Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/OPENSSL]: src/crypto/external/bsd/openssl/dist Import OpenSSL-1.1.1n sec...
details: https://anonhg.NetBSD.org/src/rev/760cfcc582db
branches: OPENSSL
changeset: 363922:760cfcc582db
user: christos <christos%NetBSD.org@localhost>
date: Tue Mar 15 20:47:08 2022 +0000
description:
Import OpenSSL-1.1.1n security fix
Changes between 1.1.1m and 1.1.1n [15 Mar 2022]
*) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
for non-prime moduli.
Internally this function is used when parsing certificates that contain
elliptic curve public keys in compressed form or explicit elliptic curve
parameters with a base point encoded in compressed form.
It is possible to trigger the infinite loop by crafting a certificate that
has invalid explicit curve parameters.
Since certificate parsing happens prior to verification of the certificate
signature, any process that parses an externally supplied certificate may
thus be subject to a denial of service attack. The infinite loop can also
be reached when parsing crafted private keys as they can contain explicit
elliptic curve parameters.
Thus vulnerable situations include:
- TLS clients consuming server certificates
- TLS servers consuming client certificates
- Hosting providers taking certificates or private keys from customers
- Certificate authorities parsing certification requests from subscribers
- Anything else which parses ASN.1 elliptic curve parameters
Also any other applications that use the BN_mod_sqrt() where the attacker
can control the parameter values are vulnerable to this DoS issue.
(CVE-2022-0778)
[Tomáš Mráz]
*) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489)
to the list of ciphersuites providing Perfect Forward Secrecy as
required by SECLEVEL >= 3.
[Dmitry Belyavskiy, Nicola Tuveri]
diffstat:
crypto/external/bsd/openssl/dist/CHANGES | 37 +++
crypto/external/bsd/openssl/dist/Configurations/10-main.conf | 9 +-
crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl | 3 +-
crypto/external/bsd/openssl/dist/Configure | 22 +-
crypto/external/bsd/openssl/dist/NEWS | 5 +
crypto/external/bsd/openssl/dist/README | 2 +-
crypto/external/bsd/openssl/dist/apps/apps.c | 10 +-
crypto/external/bsd/openssl/dist/apps/openssl.c | 6 +-
crypto/external/bsd/openssl/dist/apps/passwd.c | 10 +-
crypto/external/bsd/openssl/dist/apps/s_client.c | 11 +
crypto/external/bsd/openssl/dist/apps/s_socket.c | 4 +-
crypto/external/bsd/openssl/dist/apps/vms_decc_argv.c | 66 +++++
crypto/external/bsd/openssl/dist/apps/vms_decc_init.c | 40 +---
crypto/external/bsd/openssl/dist/config | 1 +
crypto/external/bsd/openssl/dist/crypto/asn1/charmap.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/bio/b_addr.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_exp2.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_prime.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c | 2 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_sqrt.c | 32 +-
crypto/external/bsd/openssl/dist/crypto/conf/conf_def.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/engine/eng_all.c | 5 +-
crypto/external/bsd/openssl/dist/crypto/engine/eng_dyn.c | 13 +-
crypto/external/bsd/openssl/dist/crypto/evp/digest.c | 34 +-
crypto/external/bsd/openssl/dist/crypto/lhash/lhash.c | 8 +-
crypto/external/bsd/openssl/dist/crypto/objects/obj_dat.c | 7 +-
crypto/external/bsd/openssl/dist/crypto/objects/obj_dat.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/objects/obj_xref.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/ui/ui_openssl.c | 8 +-
crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c | 13 +-
crypto/external/bsd/openssl/dist/crypto/x509v3/v3_utl.c | 19 +-
crypto/external/bsd/openssl/dist/doc/man1/cms.pod | 5 +-
crypto/external/bsd/openssl/dist/doc/man3/BIO_ctrl.pod | 4 +-
crypto/external/bsd/openssl/dist/doc/man3/BIO_f_base64.pod | 21 +-
crypto/external/bsd/openssl/dist/doc/man3/BN_add.pod | 17 +-
crypto/external/bsd/openssl/dist/doc/man3/DEFINE_STACK_OF.pod | 3 +-
crypto/external/bsd/openssl/dist/doc/man3/OBJ_nid2obj.pod | 34 +-
crypto/external/bsd/openssl/dist/doc/man3/SSL_CONF_cmd.pod | 4 +-
crypto/external/bsd/openssl/dist/doc/man3/X509_STORE_CTX_new.pod | 71 +++++-
crypto/external/bsd/openssl/dist/include/internal/sockets.h | 4 +-
crypto/external/bsd/openssl/dist/include/openssl/engine.h | 3 +-
crypto/external/bsd/openssl/dist/include/openssl/obj_mac.h | 2 +-
crypto/external/bsd/openssl/dist/include/openssl/opensslv.h | 4 +-
crypto/external/bsd/openssl/dist/ssl/s3_lib.c | 14 +-
crypto/external/bsd/openssl/dist/ssl/ssl_cert.c | 7 +-
crypto/external/bsd/openssl/dist/test/asn1_internal_test.c | 29 ++-
crypto/external/bsd/openssl/dist/test/bntest.c | 58 ++++-
crypto/external/bsd/openssl/dist/test/build.info | 2 +-
crypto/external/bsd/openssl/dist/test/evp_extra_test.c | 80 ++++++-
crypto/external/bsd/openssl/dist/test/recipes/10-test_bn_data/bnmod.txt | 14 +-
crypto/external/bsd/openssl/dist/test/recipes/15-test_genrsa.t | 9 +-
crypto/external/bsd/openssl/dist/test/recipes/20-test_dgst.t | 8 +-
crypto/external/bsd/openssl/dist/test/recipes/30-test_evp_data/evpkdf.txt | 8 +-
crypto/external/bsd/openssl/dist/test/recipes/70-test_verify_extra.t | 9 +-
crypto/external/bsd/openssl/dist/test/recipes/80-test_ssl_old.t | 41 +++-
crypto/external/bsd/openssl/dist/test/ssltest_old.c | 72 +++++-
crypto/external/bsd/openssl/dist/test/verify_extra_test.c | 116 +++++++++-
57 files changed, 808 insertions(+), 216 deletions(-)
diffs (truncated from 2195 to 300 lines):
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/CHANGES
--- a/crypto/external/bsd/openssl/dist/CHANGES Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/CHANGES Tue Mar 15 20:47:08 2022 +0000
@@ -7,6 +7,43 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
+ Changes between 1.1.1m and 1.1.1n [15 Mar 2022]
+
+ *) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
+ for non-prime moduli.
+
+ Internally this function is used when parsing certificates that contain
+ elliptic curve public keys in compressed form or explicit elliptic curve
+ parameters with a base point encoded in compressed form.
+
+ It is possible to trigger the infinite loop by crafting a certificate that
+ has invalid explicit curve parameters.
+
+ Since certificate parsing happens prior to verification of the certificate
+ signature, any process that parses an externally supplied certificate may
+ thus be subject to a denial of service attack. The infinite loop can also
+ be reached when parsing crafted private keys as they can contain explicit
+ elliptic curve parameters.
+
+ Thus vulnerable situations include:
+
+ - TLS clients consuming server certificates
+ - TLS servers consuming client certificates
+ - Hosting providers taking certificates or private keys from customers
+ - Certificate authorities parsing certification requests from subscribers
+ - Anything else which parses ASN.1 elliptic curve parameters
+
+ Also any other applications that use the BN_mod_sqrt() where the attacker
+ can control the parameter values are vulnerable to this DoS issue.
+ (CVE-2022-0778)
+ [Tomáš Mráz]
+
+ *) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489)
+ to the list of ciphersuites providing Perfect Forward Secrecy as
+ required by SECLEVEL >= 3.
+
+ [Dmitry Belyavskiy, Nicola Tuveri]
+
Changes between 1.1.1l and 1.1.1m [14 Dec 2021]
*) Avoid loading of a dynamic engine twice.
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/Configurations/10-main.conf
--- a/crypto/external/bsd/openssl/dist/Configurations/10-main.conf Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/Configurations/10-main.conf Tue Mar 15 20:47:08 2022 +0000
@@ -988,6 +988,13 @@
perlasm_scheme => "elf",
},
+ # riscv64 below refers to contemporary RISCV Architecture
+ # specifications,
+ "BSD-riscv64" => {
+ inherit_from => [ "BSD-generic64"],
+ perlasm_scheme => "linux64",
+ },
+
"bsdi-elf-gcc" => {
inherit_from => [ "BASE_unix", asm("x86_elf_asm") ],
CC => "gcc",
@@ -1765,7 +1772,7 @@
disable => add('pinshared'),
- apps_aux_src => "vms_term_sock.c",
+ apps_aux_src => "vms_term_sock.c vms_decc_argv.c",
apps_init_src => "vms_decc_init.c",
},
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl
--- a/crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/Configurations/descrip.mms.tmpl Tue Mar 15 20:47:08 2022 +0000
@@ -438,7 +438,8 @@
DEFINE SRCTOP {- sourcedir() -}
DEFINE BLDTOP {- builddir() -}
DEFINE RESULT_D {- builddir(qw(test test-runs)) -}
- DEFINE OPENSSL_ENGINES {- builddir("engines") -}
+ engines = F$PARSE("{- builddir("engines") -}","A.;",,,"syntax_only") - "A.;"
+ DEFINE OPENSSL_ENGINES 'engines'
DEFINE OPENSSL_DEBUG_MEMORY "on"
IF "$(VERBOSE)" .NES. "" THEN DEFINE VERBOSE "$(VERBOSE)"
$(PERL) {- sourcefile("test", "run_tests.pl") -} $(TESTS)
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/Configure
--- a/crypto/external/bsd/openssl/dist/Configure Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/Configure Tue Mar 15 20:47:08 2022 +0000
@@ -3161,25 +3161,25 @@
}
}
- foreach (sort keys %all_keys) {
- my $previous = $combined_inheritance{$_};
+ foreach my $key (sort keys %all_keys) {
+ my $previous = $combined_inheritance{$key};
# Current target doesn't have a value for the current key?
# Assign it the default combiner, the rest of this loop body
# will handle it just like any other coderef.
- if (!exists $table{$target}->{$_}) {
- $table{$target}->{$_} = $default_combiner;
+ if (!exists $table{$target}->{$key}) {
+ $table{$target}->{$key} = $default_combiner;
}
- $table{$target}->{$_} = process_values($table{$target}->{$_},
- $combined_inheritance{$_},
- $target, $_);
- unless(defined($table{$target}->{$_})) {
- delete $table{$target}->{$_};
+ $table{$target}->{$key} = process_values($table{$target}->{$key},
+ $combined_inheritance{$key},
+ $target, $key);
+ unless(defined($table{$target}->{$key})) {
+ delete $table{$target}->{$key};
}
# if ($extra_checks &&
-# $previous && !($add_called || $previous ~~ $table{$target}->{$_})) {
-# warn "$_ got replaced in $target\n";
+# $previous && !($add_called || $previous ~~ $table{$target}->{$key})) {
+# warn "$key got replaced in $target\n";
# }
}
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/NEWS
--- a/crypto/external/bsd/openssl/dist/NEWS Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/NEWS Tue Mar 15 20:47:08 2022 +0000
@@ -5,6 +5,11 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.1.1m and OpenSSL 1.1.1n [15 Mar 2022]
+
+ o Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
+ forever for non-prime moduli ([CVE-2022-0778])
+
Major changes between OpenSSL 1.1.1l and OpenSSL 1.1.1m [14 Dec 2021]
o None
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/README
--- a/crypto/external/bsd/openssl/dist/README Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/README Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
- OpenSSL 1.1.1m 14 Dec 2021
+ OpenSSL 1.1.1n 15 Mar 2022
Copyright (c) 1998-2021 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/apps/apps.c
--- a/crypto/external/bsd/openssl/dist/apps/apps.c Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/apps.c Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -300,9 +300,13 @@
int ui_flags = 0;
const char *prompt_info = NULL;
char *prompt;
+ int pw_min_len = PW_MIN_LENGTH;
if (cb_data != NULL && cb_data->prompt_info != NULL)
prompt_info = cb_data->prompt_info;
+ if (cb_data != NULL && cb_data->password != NULL
+ && *(const char*)cb_data->password != '\0')
+ pw_min_len = 1;
prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
if (!prompt) {
BIO_printf(bio_err, "Out of memory\n");
@@ -317,12 +321,12 @@
(void)UI_add_user_data(ui, cb_data);
ok = UI_add_input_string(ui, prompt, ui_flags, buf,
- PW_MIN_LENGTH, bufsiz - 1);
+ pw_min_len, bufsiz - 1);
if (ok >= 0 && verify) {
buff = app_malloc(bufsiz, "password buffer");
ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
- PW_MIN_LENGTH, bufsiz - 1, buf);
+ pw_min_len, bufsiz - 1, buf);
}
if (ok >= 0)
do {
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/apps/openssl.c
--- a/crypto/external/bsd/openssl/dist/apps/openssl.c Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/openssl.c Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -120,7 +120,6 @@
{
FUNCTION f, *fp;
LHASH_OF(FUNCTION) *prog = NULL;
- char **copied_argv = NULL;
char *p, *pname;
char buf[1024];
const char *prompt;
@@ -137,7 +136,7 @@
bio_err = dup_bio_err(FORMAT_TEXT);
#if defined(OPENSSL_SYS_VMS) && defined(__DECC)
- copied_argv = argv = copy_argv(&argc, argv);
+ argv = copy_argv(&argc, argv);
#elif defined(_WIN32)
/*
* Replace argv[] with UTF-8 encoded strings.
@@ -258,7 +257,6 @@
}
ret = 1;
end:
- OPENSSL_free(copied_argv);
OPENSSL_free(default_config_file);
lh_FUNCTION_free(prog);
OPENSSL_free(arg.argv);
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/apps/passwd.c
--- a/crypto/external/bsd/openssl/dist/apps/passwd.c Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/passwd.c Tue Mar 15 20:47:08 2022 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -407,7 +407,7 @@
n >>= 1;
}
if (!EVP_DigestFinal_ex(md, buf, NULL))
- return NULL;
+ goto err;
for (i = 0; i < 1000; i++) {
if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL))
@@ -633,7 +633,7 @@
n >>= 1;
}
if (!EVP_DigestFinal_ex(md, buf, NULL))
- return NULL;
+ goto err;
/* P sequence */
if (!EVP_DigestInit_ex(md2, sha, NULL))
@@ -644,7 +644,7 @@
goto err;
if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
- return NULL;
+ goto err;
if ((p_bytes = OPENSSL_zalloc(passwd_len)) == NULL)
goto err;
@@ -661,7 +661,7 @@
goto err;
if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
- return NULL;
+ goto err;
if ((s_bytes = OPENSSL_zalloc(salt_len)) == NULL)
goto err;
diff -r 10bfc8210879 -r 760cfcc582db crypto/external/bsd/openssl/dist/apps/s_client.c
--- a/crypto/external/bsd/openssl/dist/apps/s_client.c Fri Jan 07 15:46:01 2022 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/s_client.c Tue Mar 15 20:47:08 2022 +0000
@@ -938,6 +938,7 @@
struct timeval tv;
#endif
const char *servername = NULL;
+ char *sname_alloc = NULL;
int noservername = 0;
const char *alpn_in = NULL;
tlsextctx tlsextcbp = { NULL, 0 };
@@ -1588,6 +1589,15 @@
"%s: -proxy argument malformed or ambiguous\n", prog);
goto end;
}
+ if (servername == NULL && !noservername) {
+ res = BIO_parse_hostserv(connectstr, &sname_alloc, NULL, BIO_PARSE_PRIO_HOST);
+ if (!res) {
+ BIO_printf(bio_err,
+ "%s: -connect argument malformed or ambiguous\n", prog);
+ goto end;
+ }
+ servername = sname_alloc;
+ }
} else {
int res = 1;
char *tmp_host = host, *tmp_port = port;
@@ -3149,6 +3159,7 @@
#ifndef OPENSSL_NO_SRP
Home |
Main Index |
Thread Index |
Old Index