) -}
- DEFINE OPENSSL_ENGINES {- builddir("engines") -}
+ engines = F$PARSE("{- builddir("engines") -}","A.;",,,"syntax_only") - "A.;"
+ DEFINE OPENSSL_ENGINES 'engines'
DEFINE OPENSSL_DEBUG_MEMORY "on"
IF "$(VERBOSE)" .NES. "" THEN DEFINE VERBOSE "$(VERBOSE)"
$(PERL) {- sourcefile("test", "run_tests.pl") -} $(TESTS)
diff -r 448628666df8 -r 464dade28043 crypto/external/bsd/openssl/dist/apps/apps.c
--- a/crypto/external/bsd/openssl/dist/apps/apps.c Tue Mar 15 18:18:27 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/apps.c Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -300,9 +300,13 @@
int ui_flags = 0;
const char *prompt_info = NULL;
char *prompt;
+ int pw_min_len = PW_MIN_LENGTH;
if (cb_data != NULL && cb_data->prompt_info != NULL)
prompt_info = cb_data->prompt_info;
+ if (cb_data != NULL && cb_data->password != NULL
+ && *(const char*)cb_data->password != '\0')
+ pw_min_len = 1;
prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
if (!prompt) {
BIO_printf(bio_err, "Out of memory\n");
@@ -317,12 +321,12 @@
(void)UI_add_user_data(ui, cb_data);
ok = UI_add_input_string(ui, prompt, ui_flags, buf,
- PW_MIN_LENGTH, bufsiz - 1);
+ pw_min_len, bufsiz - 1);
if (ok >= 0 && verify) {
buff = app_malloc(bufsiz, "password buffer");
ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
- PW_MIN_LENGTH, bufsiz - 1, buf);
+ pw_min_len, bufsiz - 1, buf);
}
if (ok >= 0)
do {
diff -r 448628666df8 -r 464dade28043 crypto/external/bsd/openssl/dist/apps/passwd.c
--- a/crypto/external/bsd/openssl/dist/apps/passwd.c Tue Mar 15 18:18:27 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/passwd.c Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -407,7 +407,7 @@
n >>= 1;
}
if (!EVP_DigestFinal_ex(md, buf, NULL))
- return NULL;
+ goto err;
for (i = 0; i < 1000; i++) {
if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL))
@@ -633,7 +633,7 @@
n >>= 1;
}
if (!EVP_DigestFinal_ex(md, buf, NULL))
- return NULL;
+ goto err;
/* P sequence */
if (!EVP_DigestInit_ex(md2, sha, NULL))
@@ -644,7 +644,7 @@
goto err;
if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
- return NULL;
+ goto err;
if ((p_bytes = OPENSSL_zalloc(passwd_len)) == NULL)
goto err;
@@ -661,7 +661,7 @@
goto err;
if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
- return NULL;
+ goto err;
if ((s_bytes = OPENSSL_zalloc(salt_len)) == NULL)
goto err;
diff -r 448628666df8 -r 464dade28043 crypto/external/bsd/openssl/dist/apps/s_socket.c
--- a/crypto/external/bsd/openssl/dist/apps/s_socket.c Tue Mar 15 18:18:27 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/s_socket.c Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -147,7 +147,7 @@
#endif
if (!BIO_connect(*sock, BIO_ADDRINFO_address(ai),
- protocol == IPPROTO_TCP ? BIO_SOCK_NODELAY : 0)) {
+ BIO_ADDRINFO_protocol(ai) == IPPROTO_TCP ? BIO_SOCK_NODELAY : 0)) {
BIO_closesocket(*sock);
*sock = INVALID_SOCKET;
continue;
diff -r 448628666df8 -r 464dade28043 crypto/external/bsd/openssl/dist/apps/vms_decc_argv.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/vms_decc_argv.c Tue Mar 15 20:47:08 2022 +0000
@@ -0,0 +1,66 @@
+/*
+ * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdlib.h>
+#include <openssl/crypto.h>
+#include "apps.h" /* for app_malloc() and copy_argv() */
+
+char **newargv = NULL;
+
+static void cleanup_argv(void)
+{
+ OPENSSL_free(newargv);
+ newargv = NULL;
+}
+
+char **copy_argv(int *argc, char *argv[])
+{
+ /*-
+ * The note below is for historical purpose. On VMS now we always
+ * copy argv "safely."
+ *
+ * 2011-03-22 SMS.
+ * If we have 32-bit pointers everywhere, then we're safe, and
+ * we bypass this mess, as on non-VMS systems.
+ * Problem 1: Compaq/HP C before V7.3 always used 32-bit
+ * pointers for argv[].
+ * Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
+ * everywhere else, we always allocate and use a 64-bit
+ * duplicate of argv[].
+ * Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
+ * to NULL-terminate a 64-bit argv[]. (As this was written, the
+ * compiler ECO was available only on IA64.)
+ * Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
+ * 64-bit argv[argc] for NULL, and, if necessary, use a
+ * (properly) NULL-terminated (64-bit) duplicate of argv[].
+ * The same code is used in either case to duplicate argv[].
+ * Some of these decisions could be handled in preprocessing,
+ * but the code tends to get even uglier, and the penalty for
+ * deciding at compile- or run-time is tiny.
+ */
+
+ int i, count = *argc;
+ char **p = newargv;
+
+ cleanup_argv();
+
+ newargv = app_malloc(sizeof(*newargv) * (count + 1), "argv copy");
+ if (newargv == NULL)
+ return NULL;
+
+ /* Register automatic cleanup on first use */
+ if (p == NULL)
+ OPENSSL_atexit(cleanup_argv);
+
+ for (i = 0; i < count; i++)
+ newargv[i] = argv[i];
+ newargv[i] = NULL;
+ *argc = i;
+ return newargv;
+}
diff -r 448628666df8 -r 464dade28043 crypto/external/bsd/openssl/dist/apps/vms_decc_init.c
--- a/crypto/external/bsd/openssl/dist/apps/vms_decc_init.c Tue Mar 15 18:18:27 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/vms_decc_init.c Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2010-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -25,8 +25,6 @@
# include <stdlib.h>
# include <unixlib.h>
-# include "apps.h"
-
/* Global storage. */
/* Flag to sense if decc_init() was called. */
@@ -63,42 +61,6 @@
};
-char **copy_argv(int *argc, char *argv[])
-{
- /*-
- * The note below is for historical purpose. On VMS now we always
- * copy argv "safely."
- *
- * 2011-03-22 SMS.
- * If we have 32-bit pointers everywhere, then we're safe, and
- * we bypass this mess, as on non-VMS systems.
- * Problem 1: Compaq/HP C before V7.3 always used 32-bit
- * pointers for argv[].
- * Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
- * everywhere else, we always allocate and use a 64-bit
- * duplicate of argv[].
- * Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
- * to NULL-terminate a 64-bit argv[]. (As this was written, the
- * compiler ECO was available only on IA64.)
- * Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
- * 64-bit argv[argc] for NULL, and, if necessary, use a
- * (properly) NULL-terminated (64-bit) duplicate of argv[].
- * The same code is used in either case to duplicate argv[].
- * Some of these decisions could be handled in preprocessing,
- * but the code tends to get even uglier, and the penalty for
- * deciding at compile- or run-time is tiny.
- */
-
- int i, count = *argc;
- char **newargv = app_malloc(sizeof(*newargv) * (count + 1), "argv copy");
-
- for (i = 0; i < count; i++)
- newargv[i] = argv[i];
- newargv[i] = NULL;
- *argc = i;
- return newargv;
-}
-
/* LIB$INITIALIZE initialization function. */
static void decc_init(void)
diff -r 448628666df8 -r 464dade28043 crypto/external/bsd/openssl/dist/config
--- a/crypto/external/bsd/openssl/dist/config Tue Mar 15 18:18:27 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/config Tue Mar 15 20:47:08 2022 +0000
@@ -704,6 +704,7 @@
__CNF_CPPFLAGS="$__CNF_CPPFLAGS -DL_ENDIAN" ;;
powerpc64-*-*bsd*) OUT="BSD-generic64";
__CNF_CPPFLAGS="$__CNF_CPPFLAGS -DB_ENDIAN" ;;
+ riscv64-*-*bsd*) OUT="BSD-riscv64" ;;
sparc64-*-*bsd*) OUT="BSD-sparc64" ;;
ia64-*-*bsd*) OUT="BSD-ia64" ;;
x86_64-*-dragonfly*) OUT="BSD-x86_64" ;;
diff -r 448628666df8 -r 464dade28043 crypto/external/bsd/openssl/dist/crypto/asn1/charmap.h
--- a/crypto/external/bsd/openssl/dist/crypto/asn1/charmap.h Tue Mar 15 18:18:27 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/crypto/asn1/charmap.h Tue Mar 15 20:47:08 2022 +0000
@@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by crypto/asn1/charmap.pl
*
- * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
diff -r 448628666df8 -r 464dade28043 crypto/external/bsd/openssl/dist/crypto/bio/b_addr.c
--- a/crypto/external/bsd/openssl/dist/crypto/bio/b_addr.c Tue Mar 15 18:18:27 2022 +0000
Home |
Main Index |
Thread Index |
Old Index