From e20c7428f6f95066dfb8744239943f8398276700 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 20 Dec 2022 21:23:19 +0800 Subject: [PATCH] backport patches --- backport-Avoid-potential-memory-leak.patch | 36 +++++++ ...-check-result-of-bn_rshift_fixed_top.patch | 36 +++++++ ...d_callback-to-handle-short-passwords.patch | 72 +++++++++++++ backport-Fix-usage-of-SSLfatal.patch | 36 +++++++ ...-Test-processing-of-a-duplicated-HRR.patch | 100 ++++++++++++++++++ ...tl.c-Add-missing-check-for-OPENSSL_s.patch | 58 ++++++++++ ...s_server_hello-Disallow-repeated-HRR.patch | 36 +++++++ openssl.spec | 12 ++- 8 files changed, 385 insertions(+), 1 deletion(-) create mode 100644 backport-Avoid-potential-memory-leak.patch create mode 100644 backport-Fix-failure-to-check-result-of-bn_rshift_fixed_top.patch create mode 100644 backport-Fix-password_callback-to-handle-short-passwords.patch create mode 100644 backport-Fix-usage-of-SSLfatal.patch create mode 100644 backport-Test-processing-of-a-duplicated-HRR.patch create mode 100644 backport-crypto-x509-v3_utl.c-Add-missing-check-for-OPENSSL_s.patch create mode 100644 backport-tls_process_server_hello-Disallow-repeated-HRR.patch diff --git a/backport-Avoid-potential-memory-leak.patch b/backport-Avoid-potential-memory-leak.patch new file mode 100644 index 0000000..761057a --- /dev/null +++ b/backport-Avoid-potential-memory-leak.patch @@ -0,0 +1,36 @@ +From c02fff5aecd4d002143a0e901f3dde3d14934a18 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Mon, 7 Mar 2022 17:05:57 +0100 +Subject: [PATCH] Avoid potential memory leak + +Resolves #17827 + +Reviewed-by: Tomas Mraz +Reviewed-by: Paul Dale +(Merged from https://github.com/openssl/openssl/pull/17828) + +(cherry picked from commit 175355923046921a689b500f7a72455f7095708f) +--- + crypto/x509v3/v3_utl.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c +index 40d8f31554..83a4bc8a06 100644 +--- a/crypto/x509v3/v3_utl.c ++++ b/crypto/x509v3/v3_utl.c +@@ -538,8 +538,11 @@ static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, const ASN1_IA5STRING *email + return 0; + + emtmp = OPENSSL_strndup((char *)email->data, email->length); +- if (emtmp == NULL) ++ if (emtmp == NULL) { ++ X509_email_free(*sk); ++ *sk = NULL; + return 0; ++ } + + /* Don't add duplicates */ + if (sk_OPENSSL_STRING_find(*sk, emtmp) != -1) { +-- +2.17.1 + diff --git a/backport-Fix-failure-to-check-result-of-bn_rshift_fixed_top.patch b/backport-Fix-failure-to-check-result-of-bn_rshift_fixed_top.patch new file mode 100644 index 0000000..61e4595 --- /dev/null +++ b/backport-Fix-failure-to-check-result-of-bn_rshift_fixed_top.patch @@ -0,0 +1,36 @@ +From 93ac3b8dd1cc49b27c402278cbe73a1c4ac91f9b Mon Sep 17 00:00:00 2001 +From: Hugo Landau +Date: Mon, 4 Apr 2022 12:25:16 +0100 +Subject: [PATCH] Fix failure to check result of bn_rshift_fixed_top + +Fixes #18010. + +Reviewed-by: Matt Caswell +Reviewed-by: Paul Dale +(Merged from https://github.com/openssl/openssl/pull/18034) + +(cherry picked from commit bc6bac8561ead83d6135f376ffcbbb0b657e64fe) +--- + crypto/bn/bn_div.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c +index 0da9f39b31..e2821fb6cd 100644 +--- a/crypto/bn/bn_div.c ++++ b/crypto/bn/bn_div.c +@@ -446,8 +446,10 @@ int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, + snum->neg = num_neg; + snum->top = div_n; + snum->flags |= BN_FLG_FIXED_TOP; +- if (rm != NULL) +- bn_rshift_fixed_top(rm, snum, norm_shift); ++ ++ if (rm != NULL && bn_rshift_fixed_top(rm, snum, norm_shift) == 0) ++ goto err; ++ + BN_CTX_end(ctx); + return 1; + err: +-- +2.17.1 + diff --git a/backport-Fix-password_callback-to-handle-short-passwords.patch b/backport-Fix-password_callback-to-handle-short-passwords.patch new file mode 100644 index 0000000..5eb5758 --- /dev/null +++ b/backport-Fix-password_callback-to-handle-short-passwords.patch @@ -0,0 +1,72 @@ +From f4942134815f95845706993c15ca7e4fd6e44627 Mon Sep 17 00:00:00 2001 +From: Bernd Edlinger +Date: Fri, 7 Jan 2022 10:18:58 +0100 +Subject: [PATCH] Fix password_callback to handle short passwords + +Fixes #17426 + +Reviewed-by: Paul Dale +(Merged from https://github.com/openssl/openssl/pull/17439) +--- + apps/apps.c | 8 ++++++-- + test/recipes/15-test_genrsa.t | 7 ++++++- + 2 files changed, 12 insertions(+), 3 deletions(-) + +diff --git a/apps/apps.c b/apps/apps.c +index c06241abb9..531fbec551 100644 +--- a/apps/apps.c ++++ b/apps/apps.c +@@ -300,9 +300,13 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) + int ui_flags = 0; + const char *prompt_info = NULL; + char *prompt; ++ int pw_min_len = PW_MIN_LENGTH; + + if (cb_data != NULL && cb_data->prompt_info != NULL) + prompt_info = cb_data->prompt_info; ++ if (cb_data != NULL && cb_data->password != NULL ++ && *(const char*)cb_data->password != '\0') ++ pw_min_len = 1; + prompt = UI_construct_prompt(ui, "pass phrase", prompt_info); + if (!prompt) { + BIO_printf(bio_err, "Out of memory\n"); +@@ -317,12 +321,12 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) + (void)UI_add_user_data(ui, cb_data); + + ok = UI_add_input_string(ui, prompt, ui_flags, buf, +- PW_MIN_LENGTH, bufsiz - 1); ++ pw_min_len, bufsiz - 1); + + if (ok >= 0 && verify) { + buff = app_malloc(bufsiz, "password buffer"); + ok = UI_add_verify_string(ui, prompt, ui_flags, buff, +- PW_MIN_LENGTH, bufsiz - 1, buf); ++ pw_min_len, bufsiz - 1, buf); + } + if (ok >= 0) + do { +diff --git a/test/recipes/15-test_genrsa.t b/test/recipes/15-test_genrsa.t +index e16a9a4042..c9bc6bdc8a 100644 +--- a/test/recipes/15-test_genrsa.t ++++ b/test/recipes/15-test_genrsa.t +@@ -16,7 +16,7 @@ use OpenSSL::Test::Utils; + + setup("test_genrsa"); + +-plan tests => 5; ++plan tests => 7; + + # We want to know that an absurdly small number of bits isn't support + is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])), 0, "genrsa -3 8"); +@@ -52,3 +52,8 @@ ok(run(app([ 'openssl', 'genrsa', '-f4', '-out', 'genrsatest.pem', $good ])), + "genrsa -f4 $good"); + ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])), + "rsa -check"); ++ok(run(app([ 'openssl', 'rsa', '-in', 'genrsatest.pem', '-out', 'genrsatest-enc.pem', ++ '-aes256', '-passout', 'pass:x' ])), ++ "rsa encrypt"); ++ok(run(app([ 'openssl', 'rsa', '-in', 'genrsatest-enc.pem', '-passin', 'pass:x' ])), ++ "rsa decrypt"); +-- +2.17.1 + diff --git a/backport-Fix-usage-of-SSLfatal.patch b/backport-Fix-usage-of-SSLfatal.patch new file mode 100644 index 0000000..abc72ce --- /dev/null +++ b/backport-Fix-usage-of-SSLfatal.patch @@ -0,0 +1,36 @@ +From 3e8f70c30d84861fcd257a6e280dc49e104eb145 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Wed, 30 Mar 2022 14:49:24 +0100 +Subject: [PATCH] Fix usage of SSLfatal + +A cherry-pick from the master branch incorrectly introduced a usage of +3 argument SSLfatal. In 1.1.1 the function code is also required. + +Fixes #17999 + +Reviewed-by: Bernd Edlinger +Reviewed-by: Tomas Mraz +Reviewed-by: Dmitry Belyavskiy +Reviewed-by: Matt Caswell +(Merged from https://github.com/openssl/openssl/pull/18000) +--- + ssl/statem/statem_clnt.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c +index e3aba393f9..2bc5cf5ec3 100644 +--- a/ssl/statem/statem_clnt.c ++++ b/ssl/statem/statem_clnt.c +@@ -1423,7 +1423,8 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt) + && PACKET_remaining(pkt) >= SSL3_RANDOM_SIZE + && memcmp(hrrrandom, PACKET_data(pkt), SSL3_RANDOM_SIZE) == 0) { + if (s->hello_retry_request != SSL_HRR_NONE) { +- SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_UNEXPECTED_MESSAGE); ++ SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, ++ SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_UNEXPECTED_MESSAGE); + goto err; + } + s->hello_retry_request = SSL_HRR_PENDING; +-- +2.17.1 + diff --git a/backport-Test-processing-of-a-duplicated-HRR.patch b/backport-Test-processing-of-a-duplicated-HRR.patch new file mode 100644 index 0000000..2db3744 --- /dev/null +++ b/backport-Test-processing-of-a-duplicated-HRR.patch @@ -0,0 +1,100 @@ +From f29ec6563ddf81db46c464d14f2bb29a3fa5592f Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Tue, 22 Mar 2022 16:33:52 +0100 +Subject: [PATCH] Test processing of a duplicated HRR + +Reviewed-by: Todd Short +Reviewed-by: Matt Caswell +(Merged from https://github.com/openssl/openssl/pull/17936) + +(cherry picked from commit db44b55aaa42141921217183667800425227b658) +--- + test/recipes/70-test_tls13hrr.t | 51 +++++++++++++++++++++++++++++++-- + 1 file changed, 49 insertions(+), 2 deletions(-) + +diff --git a/test/recipes/70-test_tls13hrr.t b/test/recipes/70-test_tls13hrr.t +index e0b47ed359..411e749971 100644 +--- a/test/recipes/70-test_tls13hrr.t ++++ b/test/recipes/70-test_tls13hrr.t +@@ -37,7 +37,8 @@ my $proxy = TLSProxy::Proxy->new( + + use constant { + CHANGE_HRR_CIPHERSUITE => 0, +- CHANGE_CH1_CIPHERSUITE => 1 ++ CHANGE_CH1_CIPHERSUITE => 1, ++ DUPLICATE_HRR => 2 + }; + + #Test 1: A client should fail if the server changes the ciphersuite between the +@@ -46,7 +47,7 @@ $proxy->filter(\&hrr_filter); + $proxy->serverflags("-curves P-256"); + my $testtype = CHANGE_HRR_CIPHERSUITE; + $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +-plan tests => 2; ++plan tests => 3; + ok(TLSProxy::Message->fail(), "Server ciphersuite changes"); + + #Test 2: It is an error if the client changes the offered ciphersuites so that +@@ -58,6 +59,19 @@ $testtype = CHANGE_CH1_CIPHERSUITE; + $proxy->start(); + ok(TLSProxy::Message->fail(), "Client ciphersuite changes"); + ++#Test 3: A client should fail with unexpected_message alert if the server ++# sends more than 1 HRR ++my $fatal_alert = 0; ++$proxy->clear(); ++if (disabled("ec")) { ++ $proxy->serverflags("-curves ffdhe3072"); ++} else { ++ $proxy->serverflags("-curves P-256"); ++} ++$testtype = DUPLICATE_HRR; ++$proxy->start(); ++ok($fatal_alert, "Server duplicated HRR"); ++ + sub hrr_filter + { + my $proxy = shift; +@@ -78,6 +92,39 @@ sub hrr_filter + return; + } + ++ if ($testtype == DUPLICATE_HRR) { ++ # We're only interested in the HRR ++ # and the unexpected_message alert from client ++ if ($proxy->flight == 4) { ++ $fatal_alert = 1 ++ if @{$proxy->record_list}[-1]->is_fatal_alert(0) == 10; ++ return; ++ } ++ if ($proxy->flight != 3) { ++ return; ++ } ++ ++ # Find ServerHello record (HRR actually) and insert after that ++ my $i; ++ for ($i = 0; ${$proxy->record_list}[$i]->flight() < 1; $i++) { ++ next; ++ } ++ my $hrr_record = ${$proxy->record_list}[$i]; ++ my $dup_hrr = TLSProxy::Record->new(3, ++ $hrr_record->content_type(), ++ $hrr_record->version(), ++ $hrr_record->len(), ++ $hrr_record->sslv2(), ++ $hrr_record->len_real(), ++ $hrr_record->decrypt_len(), ++ $hrr_record->data(), ++ $hrr_record->decrypt_data()); ++ ++ $i++; ++ splice @{$proxy->record_list}, $i, 0, $dup_hrr; ++ return; ++ } ++ + # CHANGE_CH1_CIPHERSUITE + if ($proxy->flight != 0) { + return; +-- +2.17.1 + diff --git a/backport-crypto-x509-v3_utl.c-Add-missing-check-for-OPENSSL_s.patch b/backport-crypto-x509-v3_utl.c-Add-missing-check-for-OPENSSL_s.patch new file mode 100644 index 0000000..e463057 --- /dev/null +++ b/backport-crypto-x509-v3_utl.c-Add-missing-check-for-OPENSSL_s.patch @@ -0,0 +1,58 @@ +From 999cce6ea7393e1daa40e9994064b2955b24a831 Mon Sep 17 00:00:00 2001 +From: Jiasheng Jiang +Date: Mon, 21 Feb 2022 09:51:54 +0800 +Subject: [PATCH] crypto/x509/v3_utl.c: Add missing check for OPENSSL_strndup + +Since the potential failure of memory allocation, it +should be better to check the return value of the +OPENSSL_strndup(), like x509v3_add_len_value(). +And following the comment of 'if (astrlen < 0)', +return -1 if fails. + +Signed-off-by: Jiasheng Jiang + +Reviewed-by: Matt Caswell +Reviewed-by: Paul Dale +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/17737) + +(cherry picked from commit 366a16263959c0b6599f0b9ec18124d75560c6ef) +--- + crypto/x509v3/v3_utl.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c +index f41c699b5a..40d8f31554 100644 +--- a/crypto/x509v3/v3_utl.c ++++ b/crypto/x509v3/v3_utl.c +@@ -828,8 +828,11 @@ static int do_check_string(const ASN1_STRING *a, int cmp_type, equal_fn equal, + rv = equal(a->data, a->length, (unsigned char *)b, blen, flags); + else if (a->length == (int)blen && !memcmp(a->data, b, blen)) + rv = 1; +- if (rv > 0 && peername) ++ if (rv > 0 && peername != NULL) { + *peername = OPENSSL_strndup((char *)a->data, a->length); ++ if (*peername == NULL) ++ return -1; ++ } + } else { + int astrlen; + unsigned char *astr; +@@ -842,8 +845,13 @@ static int do_check_string(const ASN1_STRING *a, int cmp_type, equal_fn equal, + return -1; + } + rv = equal(astr, astrlen, (unsigned char *)b, blen, flags); +- if (rv > 0 && peername) ++ if (rv > 0 && peername != NULL) { + *peername = OPENSSL_strndup((char *)astr, astrlen); ++ if (*peername == NULL) { ++ OPENSSL_free(astr); ++ return -1; ++ } ++ } + OPENSSL_free(astr); + } + return rv; +-- +2.17.1 + diff --git a/backport-tls_process_server_hello-Disallow-repeated-HRR.patch b/backport-tls_process_server_hello-Disallow-repeated-HRR.patch new file mode 100644 index 0000000..3c9576c --- /dev/null +++ b/backport-tls_process_server_hello-Disallow-repeated-HRR.patch @@ -0,0 +1,36 @@ +From fb67978a9eb076b23ddf17f6b95f697ed526c584 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Tue, 22 Mar 2022 12:34:07 +0100 +Subject: [PATCH] tls_process_server_hello: Disallow repeated HRR + +Repeated HRR must be rejected. + +Fixes #17934 + +Reviewed-by: Todd Short +Reviewed-by: Matt Caswell +(Merged from https://github.com/openssl/openssl/pull/17936) + +(cherry picked from commit d204a50b898435fbf937316d5693008cebf62eef) +--- + ssl/statem/statem_clnt.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c +index d1a3969812..e3aba393f9 100644 +--- a/ssl/statem/statem_clnt.c ++++ b/ssl/statem/statem_clnt.c +@@ -1422,6 +1422,10 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt) + && sversion == TLS1_2_VERSION + && PACKET_remaining(pkt) >= SSL3_RANDOM_SIZE + && memcmp(hrrrandom, PACKET_data(pkt), SSL3_RANDOM_SIZE) == 0) { ++ if (s->hello_retry_request != SSL_HRR_NONE) { ++ SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_UNEXPECTED_MESSAGE); ++ goto err; ++ } + s->hello_retry_request = SSL_HRR_PENDING; + hrr = 1; + if (!PACKET_forward(pkt, SSL3_RANDOM_SIZE)) { +-- +2.17.1 + diff --git a/openssl.spec b/openssl.spec index 1ad44df..058f272 100644 --- a/openssl.spec +++ b/openssl.spec @@ -2,7 +2,7 @@ Name: openssl Epoch: 1 Version: 1.1.1m -Release: 13 +Release: 14 Summary: Cryptography and SSL/TLS Toolkit License: OpenSSL and SSLeay URL: https://www.openssl.org/ @@ -22,6 +22,13 @@ Patch11: Fix-reported-performance-degradation-on-aarch64.patch Patch12: backport-Update-further-expiring-certificates-that-affect-tes.patch Patch13: fix-add-loongarch64-target.patch Patch14: openssl-1.1.1m-sw.patch +Patch15: backport-Fix-failure-to-check-result-of-bn_rshift_fixed_top.patch +Patch16: backport-Test-processing-of-a-duplicated-HRR.patch +Patch17: backport-tls_process_server_hello-Disallow-repeated-HRR.patch +Patch18: backport-Avoid-potential-memory-leak.patch +Patch19: backport-crypto-x509-v3_utl.c-Add-missing-check-for-OPENSSL_s.patch +Patch20: backport-Fix-password_callback-to-handle-short-passwords.patch +Patch21: backport-Fix-usage-of-SSLfatal.patch BuildRequires: gcc perl make lksctp-tools-devel coreutils util-linux zlib-devel Requires: coreutils %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} @@ -230,6 +237,9 @@ make test || : %ldconfig_scriptlets libs %changelog +* Tue Dec 20 2022 steven_ygui - 1:1.1.1m-14 +- Backport some patches + * Sun Nov 20 2022 wuzx - 1:1.1.1m-13 - Add sw64 architecture -- Gitee