Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssl/dist merge conflicts between ope...
details: https://anonhg.NetBSD.org/src/rev/13d1d9744232
branches: trunk
changeset: 359483:13d1d9744232
user: christos <christos%NetBSD.org@localhost>
date: Fri Jan 07 15:50:10 2022 +0000
description:
merge conflicts between openssl-1-1-1k and openssl-1-1-1m
diffstat:
crypto/external/bsd/openssl/dist/CHANGES | 85 +
crypto/external/bsd/openssl/dist/Configure | 3 +
crypto/external/bsd/openssl/dist/NEWS | 9 +
crypto/external/bsd/openssl/dist/README | 2 +-
crypto/external/bsd/openssl/dist/apps/s_client.c | 4 +-
crypto/external/bsd/openssl/dist/apps/s_server.c | 13 +-
crypto/external/bsd/openssl/dist/apps/speed.c | 10 +-
crypto/external/bsd/openssl/dist/crypto/armcap.c | 30 +-
crypto/external/bsd/openssl/dist/crypto/asn1/a_strex.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl | 6 +-
crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c | 9 +-
crypto/external/bsd/openssl/dist/crypto/engine/eng_lib.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c | 204 +-
crypto/external/bsd/openssl/dist/crypto/evp/evp_enc.c | 12 +-
crypto/external/bsd/openssl/dist/crypto/objects/o_names.c | 16 +-
crypto/external/bsd/openssl/dist/crypto/ppccap.c | 6 +
crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c | 7 +-
crypto/external/bsd/openssl/dist/crypto/uid.c | 10 +-
crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c | 62 +-
crypto/external/bsd/openssl/dist/ssl/d1_lib.c | 3 +-
crypto/external/bsd/openssl/dist/ssl/s3_cbc.c | 4 +-
crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c | 3 +-
crypto/external/bsd/openssl/dist/ssl/ssl_err.c | 7 +-
crypto/external/bsd/openssl/dist/ssl/ssl_lib.c | 61 +-
crypto/external/bsd/openssl/dist/ssl/t1_lib.c | 11 +-
crypto/external/bsd/openssl/dist/test/bntest.c | 158 +-
crypto/external/bsd/openssl/dist/test/ectest.c | 54 +-
crypto/external/bsd/openssl/dist/test/evp_extra_test.c | 771 +++++++++-
crypto/external/bsd/openssl/dist/test/evp_test.c | 4 +-
crypto/external/bsd/openssl/dist/test/rsa_test.c | 9 +-
crypto/external/bsd/openssl/dist/test/testutil/format_output.c | 14 +-
crypto/external/bsd/openssl/dist/test/testutil/tests.c | 14 +-
32 files changed, 1384 insertions(+), 225 deletions(-)
diffs (truncated from 2644 to 300 lines):
diff -r c69867c22902 -r 13d1d9744232 crypto/external/bsd/openssl/dist/CHANGES
--- a/crypto/external/bsd/openssl/dist/CHANGES Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/CHANGES Fri Jan 07 15:50:10 2022 +0000
@@ -7,6 +7,91 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
+ Changes between 1.1.1l and 1.1.1m [14 Dec 2021]
+
+ *) Avoid loading of a dynamic engine twice.
+
+ [Bernd Edlinger]
+
+ *) Fixed building on Debian with kfreebsd kernels
+
+ [Mattias Ellert]
+
+ *) Prioritise DANE TLSA issuer certs over peer certs
+
+ [Viktor Dukhovni]
+
+ *) Fixed random API for MacOS prior to 10.12
+
+ These MacOS versions don't support the CommonCrypto APIs
+
+ [Lenny Primak]
+
+ Changes between 1.1.1k and 1.1.1l [24 Aug 2021]
+
+ *) Fixed an SM2 Decryption Buffer Overflow.
+
+ In order to decrypt SM2 encrypted data an application is expected to call the
+ API function EVP_PKEY_decrypt(). Typically an application will call this
+ function twice. The first time, on entry, the "out" parameter can be NULL and,
+ on exit, the "outlen" parameter is populated with the buffer size required to
+ hold the decrypted plaintext. The application can then allocate a sufficiently
+ sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL
+ value for the "out" parameter.
+
+ A bug in the implementation of the SM2 decryption code means that the
+ calculation of the buffer size required to hold the plaintext returned by the
+ first call to EVP_PKEY_decrypt() can be smaller than the actual size required by
+ the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is
+ called by the application a second time with a buffer that is too small.
+
+ A malicious attacker who is able present SM2 content for decryption to an
+ application could cause attacker chosen data to overflow the buffer by up to a
+ maximum of 62 bytes altering the contents of other data held after the
+ buffer, possibly changing application behaviour or causing the application to
+ crash. The location of the buffer is application dependent but is typically
+ heap allocated.
+ (CVE-2021-3711)
+ [Matt Caswell]
+
+ *) Fixed various read buffer overruns processing ASN.1 strings
+
+ ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING
+ structure which contains a buffer holding the string data and a field holding
+ the buffer length. This contrasts with normal C strings which are repesented as
+ a buffer for the string data which is terminated with a NUL (0) byte.
+
+ Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's
+ own "d2i" functions (and other similar parsing functions) as well as any string
+ whose value has been set with the ASN1_STRING_set() function will additionally
+ NUL terminate the byte array in the ASN1_STRING structure.
+
+ However, it is possible for applications to directly construct valid ASN1_STRING
+ structures which do not NUL terminate the byte array by directly setting the
+ "data" and "length" fields in the ASN1_STRING array. This can also happen by
+ using the ASN1_STRING_set0() function.
+
+ Numerous OpenSSL functions that print ASN.1 data have been found to assume that
+ the ASN1_STRING byte array will be NUL terminated, even though this is not
+ guaranteed for strings that have been directly constructed. Where an application
+ requests an ASN.1 structure to be printed, and where that ASN.1 structure
+ contains ASN1_STRINGs that have been directly constructed by the application
+ without NUL terminating the "data" field, then a read buffer overrun can occur.
+
+ The same thing can also occur during name constraints processing of certificates
+ (for example if a certificate has been directly constructed by the application
+ instead of loading it via the OpenSSL parsing functions, and the certificate
+ contains non NUL terminated ASN1_STRING structures). It can also occur in the
+ X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions.
+
+ If a malicious actor can cause an application to directly construct an
+ ASN1_STRING and then process it through one of the affected OpenSSL functions
+ then this issue could be hit. This might result in a crash (causing a Denial of
+ Service attack). It could also result in the disclosure of private memory
+ contents (such as private keys, or sensitive plaintext).
+ (CVE-2021-3712)
+ [Matt Caswell]
+
Changes between 1.1.1j and 1.1.1k [25 Mar 2021]
*) Fixed a problem with verifying a certificate chain when using the
diff -r c69867c22902 -r 13d1d9744232 crypto/external/bsd/openssl/dist/Configure
--- a/crypto/external/bsd/openssl/dist/Configure Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/Configure Fri Jan 07 15:50:10 2022 +0000
@@ -1304,16 +1304,19 @@
unless ($disabled{asan}) {
push @{$config{cflags}}, "-fsanitize=address";
+ push @{$config{cxxflags}}, "-fsanitize=address" if $config{CXX};
}
unless ($disabled{ubsan}) {
# -DPEDANTIC or -fnosanitize=alignment may also be required on some
# platforms.
push @{$config{cflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all";
+ push @{$config{cxxflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all" if $config{CXX};
}
unless ($disabled{msan}) {
push @{$config{cflags}}, "-fsanitize=memory";
+ push @{$config{cxxflags}}, "-fsanitize=memory" if $config{CXX};
}
unless ($disabled{"fuzz-libfuzzer"} && $disabled{"fuzz-afl"}
diff -r c69867c22902 -r 13d1d9744232 crypto/external/bsd/openssl/dist/NEWS
--- a/crypto/external/bsd/openssl/dist/NEWS Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/NEWS Fri Jan 07 15:50:10 2022 +0000
@@ -5,6 +5,15 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.1.1l and OpenSSL 1.1.1m [14 Dec 2021]
+
+ o None
+
+ Major changes between OpenSSL 1.1.1k and OpenSSL 1.1.1l [24 Aug 2021]
+
+ o Fixed an SM2 Decryption Buffer Overflow (CVE-2021-3711)
+ o Fixed various read buffer overruns processing ASN.1 strings (CVE-2021-3712)
+
Major changes between OpenSSL 1.1.1j and OpenSSL 1.1.1k [25 Mar 2021]
o Fixed a problem with verifying a certificate chain when using the
diff -r c69867c22902 -r 13d1d9744232 crypto/external/bsd/openssl/dist/README
--- a/crypto/external/bsd/openssl/dist/README Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/README Fri Jan 07 15:50:10 2022 +0000
@@ -1,5 +1,5 @@
- OpenSSL 1.1.1k 25 Mar 2021
+ OpenSSL 1.1.1m 14 Dec 2021
Copyright (c) 1998-2021 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff -r c69867c22902 -r 13d1d9744232 crypto/external/bsd/openssl/dist/apps/s_client.c
--- a/crypto/external/bsd/openssl/dist/apps/s_client.c Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/s_client.c Fri Jan 07 15:50:10 2022 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2005 Nokia. All rights reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -3161,6 +3161,8 @@
#endif
OPENSSL_free(connectstr);
OPENSSL_free(bindstr);
+ OPENSSL_free(bindhost);
+ OPENSSL_free(bindport);
OPENSSL_free(host);
OPENSSL_free(port);
X509_VERIFY_PARAM_free(vpm);
diff -r c69867c22902 -r 13d1d9744232 crypto/external/bsd/openssl/dist/apps/s_server.c
--- a/crypto/external/bsd/openssl/dist/apps/s_server.c Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/s_server.c Fri Jan 07 15:50:10 2022 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
@@ -133,6 +133,17 @@
if (s_debug)
BIO_printf(bio_s_out, "psk_server_cb\n");
+
+ if (!SSL_is_dtls(ssl) && SSL_version(ssl) >= TLS1_3_VERSION) {
+ /*
+ * This callback is designed for use in (D)TLSv1.2 (or below). It is
+ * possible to use a single callback for all protocol versions - but it
+ * is preferred to use a dedicated callback for TLSv1.3. For TLSv1.3 we
+ * have psk_find_session_cb.
+ */
+ return 0;
+ }
+
if (identity == NULL) {
BIO_printf(bio_err, "Error: client did not send PSK identity\n");
goto out_err;
diff -r c69867c22902 -r 13d1d9744232 crypto/external/bsd/openssl/dist/apps/speed.c
--- a/crypto/external/bsd/openssl/dist/apps/speed.c Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/speed.c Fri Jan 07 15:50:10 2022 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -1590,6 +1590,10 @@
case OPT_MULTI:
#ifndef NO_FORK
multi = atoi(opt_arg());
+ if (multi >= INT_MAX / (int)sizeof(int)) {
+ BIO_printf(bio_err, "%s: multi argument too large\n", prog);
+ return 0;
+ }
#endif
break;
case OPT_ASYNCJOBS:
@@ -3490,7 +3494,7 @@
close(fd[1]);
mr = 1;
usertime = 0;
- free(fds);
+ OPENSSL_free(fds);
return 0;
}
printf("Forked child %d\n", n);
@@ -3603,7 +3607,7 @@
fclose(f);
}
- free(fds);
+ OPENSSL_free(fds);
return 1;
}
#endif
diff -r c69867c22902 -r 13d1d9744232 crypto/external/bsd/openssl/dist/crypto/armcap.c
--- a/crypto/external/bsd/openssl/dist/crypto/armcap.c Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/crypto/armcap.c Fri Jan 07 15:50:10 2022 +0000
@@ -68,6 +68,12 @@
# include <sys/auxv.h>
# define OSSL_IMPLEMENT_GETAUXVAL
# endif
+# elif defined(__ANDROID_API__)
+/* see https://developer.android.google.cn/ndk/guides/cpu-features */
+# if __ANDROID_API__ >= 18
+# include <sys/auxv.h>
+# define OSSL_IMPLEMENT_GETAUXVAL
+# endif
# endif
# if defined(__FreeBSD__)
# include <sys/param.h>
@@ -88,23 +94,35 @@
# endif
/*
+ * Android: according to https://developer.android.com/ndk/guides/cpu-features,
+ * getauxval is supported starting with API level 18
+ */
+# if defined(__ANDROID__) && defined(__ANDROID_API__) && __ANDROID_API__ >= 18
+# include <sys/auxv.h>
+# define OSSL_IMPLEMENT_GETAUXVAL
+# endif
+
+/*
* ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas
* AArch64 used AT_HWCAP.
*/
+# ifndef AT_HWCAP
+# define AT_HWCAP 16
+# endif
+# ifndef AT_HWCAP2
+# define AT_HWCAP2 26
+# endif
# if defined(__arm__) || defined (__arm)
-# define HWCAP 16
- /* AT_HWCAP */
+# define HWCAP AT_HWCAP
# define HWCAP_NEON (1 << 12)
-# define HWCAP_CE 26
- /* AT_HWCAP2 */
+# define HWCAP_CE AT_HWCAP2
# define HWCAP_CE_AES (1 << 0)
# define HWCAP_CE_PMULL (1 << 1)
# define HWCAP_CE_SHA1 (1 << 2)
# define HWCAP_CE_SHA256 (1 << 3)
# elif defined(__aarch64__)
-# define HWCAP 16
- /* AT_HWCAP */
+# define HWCAP AT_HWCAP
# define HWCAP_NEON (1 << 1)
# define HWCAP_CE HWCAP
diff -r c69867c22902 -r 13d1d9744232 crypto/external/bsd/openssl/dist/crypto/asn1/a_strex.c
--- a/crypto/external/bsd/openssl/dist/crypto/asn1/a_strex.c Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/crypto/asn1/a_strex.c Fri Jan 07 15:50:10 2022 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
Home |
Main Index |
Thread Index |
Old Index