Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/OPENSSL]: src/crypto/external/bsd/openssl/dist Import OpenSSL-1.1.1n sec...



details:   https://anonhg.NetBSD.org/src/rev/760cfcc582db
branches:  OPENSSL
changeset: 363922:760cfcc582db
user:      christos <christos%NetBSD.org@localhost>
date:      Tue Mar 15 20:47:08 2022 +0000

description:
Import OpenSSL-1.1.1n security fix

 Changes between 1.1.1m and 1.1.1n [15 Mar 2022]

  *) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
     for non-prime moduli.

     Internally this function is used when parsing certificates that contain
     elliptic curve public keys in compressed form or explicit elliptic curve
     parameters with a base point encoded in compressed form.

     It is possible to trigger the infinite loop by crafting a certificate that
     has invalid explicit curve parameters.

     Since certificate parsing happens prior to verification of the certificate
     signature, any process that parses an externally supplied certificate may
     thus be subject to a denial of service attack. The infinite loop can also
     be reached when parsing crafted private keys as they can contain explicit
     elliptic curve parameters.

     Thus vulnerable situations include:

      - TLS clients consuming server certificates
      - TLS servers consuming client certificates
      - Hosting providers taking certificates or private keys from customers
      - Certificate authorities parsing certification requests from subscribers
      - Anything else which parses ASN.1 elliptic curve parameters

     Also any other applications that use the BN_mod_sqrt() where the attacker
     can control the parameter values are vulnerable to this DoS issue.
     (CVE-2022-0778)
     [Tomáš Mráz]

  *) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489)
     to the list of ciphersuites providing Perfect Forward Secrecy as
     required by SECLEVEL >= 3.

     [Dmitry Belyavskiy, Nicola Tuveri]

diffstat:

 crypto/external/bsd/openssl/dist/CHANGES                                  |   37 +++
 crypto/external/bsd/openssl/dist/Configurations/10-main.conf              |    9 +-
 crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl          |    3 +-
 crypto/external/bsd/openssl/dist/Configure                                |   22 +-
 crypto/external/bsd/openssl/dist/NEWS                                     |    5 +
 crypto/external/bsd/openssl/dist/README                                   |    2 +-
 crypto/external/bsd/openssl/dist/apps/apps.c                              |   10 +-
 crypto/external/bsd/openssl/dist/apps/openssl.c                           |    6 +-
 crypto/external/bsd/openssl/dist/apps/passwd.c                            |   10 +-
 crypto/external/bsd/openssl/dist/apps/s_client.c                          |   11 +
 crypto/external/bsd/openssl/dist/apps/s_socket.c                          |    4 +-
 crypto/external/bsd/openssl/dist/apps/vms_decc_argv.c                     |   66 +++++
 crypto/external/bsd/openssl/dist/apps/vms_decc_init.c                     |   40 +---
 crypto/external/bsd/openssl/dist/config                                   |    1 +
 crypto/external/bsd/openssl/dist/crypto/asn1/charmap.h                    |    2 +-
 crypto/external/bsd/openssl/dist/crypto/bio/b_addr.c                      |    4 +-
 crypto/external/bsd/openssl/dist/crypto/bn/bn_exp2.c                      |    4 +-
 crypto/external/bsd/openssl/dist/crypto/bn/bn_prime.h                     |    2 +-
 crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c                     |    2 +-
 crypto/external/bsd/openssl/dist/crypto/bn/bn_sqrt.c                      |   32 +-
 crypto/external/bsd/openssl/dist/crypto/conf/conf_def.h                   |    2 +-
 crypto/external/bsd/openssl/dist/crypto/engine/eng_all.c                  |    5 +-
 crypto/external/bsd/openssl/dist/crypto/engine/eng_dyn.c                  |   13 +-
 crypto/external/bsd/openssl/dist/crypto/evp/digest.c                      |   34 +-
 crypto/external/bsd/openssl/dist/crypto/lhash/lhash.c                     |    8 +-
 crypto/external/bsd/openssl/dist/crypto/objects/obj_dat.c                 |    7 +-
 crypto/external/bsd/openssl/dist/crypto/objects/obj_dat.h                 |    2 +-
 crypto/external/bsd/openssl/dist/crypto/objects/obj_xref.h                |    2 +-
 crypto/external/bsd/openssl/dist/crypto/ui/ui_openssl.c                   |    8 +-
 crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c                   |   13 +-
 crypto/external/bsd/openssl/dist/crypto/x509v3/v3_utl.c                   |   19 +-
 crypto/external/bsd/openssl/dist/doc/man1/cms.pod                         |    5 +-
 crypto/external/bsd/openssl/dist/doc/man3/BIO_ctrl.pod                    |    4 +-
 crypto/external/bsd/openssl/dist/doc/man3/BIO_f_base64.pod                |   21 +-
 crypto/external/bsd/openssl/dist/doc/man3/BN_add.pod                      |   17 +-
 crypto/external/bsd/openssl/dist/doc/man3/DEFINE_STACK_OF.pod             |    3 +-
 crypto/external/bsd/openssl/dist/doc/man3/OBJ_nid2obj.pod                 |   34 +-
 crypto/external/bsd/openssl/dist/doc/man3/SSL_CONF_cmd.pod                |    4 +-
 crypto/external/bsd/openssl/dist/doc/man3/X509_STORE_CTX_new.pod          |   71 +++++-
 crypto/external/bsd/openssl/dist/include/internal/sockets.h               |    4 +-
 crypto/external/bsd/openssl/dist/include/openssl/engine.h                 |    3 +-
 crypto/external/bsd/openssl/dist/include/openssl/obj_mac.h                |    2 +-
 crypto/external/bsd/openssl/dist/include/openssl/opensslv.h               |    4 +-
 crypto/external/bsd/openssl/dist/ssl/s3_lib.c                             |   14 +-
 crypto/external/bsd/openssl/dist/ssl/ssl_cert.c                           |    7 +-
 crypto/external/bsd/openssl/dist/test/asn1_internal_test.c                |   29 ++-
 crypto/external/bsd/openssl/dist/test/bntest.c                            |   58 ++++-
 crypto/external/bsd/openssl/dist/test/build.info                          |    2 +-
 crypto/external/bsd/openssl/dist/test/evp_extra_test.c                    |   80 ++++++-
 crypto/external/bsd/openssl/dist/test/recipes/10-test_bn_data/bnmod.txt   |   14 +-
 crypto/external/bsd/openssl/dist/test/recipes/15-test_genrsa.t            |    9 +-
 crypto/external/bsd/openssl/dist/test/recipes/20-test_dgst.t              |    8 +-
 crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpkdf.txt |    8 +-
 crypto/external/bsd/openssl/dist/test/recipes/70-test_verify_extra.t      |    9 +-
 crypto/external/bsd/openssl/dist/test/recipes/80-test_ssl_old.t           |   41 +++-
 crypto/external/bsd/openssl/dist/test/ssltest_old.c                       |   72 +++++-
 crypto/external/bsd/openssl/dist/test/verify_extra_test.c                 |  116 +++++++++-
 57 files changed, 808 insertions(+), 216 deletions(-)

diffs (truncated from 2195 to 300 lines):

diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/CHANGES
--- a/crypto/external/bsd/openssl/dist/CHANGES  Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/CHANGES  Tue Mar 15 20:47:08 2022 +0000
@@ -7,6 +7,43 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1m and 1.1.1n [15 Mar 2022]
+
+  *) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
+     for non-prime moduli.
+
+     Internally this function is used when parsing certificates that contain
+     elliptic curve public keys in compressed form or explicit elliptic curve
+     parameters with a base point encoded in compressed form.
+
+     It is possible to trigger the infinite loop by crafting a certificate that
+     has invalid explicit curve parameters.
+
+     Since certificate parsing happens prior to verification of the certificate
+     signature, any process that parses an externally supplied certificate may
+     thus be subject to a denial of service attack. The infinite loop can also
+     be reached when parsing crafted private keys as they can contain explicit
+     elliptic curve parameters.
+
+     Thus vulnerable situations include:
+
+      - TLS clients consuming server certificates
+      - TLS servers consuming client certificates
+      - Hosting providers taking certificates or private keys from customers
+      - Certificate authorities parsing certification requests from subscribers
+      - Anything else which parses ASN.1 elliptic curve parameters
+
+     Also any other applications that use the BN_mod_sqrt() where the attacker
+     can control the parameter values are vulnerable to this DoS issue.
+     (CVE-2022-0778)
+     [Tomáš Mráz]
+
+  *) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489)
+     to the list of ciphersuites providing Perfect Forward Secrecy as
+     required by SECLEVEL >= 3.
+
+     [Dmitry Belyavskiy, Nicola Tuveri]
+
  Changes between 1.1.1l and 1.1.1m [14 Dec 2021]
 
   *) Avoid loading of a dynamic engine twice.
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/Configurations/10-main.conf
--- a/crypto/external/bsd/openssl/dist/Configurations/10-main.conf      Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/Configurations/10-main.conf      Tue Mar 15 20:47:08 2022 +0000
@@ -988,6 +988,13 @@
         perlasm_scheme   => "elf",
     },
 
+    # riscv64 below refers to contemporary RISCV Architecture
+    # specifications,
+    "BSD-riscv64" => {
+        inherit_from     => [ "BSD-generic64"],
+        perlasm_scheme   => "linux64",
+    },
+
     "bsdi-elf-gcc" => {
         inherit_from     => [ "BASE_unix", asm("x86_elf_asm") ],
         CC               => "gcc",
@@ -1765,7 +1772,7 @@
 
         disable          => add('pinshared'),
 
-        apps_aux_src     => "vms_term_sock.c",
+        apps_aux_src     => "vms_term_sock.c vms_decc_argv.c",
         apps_init_src    => "vms_decc_init.c",
     },
 
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl
--- a/crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl  Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl  Tue Mar 15 20:47:08 2022 +0000
@@ -438,7 +438,8 @@
         DEFINE SRCTOP {- sourcedir() -}
         DEFINE BLDTOP {- builddir() -}
         DEFINE RESULT_D {- builddir(qw(test test-runs)) -}
-        DEFINE OPENSSL_ENGINES {- builddir("engines") -}
+        engines = F$PARSE("{- builddir("engines") -}","A.;",,,"syntax_only") - "A.;"
+        DEFINE OPENSSL_ENGINES 'engines'
         DEFINE OPENSSL_DEBUG_MEMORY "on"
         IF "$(VERBOSE)" .NES. "" THEN DEFINE VERBOSE "$(VERBOSE)"
         $(PERL) {- sourcefile("test", "run_tests.pl") -} $(TESTS)
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/Configure
--- a/crypto/external/bsd/openssl/dist/Configure        Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/Configure        Tue Mar 15 20:47:08 2022 +0000
@@ -3161,25 +3161,25 @@
         }
     }
 
-    foreach (sort keys %all_keys) {
-        my $previous = $combined_inheritance{$_};
+    foreach my $key (sort keys %all_keys) {
+        my $previous = $combined_inheritance{$key};
 
         # Current target doesn't have a value for the current key?
         # Assign it the default combiner, the rest of this loop body
         # will handle it just like any other coderef.
-        if (!exists $table{$target}->{$_}) {
-            $table{$target}->{$_} = $default_combiner;
+        if (!exists $table{$target}->{$key}) {
+            $table{$target}->{$key} = $default_combiner;
         }
 
-        $table{$target}->{$_} = process_values($table{$target}->{$_},
-                                               $combined_inheritance{$_},
-                                               $target, $_);
-        unless(defined($table{$target}->{$_})) {
-            delete $table{$target}->{$_};
+        $table{$target}->{$key} = process_values($table{$target}->{$key},
+                                               $combined_inheritance{$key},
+                                               $target, $key);
+        unless(defined($table{$target}->{$key})) {
+            delete $table{$target}->{$key};
         }
 #        if ($extra_checks &&
-#            $previous && !($add_called ||  $previous ~~ $table{$target}->{$_})) {
-#            warn "$_ got replaced in $target\n";
+#            $previous && !($add_called ||  $previous ~~ $table{$target}->{$key})) {
+#            warn "$key got replaced in $target\n";
 #        }
     }
 
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/NEWS
--- a/crypto/external/bsd/openssl/dist/NEWS     Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/NEWS     Tue Mar 15 20:47:08 2022 +0000
@@ -5,6 +5,11 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1m and OpenSSL 1.1.1n [15 Mar 2022]
+
+      o Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
+        forever for non-prime moduli ([CVE-2022-0778])
+
   Major changes between OpenSSL 1.1.1l and OpenSSL 1.1.1m [14 Dec 2021]
 
       o None
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/README
--- a/crypto/external/bsd/openssl/dist/README   Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/README   Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
 
- OpenSSL 1.1.1m 14 Dec 2021
+ OpenSSL 1.1.1n 15 Mar 2022
 
  Copyright (c) 1998-2021 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/apps/apps.c
--- a/crypto/external/bsd/openssl/dist/apps/apps.c      Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/apps.c      Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -300,9 +300,13 @@
         int ui_flags = 0;
         const char *prompt_info = NULL;
         char *prompt;
+        int pw_min_len = PW_MIN_LENGTH;
 
         if (cb_data != NULL && cb_data->prompt_info != NULL)
             prompt_info = cb_data->prompt_info;
+        if (cb_data != NULL && cb_data->password != NULL
+                && *(const char*)cb_data->password != '\0')
+            pw_min_len = 1;
         prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
         if (!prompt) {
             BIO_printf(bio_err, "Out of memory\n");
@@ -317,12 +321,12 @@
         (void)UI_add_user_data(ui, cb_data);
 
         ok = UI_add_input_string(ui, prompt, ui_flags, buf,
-                                 PW_MIN_LENGTH, bufsiz - 1);
+                                 pw_min_len, bufsiz - 1);
 
         if (ok >= 0 && verify) {
             buff = app_malloc(bufsiz, "password buffer");
             ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
-                                      PW_MIN_LENGTH, bufsiz - 1, buf);
+                                      pw_min_len, bufsiz - 1, buf);
         }
         if (ok >= 0)
             do {
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/apps/openssl.c
--- a/crypto/external/bsd/openssl/dist/apps/openssl.c   Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/openssl.c   Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -120,7 +120,6 @@
 {
     FUNCTION f, *fp;
     LHASH_OF(FUNCTION) *prog = NULL;
-    char **copied_argv = NULL;
     char *p, *pname;
     char buf[1024];
     const char *prompt;
@@ -137,7 +136,7 @@
     bio_err = dup_bio_err(FORMAT_TEXT);
 
 #if defined(OPENSSL_SYS_VMS) && defined(__DECC)
-    copied_argv = argv = copy_argv(&argc, argv);
+    argv = copy_argv(&argc, argv);
 #elif defined(_WIN32)
     /*
      * Replace argv[] with UTF-8 encoded strings.
@@ -258,7 +257,6 @@
     }
     ret = 1;
  end:
-    OPENSSL_free(copied_argv);
     OPENSSL_free(default_config_file);
     lh_FUNCTION_free(prog);
     OPENSSL_free(arg.argv);
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/apps/passwd.c
--- a/crypto/external/bsd/openssl/dist/apps/passwd.c    Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/passwd.c    Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -407,7 +407,7 @@
         n >>= 1;
     }
     if (!EVP_DigestFinal_ex(md, buf, NULL))
-        return NULL;
+        goto err;
 
     for (i = 0; i < 1000; i++) {
         if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL))
@@ -633,7 +633,7 @@
         n >>= 1;
     }
     if (!EVP_DigestFinal_ex(md, buf, NULL))
-        return NULL;
+        goto err;
 
     /* P sequence */
     if (!EVP_DigestInit_ex(md2, sha, NULL))
@@ -644,7 +644,7 @@
             goto err;
 
     if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
-        return NULL;
+        goto err;
 
     if ((p_bytes = OPENSSL_zalloc(passwd_len)) == NULL)
         goto err;
@@ -661,7 +661,7 @@
             goto err;
 
     if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
-        return NULL;
+        goto err;
 
     if ((s_bytes = OPENSSL_zalloc(salt_len)) == NULL)
         goto err;
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/apps/s_client.c
--- a/crypto/external/bsd/openssl/dist/apps/s_client.c  Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/s_client.c  Tue Mar 15 20:47:08 2022 +0000
@@ -938,6 +938,7 @@
     struct timeval tv;
 #endif
     const char *servername = NULL;
+    char *sname_alloc = NULL;
     int noservername = 0;
     const char *alpn_in = NULL;
     tlsextctx tlsextcbp = { NULL, 0 };
@@ -1588,6 +1589,15 @@
                        "%s: -proxy argument malformed or ambiguous\n", prog);
             goto end;
         }
+        if (servername == NULL && !noservername) {
+            res = BIO_parse_hostserv(connectstr, &sname_alloc, NULL, BIO_PARSE_PRIO_HOST);
+            if (!res) {
+                BIO_printf(bio_err,
+                        "%s: -connect argument malformed or ambiguous\n", prog);
+                goto end;
+            }
+            servername = sname_alloc;
+        }
     } else {
         int res = 1;
         char *tmp_host = host, *tmp_port = port;
@@ -3149,6 +3159,7 @@
 #ifndef OPENSSL_NO_SRP


Home | Main Index | Thread Index | Old Index