Date: Monday, January 12, 2015 @ 10:41:00 Author: tredaelli Revision: 125793
upgpkg: bitcoin 0.9.3-4 FS#43396 Added: bitcoin/trunk/037bfefe6bccbdf656e628a1f4526db8f80c3922.patch bitcoin/trunk/0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch bitcoin/trunk/60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch bitcoin/trunk/b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch Modified: bitcoin/trunk/PKGBUILD ------------------------------------------------+ 037bfefe6bccbdf656e628a1f4526db8f80c3922.patch | 43 +++++++++++++++++++ 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch | 50 +++++++++++++++++++++++ 60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch | 25 +++++++++++ PKGBUILD | 18 +++++++- b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch | 43 +++++++++++++++++++ 5 files changed, 178 insertions(+), 1 deletion(-) Added: 037bfefe6bccbdf656e628a1f4526db8f80c3922.patch =================================================================== --- 037bfefe6bccbdf656e628a1f4526db8f80c3922.patch (rev 0) +++ 037bfefe6bccbdf656e628a1f4526db8f80c3922.patch 2015-01-12 09:41:00 UTC (rev 125793) @@ -0,0 +1,43 @@ +From 037bfefe6bccbdf656e628a1f4526db8f80c3922 Mon Sep 17 00:00:00 2001 +From: "Wladimir J. van der Laan" <laa...@gmail.com> +Date: Mon, 12 Jan 2015 09:28:24 +0100 +Subject: [PATCH] Improve robustness of DER recoding code + +Add some defensive programming on top of #5634. + +This copies the respective OpenSSL code in ECDSA_verify in +OpenSSL pre-1.0.1k (e.g. https://github.com/openssl/openssl/blob/OpenSSL_1_0_1j/crypto/ecdsa/ecs_vrf.c#L89) +more closely. + +As reported by @sergiodemianlerner. + +Github-Pull: #5640 +Rebased-From: c6b7b29f232c651f898eeffb93f36c8f537c56d2 +--- + src/key.cpp | 13 ++++++++++++- + 1 file changed, 12 insertions(+), 1 deletion(-) + +diff --git a/src/key.cpp b/src/key.cpp +index a845ba1..63332bf 100644 +--- a/src/key.cpp ++++ b/src/key.cpp +@@ -234,7 +234,18 @@ class CECKey { + unsigned char *norm_der = NULL; + ECDSA_SIG *norm_sig = ECDSA_SIG_new(); + const unsigned char* sigptr = &vchSig[0]; +- d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()); ++ assert(norm_sig); ++ if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL) ++ { ++ /* As of OpenSSL 1.0.0p d2i_ECDSA_SIG frees and nulls the pointer on ++ * error. But OpenSSL's own use of this function redundantly frees the ++ * result. As ECDSA_SIG_free(NULL) is a no-op, and in the absence of a ++ * clear contract for the function behaving the same way is more ++ * conservative. ++ */ ++ ECDSA_SIG_free(norm_sig); ++ return false; ++ } + int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der); + ECDSA_SIG_free(norm_sig); + if (derlen <= 0) Added: 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch =================================================================== --- 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch (rev 0) +++ 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch 2015-01-12 09:41:00 UTC (rev 125793) @@ -0,0 +1,50 @@ +From 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283 Mon Sep 17 00:00:00 2001 +From: Gregory Maxwell <g...@xiph.org> +Date: Sat, 6 Dec 2014 07:08:02 -0800 +Subject: [PATCH] Disable SSLv3 (in favor of TLS) for the RPC client and + server. + +TLS is subject to downgrade attacks when SSLv3 is available, and + SSLv3 has vulnerabilities. + +The popular solution is to disable SSLv3. On the web this breaks + some tiny number of very old clients. While Bitcoin RPC shouldn't + be exposed to the open Internet, it also shouldn't be exposed to + really old SSL implementations, so it shouldn't be a major issue + for us to disable SSLv3. + +There is more information on the downgrade attacks and disabling + SSLv3 at https://disablessl3.com/ . + +Rebased-From: 683dc4009b2b01699e672f8150c28e2ebe0aae19 +--- + src/rpcclient.cpp | 2 +- + src/rpcserver.cpp | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/rpcclient.cpp b/src/rpcclient.cpp +index 4f3c39c..5e62b71 100644 +--- a/src/rpcclient.cpp ++++ b/src/rpcclient.cpp +@@ -40,7 +40,7 @@ Object CallRPC(const string& strMethod, const Array& params) + bool fUseSSL = GetBoolArg("-rpcssl", false); + asio::io_service io_service; + ssl::context context(io_service, ssl::context::sslv23); +- context.set_options(ssl::context::no_sslv2); ++ context.set_options(ssl::context::no_sslv2 | ssl::context::no_sslv3); + asio::ssl::stream<asio::ip::tcp::socket> sslStream(io_service, context); + SSLIOStreamDevice<asio::ip::tcp> d(sslStream, fUseSSL); + iostreams::stream< SSLIOStreamDevice<asio::ip::tcp> > stream(d); +diff --git a/src/rpcserver.cpp b/src/rpcserver.cpp +index f43acf4..cc9e330 100644 +--- a/src/rpcserver.cpp ++++ b/src/rpcserver.cpp +@@ -539,7 +539,7 @@ void StartRPCThreads() + + if (fUseSSL) + { +- rpc_ssl_context->set_options(ssl::context::no_sslv2); ++ rpc_ssl_context->set_options(ssl::context::no_sslv2 | ssl::context::no_sslv3); + + filesystem::path pathCertFile(GetArg("-rpcsslcertificatechainfile", "server.cert")); + if (!pathCertFile.is_complete()) pathCertFile = filesystem::path(GetDataDir()) / pathCertFile; Added: 60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch =================================================================== --- 60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch (rev 0) +++ 60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch 2015-01-12 09:41:00 UTC (rev 125793) @@ -0,0 +1,25 @@ +From 60c51f1c381bbd93c70cfdf41c6688609a7956fc Mon Sep 17 00:00:00 2001 +From: "Wladimir J. van der Laan" <laa...@gmail.com> +Date: Sat, 10 Jan 2015 08:58:47 +0100 +Subject: [PATCH] fail immediately on an empty signature + +Github-Pull: #5634 +Rebased-From: 8dccba6a45db0466370726ed462b9da2eae43bce +--- + src/key.cpp | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/key.cpp b/src/key.cpp +index e5943af..a845ba1 100644 +--- a/src/key.cpp ++++ b/src/key.cpp +@@ -227,6 +227,9 @@ class CECKey { + } + + bool Verify(const uint256 &hash, const std::vector<unsigned char>& vchSig) { ++ if (vchSig.empty()) ++ return false; ++ + // New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first. + unsigned char *norm_der = NULL; + ECDSA_SIG *norm_sig = ECDSA_SIG_new(); Modified: PKGBUILD =================================================================== --- PKGBUILD 2015-01-12 08:29:26 UTC (rev 125792) +++ PKGBUILD 2015-01-12 09:41:00 UTC (rev 125793) @@ -5,12 +5,16 @@ pkgbase=bitcoin pkgname=('bitcoin-daemon' 'bitcoin-cli' 'bitcoin-qt') pkgver=0.9.3 -pkgrel=3 +pkgrel=4 arch=('i686' 'x86_64') url="http://www.bitcoin.org/" makedepends=('boost' 'automoc4' 'qrencode' 'miniupnpc' 'protobuf') license=('MIT') source=(http://bitcoin.org/bin/$pkgver/bitcoin-$pkgver-linux.tar.gz + https://github.com/bitcoin/bitcoin/commit/0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch + https://github.com/bitcoin/bitcoin/commit/b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch + https://github.com/bitcoin/bitcoin/commit/60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch + https://github.com/bitcoin/bitcoin/commit/037bfefe6bccbdf656e628a1f4526db8f80c3922.patch https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/bitcoin-qt.desktop https://raw.github.com/bitcoin/bitcoin/v$pkgver/share/pixmaps/bitcoin128.png https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/examples/bitcoin.conf @@ -17,6 +21,10 @@ https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/manpages/bitcoind.1 https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/manpages/bitcoin.conf.5) sha256sums=('c425783b6cbab9b801ad6a1dcc9235828b98e5dee6675112741f8b210e4f65cd' + '18f5d43dd29682c8f9bd98dfb94c07b2453c99b9454996651562410b535e289b' + 'ac3a6d0e9116566f44ef99b6fc5ae7ec792a05e73d33b9db25e4f62b296b5d59' + '67c50de4c469e40d8fb0a7663acd5af8dbbe93f362a5192e981bfa2ec9ab82df' + '9ff94c3ddb09b0b27eda2e157627ff61808afd7a8fedc0c9d1b0db1a53ee1138' 'b65b377c0d9ecae9eea722843bca0add6bdb7e50929a7e1f751b79b6621c6073' 'ad880c8459ecfdb96abe6a4689af06bdd27906e0edcd39d0915482f2da91e722' 'e141088b07641e4e58cc750f93bbdda1ca0e8f07262fce66b73524c1ed97480e' @@ -34,8 +42,16 @@ esac prepare() { + local x cd "$srcdir/$pkgbase-$pkgver-linux/src" tar xf $pkgbase-$_pkgver.tar.gz + cd "$pkgbase-$_pkgver" + + # Disable SSLv3 for Puddle + FS#43396 + for x in 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283 b8e81b7ccd4490155e3345fc73346ff8c3a77524 \ + 60c51f1c381bbd93c70cfdf41c6688609a7956fc 037bfefe6bccbdf656e628a1f4526db8f80c3922; do + patch -Np1 -i "$srcdir/$x.patch" + done } build() { Added: b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch =================================================================== --- b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch (rev 0) +++ b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch 2015-01-12 09:41:00 UTC (rev 125793) @@ -0,0 +1,43 @@ +From b8e81b7ccd4490155e3345fc73346ff8c3a77524 Mon Sep 17 00:00:00 2001 +From: Cory Fields <cory-nosp...@coryfields.com> +Date: Fri, 9 Jan 2015 16:39:12 -0500 +Subject: [PATCH] consensus: guard against openssl's new strict DER checks + +New versions of OpenSSL will reject non-canonical DER signatures. However, +it'll happily decode them. Decode then re-encode before verification in order +to ensure that it is properly consumed. + +Github-Pull: #5634 +Rebased-From: 488ed32f2ada1d1dd108fc245d025c4d5f252783 +--- + src/key.cpp | 16 +++++++++++++--- + 1 file changed, 13 insertions(+), 3 deletions(-) + +diff --git a/src/key.cpp b/src/key.cpp +index 5b261bb..e5943af 100644 +--- a/src/key.cpp ++++ b/src/key.cpp +@@ -227,10 +227,20 @@ class CECKey { + } + + bool Verify(const uint256 &hash, const std::vector<unsigned char>& vchSig) { +- // -1 = error, 0 = bad sig, 1 = good +- if (ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), &vchSig[0], vchSig.size(), pkey) != 1) ++ // New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first. ++ unsigned char *norm_der = NULL; ++ ECDSA_SIG *norm_sig = ECDSA_SIG_new(); ++ const unsigned char* sigptr = &vchSig[0]; ++ d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()); ++ int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der); ++ ECDSA_SIG_free(norm_sig); ++ if (derlen <= 0) + return false; +- return true; ++ ++ // -1 = error, 0 = bad sig, 1 = good ++ bool ret = ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1; ++ OPENSSL_free(norm_der); ++ return ret; + } + + bool SignCompact(const uint256 &hash, unsigned char *p64, int &rec) {