From 0cedaa6c89235ed396068f2ebf546c9a909439e1 Mon Sep 17 00:00:00 2001 From: "Simon L. B. Nielsen" Date: Thu, 1 Apr 2010 12:25:40 +0000 Subject: [PATCH] Import OpenSSL 0.9.8n. --- CHANGES | 15 +++++++++++++++ FAQ | 2 +- Makefile | 2 +- NEWS | 5 +++++ README | 2 +- apps/req.c | 6 ++++++ apps/speed.c | 14 ++++++++++---- config | 4 ++++ crypto/asn1/a_object.c | 6 +++--- crypto/bio/bss_file.c | 4 ++-- crypto/bn/asm/ppc.pl | 2 ++ crypto/bn/asm/x86_64-gcc.c | 1 + crypto/bn/bn_div.c | 10 ++++++++-- crypto/engine/eng_all.c | 2 +- crypto/engine/eng_cryptodev.c | 23 ++++++++++++++++++++--- crypto/evp/digest.c | 1 + crypto/evp/evp_locl.h | 6 +++--- crypto/evp/names.c | 2 +- crypto/md32_common.h | 8 ++++---- crypto/ocsp/ocsp_prn.c | 1 + crypto/opensslv.h | 6 +++--- crypto/rand/rand_win.c | 2 +- engines/e_capi.c | 4 ++++ engines/e_chil.c | 11 +++++++++-- fips/Makefile | 2 +- openssl.spec | 2 +- ssl/kssl.c | 3 +++ ssl/s3_pkt.c | 6 +++--- 28 files changed, 115 insertions(+), 37 deletions(-) diff --git a/CHANGES b/CHANGES index 97b3810f40a8..b350da79f66b 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,21 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8m and 0.9.8n [24 Mar 2010] + + *) When rejecting SSL/TLS records due to an incorrect version number, never + update s->server with a new major version number. As of + - OpenSSL 0.9.8m if 'short' is a 16-bit type, + - OpenSSL 0.9.8f if 'short' is longer than 16 bits, + the previous behavior could result in a read attempt at NULL when + receiving specific incorrect SSL/TLS records once record payload + protection is active. (CVE-2010-0740) + [Bodo Moeller, Adam Langley ] + + *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL + could be crashed if the relevant tables were not present (e.g. chrooted). + [Tomas Hoger ] + Changes between 0.9.8l and 0.9.8m [25 Feb 2010] *) Always check bn_wexpend() return values for failure. (CVE-2009-3245) diff --git a/FAQ b/FAQ index 8041479c7ead..f7aaede4ca08 100644 --- a/FAQ +++ b/FAQ @@ -78,7 +78,7 @@ OpenSSL - Frequently Asked Questions * Which is the current version of OpenSSL? The current version is available from . -OpenSSL 0.9.8m was released on Feb 25th, 2010. +OpenSSL 0.9.8n was released on Mar 24th, 2010. In addition to the current stable release, you can also access daily snapshots of the OpenSSL development version at value,def,value,nid,n_min,n_max, chtype)) diff --git a/apps/speed.c b/apps/speed.c index 07f0ae04a614..393a7baade38 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -254,12 +254,18 @@ # endif #endif -#if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE) -# define NO_FORK 1 -#elif HAVE_FORK +#ifndef HAVE_FORK +# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE) +# define HAVE_FORK 0 +# else +# define HAVE_FORK 1 +# endif +#endif + +#if HAVE_FORK # undef NO_FORK #else -# define NO_FORK 1 +# define NO_FORK #endif #undef BUFSIZE diff --git a/config b/config index 4d789df5ecb9..b9d1c7aa2688 100755 --- a/config +++ b/config @@ -741,6 +741,10 @@ case "$GUESSOS" in OBJECT_MODE=${OBJECT_MODE:-32} if [ "$CC" = "gcc" ]; then OUT="aix-gcc" + if [ $OBJECT_MODE -eq 64 ]; then + echo 'Your $OBJECT_MODE was found to be set to 64' + OUT="aix64-gcc" + fi elif [ $OBJECT_MODE -eq 64 ]; then echo 'Your $OBJECT_MODE was found to be set to 64' OUT="aix64-cc" diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index d169f8c14736..365e4673a95c 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -291,12 +291,12 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, ASN1_OBJECT *ret=NULL; const unsigned char *p; int i; - /* Sanity check OID encoding: can't have 0x80 in subidentifiers, see: - * X.690 8.19.2 + /* Sanity check OID encoding: can't have leading 0x80 in + * subidentifiers, see: X.690 8.19.2 */ for (i = 0, p = *pp + 1; i < len - 1; i++, p++) { - if (*p == 0x80) + if (*p == 0x80 && (!i || !(p[-1] & 0x80))) { ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING); return NULL; diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index 62c10731d4a6..47fa266dfc48 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -272,9 +272,9 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) BIO_clear_flags(b,BIO_FLAGS_UPLINK); #endif #endif -#ifdef UP_fsetmode +#ifdef UP_fsetmod if (b->flags&BIO_FLAGS_UPLINK) - UP_fsetmode(b->ptr,num&BIO_FP_TEXT?'t':'b'); + UP_fsetmod(b->ptr,(char)((num&BIO_FP_TEXT)?'t':'b')); else #endif { diff --git a/crypto/bn/asm/ppc.pl b/crypto/bn/asm/ppc.pl index 08e005347388..806e53ad6e1d 100644 --- a/crypto/bn/asm/ppc.pl +++ b/crypto/bn/asm/ppc.pl @@ -2074,5 +2074,7 @@ EOF $data =~ s/^(\s*)cmplw(\s+)([^,]+),(.*)/$1cmpl$2$3,0,$4/gm; # assembler X doesn't accept li, load immediate value #$data =~ s/^(\s*)li(\s+)([^,]+),(.*)/$1addi$2$3,0,$4/gm; + # assembler Y chokes on apostrophes in comments + $data =~ s/'//gm; return($data); } diff --git a/crypto/bn/asm/x86_64-gcc.c b/crypto/bn/asm/x86_64-gcc.c index 2b2bc1ef60a1..b1b8a1109bf7 100644 --- a/crypto/bn/asm/x86_64-gcc.c +++ b/crypto/bn/asm/x86_64-gcc.c @@ -59,6 +59,7 @@ #undef mul #undef mul_add +#undef sqr /* * "m"(a), "+m"(r) is the way to favor DirectPath µ-code; diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c index 7c35545354ee..78c6507113bf 100644 --- a/crypto/bn/bn_div.c +++ b/crypto/bn/bn_div.c @@ -337,7 +337,10 @@ X) -> 0x%08X\n", t2 -= d1; } #else /* !BN_LLONG */ - BN_ULONG t2l,t2h,ql,qh; + BN_ULONG t2l,t2h; +#if !defined(BN_UMULT_LOHI) && !defined(BN_UMULT_HIGH) + BN_ULONG ql,qh; +#endif q=bn_div_words(n0,n1,d0); #ifdef BN_DEBUG_LEVITTE @@ -561,7 +564,10 @@ X) -> 0x%08X\n", t2 -= d1; } #else /* !BN_LLONG */ - BN_ULONG t2l,t2h,ql,qh; + BN_ULONG t2l,t2h; +#if !defined(BN_UMULT_LOHI) && !defined(BN_UMULT_HIGH) + BN_ULONG ql,qh; +#endif q=bn_div_words(n0,n1,d0); #ifdef BN_DEBUG_LEVITTE diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c index d29cd57dc2f1..f29c167c0698 100644 --- a/crypto/engine/eng_all.c +++ b/crypto/engine/eng_all.c @@ -104,7 +104,7 @@ void ENGINE_load_builtin_engines(void) #endif #endif #ifndef OPENSSL_NO_HW -#if defined(__OpenBSD__) || defined(__FreeBSD__) +#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) ENGINE_load_cryptodev(); #endif #if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c index 1a1e1c2655ac..eef1e2d81424 100644 --- a/crypto/engine/eng_cryptodev.c +++ b/crypto/engine/eng_cryptodev.c @@ -755,10 +755,18 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, goto err; kop.crk_iparams = 3; - if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) { + if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL)) { const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + printf("OCF asym process failed, Running in software\n"); + ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); + + } else if (ECANCELED == kop.crk_status) { + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + printf("OCF hardware operation cancelled. Running in Software\n"); ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); } + /* else cryptodev operation worked ok ==> ret = 1*/ + err: zapparams(&kop); return (ret); @@ -801,10 +809,18 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) goto err; kop.crk_iparams = 6; - if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { + if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) { const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + printf("OCF asym process failed, running in Software\n"); + ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); + + } else if (ECANCELED == kop.crk_status) { + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + printf("OCF hardware operation cancelled. Running in Software\n"); ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); } + /* else cryptodev operation worked ok ==> ret = 1*/ + err: zapparams(&kop); return (ret); @@ -940,7 +956,8 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, kop.crk_iparams = 7; if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { - dsaret = kop.crk_status; +/*OCF success value is 0, if not zero, change dsaret to fail*/ + if(0 != kop.crk_status) dsaret = 0; } else { const DSA_METHOD *meth = DSA_OpenSSL(); diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 6a8f39bef791..10a36071f71b 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -235,6 +235,7 @@ static int do_evp_md_engine(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) { /* Same comment from evp_enc.c */ EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_INITIALIZATION_ERROR); + ENGINE_finish(impl); return 0; } /* We'll use the ENGINE's private digest definition */ diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h index 72105b0fe2b0..ef6c432538aa 100644 --- a/crypto/evp/evp_locl.h +++ b/crypto/evp/evp_locl.h @@ -127,9 +127,9 @@ BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \ #define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \ iv_len, cbits, flags, init_key, cleanup, \ set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, \ - (cbits + 7)/8, key_len, iv_len, \ - flags, init_key, cleanup, set_asn1, get_asn1, ctrl) +BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \ + key_len, iv_len, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) #define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \ iv_len, cbits, flags, init_key, cleanup, \ diff --git a/crypto/evp/names.c b/crypto/evp/names.c index e2e04c3570f4..945879dc39a6 100644 --- a/crypto/evp/names.c +++ b/crypto/evp/names.c @@ -90,7 +90,7 @@ int EVP_add_digest(const EVP_MD *md) r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(const char *)md); if (r == 0) return(0); - if (md->type != md->pkey_type) + if (md->pkey_type && md->type != md->pkey_type) { r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type), OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name); diff --git a/crypto/md32_common.h b/crypto/md32_common.h index 61bcd9786f86..606aea6b9da2 100644 --- a/crypto/md32_common.h +++ b/crypto/md32_common.h @@ -241,11 +241,11 @@ #ifndef PEDANTIC # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) # if defined(__s390x__) -# define HOST_c2l(c,l) ({ asm ("lrv %0,0(%1)" \ - :"=r"(l) : "r"(c)); \ +# define HOST_c2l(c,l) ({ asm ("lrv %0,%1" \ + :"=d"(l) :"m"(*(const unsigned int *)(c));\ (c)+=4; (l); }) -# define HOST_l2c(l,c) ({ asm ("strv %0,0(%1)" \ - : : "r"(l),"r"(c) : "memory"); \ +# define HOST_l2c(l,c) ({ asm ("strv %1,%0" \ + :"=m"(*(unsigned int *)(c)) :"d"(l));\ (c)+=4; (l); }) # endif # endif diff --git a/crypto/ocsp/ocsp_prn.c b/crypto/ocsp/ocsp_prn.c index 01f81e7a59a2..90dd1aa38ed4 100644 --- a/crypto/ocsp/ocsp_prn.c +++ b/crypto/ocsp/ocsp_prn.c @@ -275,6 +275,7 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags) } if (!X509V3_extensions_print(bp, "Response Extensions", rd->responseExtensions, flags, 4)) + goto err; if(X509_signature_print(bp, br->signatureAlgorithm, br->signature) <= 0) goto err; diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 3d794d9dad44..9f3981c3d3a5 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x009080dfL +#define OPENSSL_VERSION_NUMBER 0x009080efL #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8m-fips 25 Feb 2010" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8n-fips 24 Mar 2010" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8m 25 Feb 2010" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8n 24 Mar 2010" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c index 5198351cf34e..5d134e186bb0 100644 --- a/crypto/rand/rand_win.c +++ b/crypto/rand/rand_win.c @@ -750,7 +750,7 @@ static void readscreen(void) int y; /* y-coordinate of screen lines to grab */ int n = 16; /* number of screen lines to grab at a time */ - if (GetVersion() >= 0x80000000 || !OPENSSL_isservice()) + if (GetVersion() < 0x80000000 && OPENSSL_isservice()>0) return; /* Create a screen DC and a memory DC compatible to screen DC */ diff --git a/engines/e_capi.c b/engines/e_capi.c index fd7f13ca2cfc..59b2ab7b5896 100644 --- a/engines/e_capi.c +++ b/engines/e_capi.c @@ -83,6 +83,10 @@ #define CERT_STORE_CREATE_NEW_FLAG 0x00002000 #endif +#ifndef CERT_SYSTEM_STORE_CURRENT_USER +#define CERT_SYSTEM_STORE_CURRENT_USER 0x00010000 +#endif + #include #include #include diff --git a/engines/e_chil.c b/engines/e_chil.c index e1847622ea74..3a07076b4fef 100644 --- a/engines/e_chil.c +++ b/engines/e_chil.c @@ -1204,6 +1204,11 @@ static int hwcrhk_get_pass(const char *prompt_info, pem_password_cb *callback = NULL; void *callback_data = NULL; UI_METHOD *ui_method = NULL; + /* Despite what the documentation says prompt_info can be + * an empty string. + */ + if (prompt_info && !*prompt_info) + prompt_info = NULL; if (cactx) { @@ -1305,8 +1310,10 @@ static int hwcrhk_insert_card(const char *prompt_info, { char answer; char buf[BUFSIZ]; - - if (wrong_info) + /* Despite what the documentation says wrong_info can be + * an empty string. + */ + if (wrong_info && *wrong_info) BIO_snprintf(buf, sizeof(buf)-1, "Current card: \"%s\"\n", wrong_info); ok = UI_dup_info_string(ui, buf); diff --git a/fips/Makefile b/fips/Makefile index 720a883a6949..546b54b2fd4d 100644 --- a/fips/Makefile +++ b/fips/Makefile @@ -123,7 +123,7 @@ fips_premain_dso$(EXE_EXT): fips_premain.c $(FIPSLIBDIR)fipscanister.o ../libcrypto.a $(EX_LIBS) # this is executed only when linking with external fipscanister.o fips_standalone_sha1$(EXE_EXT): sha/fips_standalone_sha1.c - if [ -z $(HOSTCC) ] ; then \ + if [ -z "$(HOSTCC)" ] ; then \ $(CC) $(CFLAGS) -DFIPSCANISTER_O -o $@ sha/fips_standalone_sha1.c $(FIPSLIBDIR)fipscanister.o $(EX_LIBS) ; \ else \ $(HOSTCC) $(HOSTCFLAGS) -o $ $@ -I../include -I../crypto sha/fips_standalone_sha1.c ../crypto/sha/sha1dgst.c ; \ diff --git a/openssl.spec b/openssl.spec index eb4bcede28fa..19a002f92c23 100644 --- a/openssl.spec +++ b/openssl.spec @@ -2,7 +2,7 @@ %define libmaj 0 %define libmin 9 %define librel 8 -%define librev m +%define librev n Release: 1 %define openssldir /var/ssl diff --git a/ssl/kssl.c b/ssl/kssl.c index 73401c92a3e9..5cba28b89b8b 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -1802,6 +1802,9 @@ kssl_ctx_show(KSSL_CTX *kssl_ctx) kssl_ctx->service_name ? kssl_ctx->service_name: KRB5SVC, KRB5_NT_SRV_HST, &princ); + if (krb5rc) + goto exit; + krb5rc = krb5_kt_get_entry(krb5context, krb5keytab, princ, 0 /* IGNORE_VNO */, diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index a2ba5748d5eb..5e3583c04d42 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -291,9 +291,9 @@ static int ssl3_get_record(SSL *s) if (version != s->version) { SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); - /* Send back error using their - * version number :-) */ - s->version=version; + if ((s->version & 0xFF00) == (version & 0xFF00)) + /* Send back error using their minor version number :-) */ + s->version = (unsigned short)version; al=SSL_AD_PROTOCOL_VERSION; goto f_err; }