subject:"CVS commit\: \[netbsd\-5\-2\] src\/crypto\/dist\/openssl"

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

2015-08-13 Thread SAITOH Masanobu

Module Name:src
Committed By:   msaitoh
Date:   Fri Aug 14 05:58:12 UTC 2015

Modified Files:
src/crypto/dist/openssl [netbsd-5-2]: e_os2.h
src/crypto/dist/openssl/crypto/asn1 [netbsd-5-2]: a_int.c tasn_new.c
src/crypto/dist/openssl/crypto/bn [netbsd-5-2]: bn.h bn_err.c
bn_print.c bn_rand.c bn_shift.c
src/crypto/dist/openssl/crypto/cms [netbsd-5-2]: cms_smime.c
src/crypto/dist/openssl/crypto/ec [netbsd-5-2]: ec2_smpl.c ec_check.c
ec_key.c ec_lib.c ecp_smpl.c ectest.c
src/crypto/dist/openssl/crypto/ecdsa [netbsd-5-2]: ecdsatest.c
ecs_ossl.c
src/crypto/dist/openssl/crypto/objects [netbsd-5-2]: obj_dat.c
src/crypto/dist/openssl/crypto/ocsp [netbsd-5-2]: ocsp_vfy.c
src/crypto/dist/openssl/crypto/pem [netbsd-5-2]: pem_pk8.c
src/crypto/dist/openssl/crypto/pkcs7 [netbsd-5-2]: pk7_doit.c
src/crypto/dist/openssl/crypto/x509 [netbsd-5-2]: x509_lu.c x509_vfy.c
src/crypto/dist/openssl/doc/crypto [netbsd-5-2]: BN_rand.pod
BN_set_bit.pod pem.pod
src/crypto/dist/openssl/ssl [netbsd-5-2]: d1_lib.c s3_clnt.c s3_srvr.c
ssl.h ssl_err.c ssl_lib.c ssl_locl.h ssl_sess.c
src/crypto/dist/openssl/util [netbsd-5-2]: mkerr.pl

Log Message:
Pull up following revision(s) (requested by spz in ticket #1976):

crypto/dist/openssl/e_os2.h patch
crypto/dist/openssl/crypto/asn1/a_int.c patch
crypto/dist/openssl/crypto/asn1/tasn_new.c  patch
crypto/dist/openssl/crypto/bn/bn.h  patch
crypto/dist/openssl/crypto/bn/bn_err.c  patch
crypto/dist/openssl/crypto/bn/bn_print.cpatch
crypto/dist/openssl/crypto/bn/bn_rand.c patch
crypto/dist/openssl/crypto/bn/bn_shift.cpatch
crypto/dist/openssl/crypto/cms/cms_smime.c  patch
crypto/dist/openssl/crypto/ec/ec2_smpl.cpatch
crypto/dist/openssl/crypto/ec/ec_check.cpatch
crypto/dist/openssl/crypto/ec/ec_key.c  patch
crypto/dist/openssl/crypto/ec/ec_lib.c  patch
crypto/dist/openssl/crypto/ec/ecp_smpl.cpatch
crypto/dist/openssl/crypto/ec/ectest.c  patch
crypto/dist/openssl/crypto/ecdsa/ecdsatest.cpatch
crypto/dist/openssl/crypto/ecdsa/ecs_ossl.c patch
crypto/dist/openssl/crypto/objects/obj_dat.cpatch
crypto/dist/openssl/crypto/ocsp/ocsp_vfy.c  patch
crypto/dist/openssl/crypto/pem/pem_pk8.cpatch
crypto/dist/openssl/crypto/pkcs7/pk7_doit.c patch
crypto/dist/openssl/crypto/x509/x509_lu.c   patch
crypto/dist/openssl/crypto/x509/x509_vfy.c  patch
crypto/dist/openssl/doc/crypto/BN_rand.pod  patch
crypto/dist/openssl/doc/crypto/BN_set_bit.pod   patch
crypto/dist/openssl/doc/crypto/pem.pod  patch
crypto/dist/openssl/ssl/d1_lib.cpatch
crypto/dist/openssl/ssl/s3_clnt.c   patch
crypto/dist/openssl/ssl/s3_srvr.c   patch
crypto/dist/openssl/ssl/ssl.h   patch
crypto/dist/openssl/ssl/ssl_err.c   patch
crypto/dist/openssl/ssl/ssl_lib.c   patch
crypto/dist/openssl/ssl/ssl_locl.h  patch
crypto/dist/openssl/ssl/ssl_sess.c  patch
crypto/dist/openssl/util/mkerr.pl   patch

This change covers the vulnerabilities relevant to netbsd-5 from the
June OpenSSL advisory, and also fixes a regression introduced with the
POODLE fix in October last year that caused the SSL server side to
fail to handshake.


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.7.2.1 src/crypto/dist/openssl/e_os2.h
cvs rdiff -u -r1.1.1.8 -r1.1.1.8.2.1 \
src/crypto/dist/openssl/crypto/asn1/a_int.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.2.1 \
src/crypto/dist/openssl/crypto/asn1/tasn_new.c
cvs rdiff -u -r1.12.2.1 -r1.12.2.2 src/crypto/dist/openssl/crypto/bn/bn.h
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \
src/crypto/dist/openssl/crypto/bn/bn_err.c
cvs rdiff -u -r1.9 -r1.9.2.1 src/crypto/dist/openssl/crypto/bn/bn_print.c
cvs rdiff -u -r1.1.1.6 -r1.1.1.6.38.1 \
src/crypto/dist/openssl/crypto/bn/bn_rand.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.38.1 \
src/crypto/dist/openssl/crypto/bn/bn_shift.c
cvs rdiff -u -r1.1.1.1.8.1 -r1.1.1.1.8.1.10.1 \
src/crypto/dist/openssl/crypto/cms/cms_smime.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.2.1 \
src/crypto/dist/openssl/crypto/ec/ec2_smpl.c \
src/crypto/dist/openssl/crypto/ec/ectest.c
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.38.1 \
src/crypto/dist/openssl/crypto/ec/ec_check.c
cvs rdiff -u -r1.1.1.1.38.1 -r1.1.1.1.38.2 \
src/crypto/dist/openssl/crypto/ec/ec_key.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.2.1 \
src/crypto/dist/openssl/crypto/ec/ec_lib.c
cvs rdiff -u -r1.1.1.4.38.1 -r1.1.1.4.38.2 \
src/crypto/dist/openssl/crypto/ec/ecp_smpl.c
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.2.1 \
src/crypto/dist/openssl/crypto/ecdsa/ecdsatest.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.2.1 \
src/crypto/dist/openssl/crypto/ecdsa/ecs_ossl.c

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

2015-08-13 Thread SAITOH Masanobu

Module Name:src
Committed By:   msaitoh
Date:   Fri Aug 14 05:58:12 UTC 2015

Modified Files:
src/crypto/dist/openssl [netbsd-5-2]: e_os2.h
src/crypto/dist/openssl/crypto/asn1 [netbsd-5-2]: a_int.c tasn_new.c
src/crypto/dist/openssl/crypto/bn [netbsd-5-2]: bn.h bn_err.c
bn_print.c bn_rand.c bn_shift.c
src/crypto/dist/openssl/crypto/cms [netbsd-5-2]: cms_smime.c
src/crypto/dist/openssl/crypto/ec [netbsd-5-2]: ec2_smpl.c ec_check.c
ec_key.c ec_lib.c ecp_smpl.c ectest.c
src/crypto/dist/openssl/crypto/ecdsa [netbsd-5-2]: ecdsatest.c
ecs_ossl.c
src/crypto/dist/openssl/crypto/objects [netbsd-5-2]: obj_dat.c
src/crypto/dist/openssl/crypto/ocsp [netbsd-5-2]: ocsp_vfy.c
src/crypto/dist/openssl/crypto/pem [netbsd-5-2]: pem_pk8.c
src/crypto/dist/openssl/crypto/pkcs7 [netbsd-5-2]: pk7_doit.c
src/crypto/dist/openssl/crypto/x509 [netbsd-5-2]: x509_lu.c x509_vfy.c
src/crypto/dist/openssl/doc/crypto [netbsd-5-2]: BN_rand.pod
BN_set_bit.pod pem.pod
src/crypto/dist/openssl/ssl [netbsd-5-2]: d1_lib.c s3_clnt.c s3_srvr.c
ssl.h ssl_err.c ssl_lib.c ssl_locl.h ssl_sess.c
src/crypto/dist/openssl/util [netbsd-5-2]: mkerr.pl

Log Message:
Pull up following revision(s) (requested by spz in ticket #1976):

crypto/dist/openssl/e_os2.h patch
crypto/dist/openssl/crypto/asn1/a_int.c patch
crypto/dist/openssl/crypto/asn1/tasn_new.c  patch
crypto/dist/openssl/crypto/bn/bn.h  patch
crypto/dist/openssl/crypto/bn/bn_err.c  patch
crypto/dist/openssl/crypto/bn/bn_print.cpatch
crypto/dist/openssl/crypto/bn/bn_rand.c patch
crypto/dist/openssl/crypto/bn/bn_shift.cpatch
crypto/dist/openssl/crypto/cms/cms_smime.c  patch
crypto/dist/openssl/crypto/ec/ec2_smpl.cpatch
crypto/dist/openssl/crypto/ec/ec_check.cpatch
crypto/dist/openssl/crypto/ec/ec_key.c  patch
crypto/dist/openssl/crypto/ec/ec_lib.c  patch
crypto/dist/openssl/crypto/ec/ecp_smpl.cpatch
crypto/dist/openssl/crypto/ec/ectest.c  patch
crypto/dist/openssl/crypto/ecdsa/ecdsatest.cpatch
crypto/dist/openssl/crypto/ecdsa/ecs_ossl.c patch
crypto/dist/openssl/crypto/objects/obj_dat.cpatch
crypto/dist/openssl/crypto/ocsp/ocsp_vfy.c  patch
crypto/dist/openssl/crypto/pem/pem_pk8.cpatch
crypto/dist/openssl/crypto/pkcs7/pk7_doit.c patch
crypto/dist/openssl/crypto/x509/x509_lu.c   patch
crypto/dist/openssl/crypto/x509/x509_vfy.c  patch
crypto/dist/openssl/doc/crypto/BN_rand.pod  patch
crypto/dist/openssl/doc/crypto/BN_set_bit.pod   patch
crypto/dist/openssl/doc/crypto/pem.pod  patch
crypto/dist/openssl/ssl/d1_lib.cpatch
crypto/dist/openssl/ssl/s3_clnt.c   patch
crypto/dist/openssl/ssl/s3_srvr.c   patch
crypto/dist/openssl/ssl/ssl.h   patch
crypto/dist/openssl/ssl/ssl_err.c   patch
crypto/dist/openssl/ssl/ssl_lib.c   patch
crypto/dist/openssl/ssl/ssl_locl.h  patch
crypto/dist/openssl/ssl/ssl_sess.c  patch
crypto/dist/openssl/util/mkerr.pl   patch

This change covers the vulnerabilities relevant to netbsd-5 from the
June OpenSSL advisory, and also fixes a regression introduced with the
POODLE fix in October last year that caused the SSL server side to
fail to handshake.


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.7.2.1 src/crypto/dist/openssl/e_os2.h
cvs rdiff -u -r1.1.1.8 -r1.1.1.8.2.1 \
src/crypto/dist/openssl/crypto/asn1/a_int.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.2.1 \
src/crypto/dist/openssl/crypto/asn1/tasn_new.c
cvs rdiff -u -r1.12.2.1 -r1.12.2.2 src/crypto/dist/openssl/crypto/bn/bn.h
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \
src/crypto/dist/openssl/crypto/bn/bn_err.c
cvs rdiff -u -r1.9 -r1.9.2.1 src/crypto/dist/openssl/crypto/bn/bn_print.c
cvs rdiff -u -r1.1.1.6 -r1.1.1.6.38.1 \
src/crypto/dist/openssl/crypto/bn/bn_rand.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.38.1 \
src/crypto/dist/openssl/crypto/bn/bn_shift.c
cvs rdiff -u -r1.1.1.1.8.1 -r1.1.1.1.8.1.10.1 \
src/crypto/dist/openssl/crypto/cms/cms_smime.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.2.1 \
src/crypto/dist/openssl/crypto/ec/ec2_smpl.c \
src/crypto/dist/openssl/crypto/ec/ectest.c
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.38.1 \
src/crypto/dist/openssl/crypto/ec/ec_check.c
cvs rdiff -u -r1.1.1.1.38.1 -r1.1.1.1.38.2 \
src/crypto/dist/openssl/crypto/ec/ec_key.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.2.1 \
src/crypto/dist/openssl/crypto/ec/ec_lib.c
cvs rdiff -u -r1.1.1.4.38.1 -r1.1.1.4.38.2 \
src/crypto/dist/openssl/crypto/ec/ecp_smpl.c
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.2.1 \
src/crypto/dist/openssl/crypto/ecdsa/ecdsatest.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.2.1 \
src/crypto/dist/openssl/crypto/ecdsa/ecs_ossl.c

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

2015-03-19 Thread Jeff Rizzo

Module Name:src
Committed By:   riz
Date:   Thu Mar 19 16:40:51 UTC 2015

Modified Files:
src/crypto/dist/openssl/crypto/asn1 [netbsd-5-2]: a_type.c tasn_dec.c
src/crypto/dist/openssl/crypto/pkcs7 [netbsd-5-2]: pk7_doit.c pk7_lib.c
src/crypto/dist/openssl/doc/crypto [netbsd-5-2]: d2i_X509.pod
src/crypto/dist/openssl/ssl [netbsd-5-2]: s2_lib.c s2_srvr.c

Log Message:
Pull up following revision(s) (requested by spz in ticket #1954):
crypto/external/bsd/openssl/dist/ssl/s2_lib.c: revision 1.3
crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c: revision 1.2
crypto/external/bsd/openssl/dist/doc/crypto/d2i_X509.pod: revision 1.2
crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c: revision 1.2
crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_lib.c: revision 1.2
crypto/external/bsd/openssl/dist/ssl/s2_srvr.c: revision 1.2
crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c: revision 1.2
patches for todays' OpenSSL security advisory from OpenSSL, as relevant
to NetBSD base:
OpenSSL Security Advisory [19 Mar 2015]
===
Reclassified: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)

Severity: High
This security issue was previously announced by the OpenSSL project and
classified as low severity. This severity rating has now been changed to
high.
This was classified low because it was originally thought that server RSA
export ciphersuite support was rare: a client was only vulnerable to a MITM
attack against a server which supports an RSA export ciphersuite. Recent
studies have shown that RSA export ciphersuites support is far more common.
This issue affects OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
** issue already committed see last release **
OpenSSL 1.0.1 users should upgrade to 1.0.1k.
OpenSSL 1.0.0 users should upgrade to 1.0.0p.
OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan
Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen
Henson of the OpenSSL core team. It was previously announced in the OpenSSL
security advisory on 8th January 2015.
Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)
===
Severity: Moderate
The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is
made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check
certificate signature algorithm consistency this can be used to crash any
certificate verification operation and exploited in a DoS attack. Any
application which performs certificate verification is vulnerable including
OpenSSL clients and servers which enable client authentication.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2a
commit 1b8ac2b07d02207f2b88e0b009b0bff4ef7eda96
OpenSSL 1.0.1 users should upgrade to 1.0.1m.
commit ee5a1253285e5c9f406c8b57b0686319b70c07d8
OpenSSL 1.0.0 users should upgrade to 1.0.0r.
commit 1e3ca524cb38ec92deea37629718e98aba43bc5d
OpenSSL 0.9.8 users should upgrade to 0.9.8zf.
commit 7058bd1712828a78d34457b1cfc32bdc1e6d3d33
This issue was discovered and fixed by Stephen Henson of the OpenSSL
development team.
ASN.1 structure reuse memory corruption (CVE-2015-0287)
===
Severity: Moderate
Reusing a structure in ASN.1 parsing may allow an attacker to cause
memory corruption via an invalid write. Such reuse is and has been
strongly discouraged and is believed to be rare.
Applications that parse structures containing CHOICE or ANY DEFINED BY
components may be affected. Certificate parsing (d2i_X509 and related
functions) are however not affected. OpenSSL clients and servers are
not affected.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0
and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2a
commit 0ca8edbe6ec402e39c9e095f8ae11dba8fa93fc1
OpenSSL 1.0.1 users should upgrade to 1.0.1m.
commit a9f34a7aac5fd89f33a34fb71e954b85fbf35875
OpenSSL 1.0.0 users should upgrade to 1.0.0r.
commit d96692c933fe02829c3e922bf7f239e0bd003759
OpenSSL 0.9.8 users should upgrade to 0.9.8zf.
commit 5722767d5dc1a3b5505058fe27877fc993fe9a5a
This issue was discovered by Emilia K�sper and a fix developed by
Stephen Henson of the OpenSSL development team.
PKCS7 NULL pointer dereferences (CVE-2015-0289)
===
Severity: Moderate
The PKCS#7 parsing code does not handle missing outer ContentInfo correctly.
An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with
missing content and trigger a NULL pointer dereference on parsing.
Applications that verify PKCS#7 signatures, decrypt PKCS#7 data or
otherwise parse PKCS#7 structures from untrusted sources are
affected. OpenSSL clients and servers

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

2015-03-19 Thread Jeff Rizzo

Module Name:src
Committed By:   riz
Date:   Thu Mar 19 16:40:51 UTC 2015

Modified Files:
src/crypto/dist/openssl/crypto/asn1 [netbsd-5-2]: a_type.c tasn_dec.c
src/crypto/dist/openssl/crypto/pkcs7 [netbsd-5-2]: pk7_doit.c pk7_lib.c
src/crypto/dist/openssl/doc/crypto [netbsd-5-2]: d2i_X509.pod
src/crypto/dist/openssl/ssl [netbsd-5-2]: s2_lib.c s2_srvr.c

Log Message:
Pull up following revision(s) (requested by spz in ticket #1954):
crypto/external/bsd/openssl/dist/ssl/s2_lib.c: revision 1.3
crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c: revision 1.2
crypto/external/bsd/openssl/dist/doc/crypto/d2i_X509.pod: revision 1.2
crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c: revision 1.2
crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_lib.c: revision 1.2
crypto/external/bsd/openssl/dist/ssl/s2_srvr.c: revision 1.2
crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c: revision 1.2
patches for todays' OpenSSL security advisory from OpenSSL, as relevant
to NetBSD base:
OpenSSL Security Advisory [19 Mar 2015]
===
Reclassified: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)

Severity: High
This security issue was previously announced by the OpenSSL project and
classified as low severity. This severity rating has now been changed to
high.
This was classified low because it was originally thought that server RSA
export ciphersuite support was rare: a client was only vulnerable to a MITM
attack against a server which supports an RSA export ciphersuite. Recent
studies have shown that RSA export ciphersuites support is far more common.
This issue affects OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
** issue already committed see last release **
OpenSSL 1.0.1 users should upgrade to 1.0.1k.
OpenSSL 1.0.0 users should upgrade to 1.0.0p.
OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan
Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen
Henson of the OpenSSL core team. It was previously announced in the OpenSSL
security advisory on 8th January 2015.
Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)
===
Severity: Moderate
The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is
made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check
certificate signature algorithm consistency this can be used to crash any
certificate verification operation and exploited in a DoS attack. Any
application which performs certificate verification is vulnerable including
OpenSSL clients and servers which enable client authentication.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2a
commit 1b8ac2b07d02207f2b88e0b009b0bff4ef7eda96
OpenSSL 1.0.1 users should upgrade to 1.0.1m.
commit ee5a1253285e5c9f406c8b57b0686319b70c07d8
OpenSSL 1.0.0 users should upgrade to 1.0.0r.
commit 1e3ca524cb38ec92deea37629718e98aba43bc5d
OpenSSL 0.9.8 users should upgrade to 0.9.8zf.
commit 7058bd1712828a78d34457b1cfc32bdc1e6d3d33
This issue was discovered and fixed by Stephen Henson of the OpenSSL
development team.
ASN.1 structure reuse memory corruption (CVE-2015-0287)
===
Severity: Moderate
Reusing a structure in ASN.1 parsing may allow an attacker to cause
memory corruption via an invalid write. Such reuse is and has been
strongly discouraged and is believed to be rare.
Applications that parse structures containing CHOICE or ANY DEFINED BY
components may be affected. Certificate parsing (d2i_X509 and related
functions) are however not affected. OpenSSL clients and servers are
not affected.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0
and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2a
commit 0ca8edbe6ec402e39c9e095f8ae11dba8fa93fc1
OpenSSL 1.0.1 users should upgrade to 1.0.1m.
commit a9f34a7aac5fd89f33a34fb71e954b85fbf35875
OpenSSL 1.0.0 users should upgrade to 1.0.0r.
commit d96692c933fe02829c3e922bf7f239e0bd003759
OpenSSL 0.9.8 users should upgrade to 0.9.8zf.
commit 5722767d5dc1a3b5505058fe27877fc993fe9a5a
This issue was discovered by Emilia K�sper and a fix developed by
Stephen Henson of the OpenSSL development team.
PKCS7 NULL pointer dereferences (CVE-2015-0289)
===
Severity: Moderate
The PKCS#7 parsing code does not handle missing outer ContentInfo correctly.
An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with
missing content and trigger a NULL pointer dereference on parsing.
Applications that verify PKCS#7 signatures, decrypt PKCS#7 data or
otherwise parse PKCS#7 structures from untrusted sources are
affected. OpenSSL clients and servers

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

2014-10-19 Thread Soren Jacobsen

Module Name:src
Committed By:   snj
Date:   Sun Oct 19 20:11:09 UTC 2014

Modified Files:
src/crypto/dist/openssl/apps [netbsd-5-2]: s_client.c
src/crypto/dist/openssl/crypto [netbsd-5-2]: LPdir_vms.c LPdir_win.c
Makefile
src/crypto/dist/openssl/crypto/bn [netbsd-5-2]: bn_exp.c exptest.c
src/crypto/dist/openssl/crypto/bn/asm [netbsd-5-2]: x86_64-gcc.c
src/crypto/dist/openssl/crypto/dsa [netbsd-5-2]: dsa_ameth.c
src/crypto/dist/openssl/crypto/ec [netbsd-5-2]: ec.h ec_ameth.c
ec_asn1.c ec_key.c ecp_smpl.c
src/crypto/dist/openssl/crypto/err [netbsd-5-2]: openssl.ec
src/crypto/dist/openssl/crypto/evp [netbsd-5-2]: Makefile evp_enc.c
src/crypto/dist/openssl/crypto/pkcs7 [netbsd-5-2]: pkcs7.h
src/crypto/dist/openssl/crypto/rsa [netbsd-5-2]: Makefile rsa.h
rsa_err.c rsa_oaep.c rsa_pk1.c rsa_sign.c
src/crypto/dist/openssl/doc/apps [netbsd-5-2]: s_client.pod
src/crypto/dist/openssl/doc/crypto [netbsd-5-2]: BIO_s_accept.pod
EVP_DigestInit.pod EVP_DigestVerifyInit.pod EVP_EncryptInit.pod
EVP_PKEY_set1_RSA.pod EVP_PKEY_sign.pod
src/crypto/dist/openssl/doc/ssl [netbsd-5-2]: SSL_CTX_set_mode.pod
SSL_CTX_set_tmp_dh_callback.pod
src/crypto/dist/openssl/ssl [netbsd-5-2]: Makefile s23_clnt.c
s23_srvr.c s2_lib.c s3_clnt.c s3_enc.c s3_lib.c s3_pkt.c s3_srvr.c
ssl-lib.com ssl.h ssl3.h ssl_err.c ssl_lib.c t1_enc.c t1_lib.c
tls1.h
src/crypto/dist/openssl/test [netbsd-5-2]: Makefile
Added Files:
src/crypto/dist/openssl/crypto [netbsd-5-2]: constant_time_locl.h
constant_time_test.c
src/crypto/dist/openssl/doc/crypto [netbsd-5-2]: CMS_add1_signer.pod
src/crypto/dist/openssl/test [netbsd-5-2]: constant_time_test.c

Log Message:
Apply patch (requested by spz in ticket #1927):
Apply OpenSSL security fixes derived from the diff between
OpenSSL 1.0.0n and 1.0.0o, fixing CVE-2014-3567, CVE-2014-3568,
and adding POODLE mitigation via support for TLS_FALLBACK_SCSV.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.11 -r1.1.1.11.2.1 \
src/crypto/dist/openssl/apps/s_client.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.38.1 \
src/crypto/dist/openssl/crypto/LPdir_vms.c
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.2.1 \
src/crypto/dist/openssl/crypto/LPdir_win.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.2.1 src/crypto/dist/openssl/crypto/Makefile
cvs rdiff -u -r0 -r1.1.6.2 \
src/crypto/dist/openssl/crypto/constant_time_locl.h \
src/crypto/dist/openssl/crypto/constant_time_test.c
cvs rdiff -u -r1.3 -r1.3.2.1 src/crypto/dist/openssl/crypto/bn/bn_exp.c
cvs rdiff -u -r1.4 -r1.4.2.1 src/crypto/dist/openssl/crypto/bn/exptest.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.36.1 \
src/crypto/dist/openssl/crypto/bn/asm/x86_64-gcc.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
src/crypto/dist/openssl/crypto/dsa/dsa_ameth.c
cvs rdiff -u -r1.6 -r1.6.2.1 src/crypto/dist/openssl/crypto/ec/ec.h
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
src/crypto/dist/openssl/crypto/ec/ec_ameth.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.30.1 \
src/crypto/dist/openssl/crypto/ec/ec_asn1.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.38.1 \
src/crypto/dist/openssl/crypto/ec/ec_key.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.38.1 \
src/crypto/dist/openssl/crypto/ec/ecp_smpl.c
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \
src/crypto/dist/openssl/crypto/err/openssl.ec
cvs rdiff -u -r1.1.1.5 -r1.1.1.5.2.1 \
src/crypto/dist/openssl/crypto/evp/Makefile
cvs rdiff -u -r1.1.1.8 -r1.1.1.8.30.1 \
src/crypto/dist/openssl/crypto/evp/evp_enc.c
cvs rdiff -u -r1.8 -r1.8.2.1 src/crypto/dist/openssl/crypto/pkcs7/pkcs7.h
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.2.1 \
src/crypto/dist/openssl/crypto/rsa/Makefile
cvs rdiff -u -r1.14 -r1.14.2.1 src/crypto/dist/openssl/crypto/rsa/rsa.h
cvs rdiff -u -r1.7 -r1.7.2.1 src/crypto/dist/openssl/crypto/rsa/rsa_err.c
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.38.1 \
src/crypto/dist/openssl/crypto/rsa/rsa_oaep.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.50.1 \
src/crypto/dist/openssl/crypto/rsa/rsa_pk1.c
cvs rdiff -u -r1.5 -r1.5.2.1 src/crypto/dist/openssl/crypto/rsa/rsa_sign.c
cvs rdiff -u -r1.8 -r1.8.2.1 src/crypto/dist/openssl/doc/apps/s_client.pod
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.50.1 \
src/crypto/dist/openssl/doc/crypto/BIO_s_accept.pod
cvs rdiff -u -r0 -r1.1.6.2 \
src/crypto/dist/openssl/doc/crypto/CMS_add1_signer.pod
cvs rdiff -u -r1.6 -r1.6.38.1 \
src/crypto/dist/openssl/doc/crypto/EVP_DigestInit.pod \
src/crypto/dist/openssl/doc/crypto/EVP_EncryptInit.pod
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
src/crypto/dist/openssl/doc/crypto/EVP_DigestVerifyInit.pod \
src/crypto/dist/openssl/doc/crypto/EVP_PKEY_sign.pod
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.50.1 \
src/crypto/dist/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.50.1 \

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

2014-10-19 Thread Soren Jacobsen

Module Name:src
Committed By:   snj
Date:   Sun Oct 19 20:11:09 UTC 2014

Modified Files:
src/crypto/dist/openssl/apps [netbsd-5-2]: s_client.c
src/crypto/dist/openssl/crypto [netbsd-5-2]: LPdir_vms.c LPdir_win.c
Makefile
src/crypto/dist/openssl/crypto/bn [netbsd-5-2]: bn_exp.c exptest.c
src/crypto/dist/openssl/crypto/bn/asm [netbsd-5-2]: x86_64-gcc.c
src/crypto/dist/openssl/crypto/dsa [netbsd-5-2]: dsa_ameth.c
src/crypto/dist/openssl/crypto/ec [netbsd-5-2]: ec.h ec_ameth.c
ec_asn1.c ec_key.c ecp_smpl.c
src/crypto/dist/openssl/crypto/err [netbsd-5-2]: openssl.ec
src/crypto/dist/openssl/crypto/evp [netbsd-5-2]: Makefile evp_enc.c
src/crypto/dist/openssl/crypto/pkcs7 [netbsd-5-2]: pkcs7.h
src/crypto/dist/openssl/crypto/rsa [netbsd-5-2]: Makefile rsa.h
rsa_err.c rsa_oaep.c rsa_pk1.c rsa_sign.c
src/crypto/dist/openssl/doc/apps [netbsd-5-2]: s_client.pod
src/crypto/dist/openssl/doc/crypto [netbsd-5-2]: BIO_s_accept.pod
EVP_DigestInit.pod EVP_DigestVerifyInit.pod EVP_EncryptInit.pod
EVP_PKEY_set1_RSA.pod EVP_PKEY_sign.pod
src/crypto/dist/openssl/doc/ssl [netbsd-5-2]: SSL_CTX_set_mode.pod
SSL_CTX_set_tmp_dh_callback.pod
src/crypto/dist/openssl/ssl [netbsd-5-2]: Makefile s23_clnt.c
s23_srvr.c s2_lib.c s3_clnt.c s3_enc.c s3_lib.c s3_pkt.c s3_srvr.c
ssl-lib.com ssl.h ssl3.h ssl_err.c ssl_lib.c t1_enc.c t1_lib.c
tls1.h
src/crypto/dist/openssl/test [netbsd-5-2]: Makefile
Added Files:
src/crypto/dist/openssl/crypto [netbsd-5-2]: constant_time_locl.h
constant_time_test.c
src/crypto/dist/openssl/doc/crypto [netbsd-5-2]: CMS_add1_signer.pod
src/crypto/dist/openssl/test [netbsd-5-2]: constant_time_test.c

Log Message:
Apply patch (requested by spz in ticket #1927):
Apply OpenSSL security fixes derived from the diff between
OpenSSL 1.0.0n and 1.0.0o, fixing CVE-2014-3567, CVE-2014-3568,
and adding POODLE mitigation via support for TLS_FALLBACK_SCSV.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.11 -r1.1.1.11.2.1 \
src/crypto/dist/openssl/apps/s_client.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.38.1 \
src/crypto/dist/openssl/crypto/LPdir_vms.c
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.2.1 \
src/crypto/dist/openssl/crypto/LPdir_win.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.2.1 src/crypto/dist/openssl/crypto/Makefile
cvs rdiff -u -r0 -r1.1.6.2 \
src/crypto/dist/openssl/crypto/constant_time_locl.h \
src/crypto/dist/openssl/crypto/constant_time_test.c
cvs rdiff -u -r1.3 -r1.3.2.1 src/crypto/dist/openssl/crypto/bn/bn_exp.c
cvs rdiff -u -r1.4 -r1.4.2.1 src/crypto/dist/openssl/crypto/bn/exptest.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.36.1 \
src/crypto/dist/openssl/crypto/bn/asm/x86_64-gcc.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
src/crypto/dist/openssl/crypto/dsa/dsa_ameth.c
cvs rdiff -u -r1.6 -r1.6.2.1 src/crypto/dist/openssl/crypto/ec/ec.h
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
src/crypto/dist/openssl/crypto/ec/ec_ameth.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.30.1 \
src/crypto/dist/openssl/crypto/ec/ec_asn1.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.38.1 \
src/crypto/dist/openssl/crypto/ec/ec_key.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.38.1 \
src/crypto/dist/openssl/crypto/ec/ecp_smpl.c
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \
src/crypto/dist/openssl/crypto/err/openssl.ec
cvs rdiff -u -r1.1.1.5 -r1.1.1.5.2.1 \
src/crypto/dist/openssl/crypto/evp/Makefile
cvs rdiff -u -r1.1.1.8 -r1.1.1.8.30.1 \
src/crypto/dist/openssl/crypto/evp/evp_enc.c
cvs rdiff -u -r1.8 -r1.8.2.1 src/crypto/dist/openssl/crypto/pkcs7/pkcs7.h
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.2.1 \
src/crypto/dist/openssl/crypto/rsa/Makefile
cvs rdiff -u -r1.14 -r1.14.2.1 src/crypto/dist/openssl/crypto/rsa/rsa.h
cvs rdiff -u -r1.7 -r1.7.2.1 src/crypto/dist/openssl/crypto/rsa/rsa_err.c
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.38.1 \
src/crypto/dist/openssl/crypto/rsa/rsa_oaep.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.50.1 \
src/crypto/dist/openssl/crypto/rsa/rsa_pk1.c
cvs rdiff -u -r1.5 -r1.5.2.1 src/crypto/dist/openssl/crypto/rsa/rsa_sign.c
cvs rdiff -u -r1.8 -r1.8.2.1 src/crypto/dist/openssl/doc/apps/s_client.pod
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.50.1 \
src/crypto/dist/openssl/doc/crypto/BIO_s_accept.pod
cvs rdiff -u -r0 -r1.1.6.2 \
src/crypto/dist/openssl/doc/crypto/CMS_add1_signer.pod
cvs rdiff -u -r1.6 -r1.6.38.1 \
src/crypto/dist/openssl/doc/crypto/EVP_DigestInit.pod \
src/crypto/dist/openssl/doc/crypto/EVP_EncryptInit.pod
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
src/crypto/dist/openssl/doc/crypto/EVP_DigestVerifyInit.pod \
src/crypto/dist/openssl/doc/crypto/EVP_PKEY_sign.pod
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.50.1 \
src/crypto/dist/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.50.1 \

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

2014-08-27 Thread SAITOH Masanobu

Module Name:src
Committed By:   msaitoh
Date:   Wed Aug 27 13:30:49 UTC 2014

Modified Files:
src/crypto/dist/openssl/crypto/asn1 [netbsd-5-2]: a_object.c asn1.h
asn1_err.c
src/crypto/dist/openssl/crypto/objects [netbsd-5-2]: obj_dat.c
src/crypto/dist/openssl/ssl [netbsd-5-2]: d1_both.c s23_srvr.c
s3_clnt.c t1_lib.c

Log Message:
Pull up following revision(s) (requested by spz in ticket #1918):
crypto/dist/openssl/crypto/asn1/a_object.c  patch
crypto/dist/openssl/crypto/asn1/asn1.h  patch
crypto/dist/openssl/crypto/asn1/asn1_err.c  patch
crypto/dist/openssl/crypto/objects/obj_dat.cpatch
crypto/dist/openssl/ssl/d1_both.c   patch
crypto/dist/openssl/ssl/s23_srvr.c  patch
crypto/dist/openssl/ssl/s3_clnt.c   patch
crypto/dist/openssl/ssl/t1_lib.cpatch

Patches for the following vulnerabilities:
Information leak in pretty printing functions (CVE-2014-3508)
Double Free when processing DTLS packets (CVE-2014-3505)
DTLS memory exhaustion (CVE-2014-3506)
DTLS memory leak from zero-length fragments (CVE-2014-3507)
OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
OpenSSL TLS protocol downgrade attack (CVE-2014-3511)

backported from the recent 1.0.1i OpenSSL release.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \
src/crypto/dist/openssl/crypto/asn1/a_object.c
cvs rdiff -u -r1.9.4.1 -r1.9.4.1.10.1 \
src/crypto/dist/openssl/crypto/asn1/asn1.h
cvs rdiff -u -r1.1.1.8.4.1 -r1.1.1.8.4.1.10.1 \
src/crypto/dist/openssl/crypto/asn1/asn1_err.c
cvs rdiff -u -r1.10 -r1.10.2.1 \
src/crypto/dist/openssl/crypto/objects/obj_dat.c
cvs rdiff -u -r1.3.4.2.6.1 -r1.3.4.2.6.2 \
src/crypto/dist/openssl/ssl/d1_both.c
cvs rdiff -u -r1.6 -r1.6.2.1 src/crypto/dist/openssl/ssl/s23_srvr.c
cvs rdiff -u -r1.12.4.3.4.1 -r1.12.4.3.4.2 \
src/crypto/dist/openssl/ssl/s3_clnt.c
cvs rdiff -u -r1.2.4.3 -r1.2.4.3.2.1 src/crypto/dist/openssl/ssl/t1_lib.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/dist/openssl/crypto/asn1/a_object.c
diff -u src/crypto/dist/openssl/crypto/asn1/a_object.c:1.1.1.7 src/crypto/dist/openssl/crypto/asn1/a_object.c:1.1.1.7.2.1
--- src/crypto/dist/openssl/crypto/asn1/a_object.c:1.1.1.7	Fri May  9 21:34:16 2008
+++ src/crypto/dist/openssl/crypto/asn1/a_object.c	Wed Aug 27 13:30:49 2014
@@ -95,7 +95,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, 
 	if (num == 0)
 		return(0);
 	else if (num == -1)
-		num=strlen(buf);
+		num=(int)strlen(buf);
 
 	p=buf;
 	c= *(p++);
@@ -239,7 +239,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT
 
 	if ((a == NULL) || (a-data == NULL))
 		return(BIO_write(bp,NULL,4));
-	i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
+	i=i2t_ASN1_OBJECT(buf,(int)sizeof buf,a);
 	if (i  (int)(sizeof(buf) - 1))
 		{
 		p = OPENSSL_malloc(i + 1);
@@ -289,7 +289,21 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT
 	ASN1_OBJECT *ret=NULL;
 	const unsigned char *p;
 	unsigned char *data;
-	int i;
+	int i, length;
+
+	/* Sanity check OID encoding.
+	 * Need at least one content octet.
+	 * MSB must be clear in the last octet.
+	 * can't have leading 0x80 in subidentifiers, see: X.690 8.19.2
+	 */
+	if (len = 0 || len  INT_MAX || pp == NULL || (p = *pp) == NULL ||
+	p[len - 1]  0x80)
+		{
+		ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
+		return NULL;
+		}
+	/* Now 0  len = INT_MAX, so the cast is safe. */
+	length = (int)len;
 
 	/* only the ASN1_OBJECTs from the 'table' will have values
 	 * for -sn or -ln */
@@ -300,28 +314,27 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT
 		}
 	else	ret=(*a);
 
-	p= *pp;
 	/* detach data from object */
 	data = (unsigned char *)ret-data;
 	ret-data = NULL;
 	/* once detached we can change it */
-	if ((data == NULL) || (ret-length  len))
+	if ((data == NULL) || (ret-length  length))
 		{
 		ret-length=0;
 		if (data != NULL) OPENSSL_free(data);
-		data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
+		data=(unsigned char *)OPENSSL_malloc(length);
 		if (data == NULL)
 			{ i=ERR_R_MALLOC_FAILURE; goto err; }
 		ret-flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
 		}
-	memcpy(data,p,(int)len);
+	memcpy(data,p,length);
 	/* reattach data to object, after which it remains const */
 	ret-data  =data;
-	ret-length=(int)len;
+	ret-length=length;
 	ret-sn=NULL;
 	ret-ln=NULL;
 	/* ret-flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
-	p+=len;
+	p+=length;
 
 	if (a != NULL) (*a)=ret;
 	*pp=p;

Index: src/crypto/dist/openssl/crypto/asn1/asn1.h
diff -u src/crypto/dist/openssl/crypto/asn1/asn1.h:1.9.4.1 src/crypto/dist/openssl/crypto/asn1/asn1.h:1.9.4.1.10.1
--- src/crypto/dist/openssl/crypto/asn1/asn1.h:1.9.4.1	Mon Mar 30 16:29:38 2009
+++

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

2014-08-27 Thread SAITOH Masanobu

Module Name:src
Committed By:   msaitoh
Date:   Wed Aug 27 13:30:49 UTC 2014

Modified Files:
src/crypto/dist/openssl/crypto/asn1 [netbsd-5-2]: a_object.c asn1.h
asn1_err.c
src/crypto/dist/openssl/crypto/objects [netbsd-5-2]: obj_dat.c
src/crypto/dist/openssl/ssl [netbsd-5-2]: d1_both.c s23_srvr.c
s3_clnt.c t1_lib.c

Log Message:
Pull up following revision(s) (requested by spz in ticket #1918):
crypto/dist/openssl/crypto/asn1/a_object.c  patch
crypto/dist/openssl/crypto/asn1/asn1.h  patch
crypto/dist/openssl/crypto/asn1/asn1_err.c  patch
crypto/dist/openssl/crypto/objects/obj_dat.cpatch
crypto/dist/openssl/ssl/d1_both.c   patch
crypto/dist/openssl/ssl/s23_srvr.c  patch
crypto/dist/openssl/ssl/s3_clnt.c   patch
crypto/dist/openssl/ssl/t1_lib.cpatch

Patches for the following vulnerabilities:
Information leak in pretty printing functions (CVE-2014-3508)
Double Free when processing DTLS packets (CVE-2014-3505)
DTLS memory exhaustion (CVE-2014-3506)
DTLS memory leak from zero-length fragments (CVE-2014-3507)
OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
OpenSSL TLS protocol downgrade attack (CVE-2014-3511)

backported from the recent 1.0.1i OpenSSL release.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \
src/crypto/dist/openssl/crypto/asn1/a_object.c
cvs rdiff -u -r1.9.4.1 -r1.9.4.1.10.1 \
src/crypto/dist/openssl/crypto/asn1/asn1.h
cvs rdiff -u -r1.1.1.8.4.1 -r1.1.1.8.4.1.10.1 \
src/crypto/dist/openssl/crypto/asn1/asn1_err.c
cvs rdiff -u -r1.10 -r1.10.2.1 \
src/crypto/dist/openssl/crypto/objects/obj_dat.c
cvs rdiff -u -r1.3.4.2.6.1 -r1.3.4.2.6.2 \
src/crypto/dist/openssl/ssl/d1_both.c
cvs rdiff -u -r1.6 -r1.6.2.1 src/crypto/dist/openssl/ssl/s23_srvr.c
cvs rdiff -u -r1.12.4.3.4.1 -r1.12.4.3.4.2 \
src/crypto/dist/openssl/ssl/s3_clnt.c
cvs rdiff -u -r1.2.4.3 -r1.2.4.3.2.1 src/crypto/dist/openssl/ssl/t1_lib.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

2014-06-06 Thread SAITOH Masanobu

Module Name:src
Committed By:   msaitoh
Date:   Fri Jun  6 06:42:08 UTC 2014

Modified Files:
src/crypto/dist/openssl/crypto/bn [netbsd-5-2]: bn.h bn_lib.c
src/crypto/dist/openssl/crypto/ec [netbsd-5-2]: ec2_mult.c
src/crypto/dist/openssl/ssl [netbsd-5-2]: d1_both.c s3_clnt.c s3_pkt.c
s3_srvr.c ssl3.h

Log Message:
Pull up following revision(s) (requested by spz in ticket #1908):
crypto/dist/openssl/crypto/bn/bn.h  patch
crypto/dist/openssl/crypto/bn/bn_lib.c  patch
crypto/dist/openssl/crypto/ec/ec2_mult.cpatch
crypto/dist/openssl/ssl/d1_both.c   patch
crypto/dist/openssl/ssl/s3_clnt.c   patch
crypto/dist/openssl/ssl/s3_pkt.cpatch
crypto/dist/openssl/ssl/s3_srvr.c   patch
crypto/dist/openssl/ssl/ssl3.h  patch

  *) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
 handshake can force the use of weak keying material in OpenSSL
 SSL/TLS clients and servers.

 Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and
 researching this issue. (CVE-2014-0224)
 [KIKUCHI Masashi, Steve Henson]

  *) Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an
 OpenSSL DTLS client the code can be made to recurse eventually crashing
 in a DoS attack.

 Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.
 (CVE-2014-0221)
 [Imre Rad, Steve Henson]

  *) Fix DTLS invalid fragment vulnerability. A buffer overrun attack can
 be triggered by sending invalid DTLS fragments to an OpenSSL DTLS
 client or server. This is potentially exploitable to run arbitrary
 code on a vulnerable client or server.

 Thanks to Jüri Aedla for reporting this issue. (CVE-2014-0195)
 [Jüri Aedla, Steve Henson]

  *) Fix bug in TLS code where clients enable anonymous ECDH ciphersuites
 are subject to a denial of service attack.

 Thanks to Felix Gröbert and Ivan Fratric at Google for discovering
 this issue. (CVE-2014-3470)
 [Felix Gröbert, Ivan Fratric, Steve Henson]


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.12.2.1 src/crypto/dist/openssl/crypto/bn/bn.h
cvs rdiff -u -r1.7 -r1.7.2.1 src/crypto/dist/openssl/crypto/bn/bn_lib.c
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.2.1 \
src/crypto/dist/openssl/crypto/ec/ec2_mult.c
cvs rdiff -u -r1.3.4.2 -r1.3.4.2.6.1 src/crypto/dist/openssl/ssl/d1_both.c
cvs rdiff -u -r1.12.4.3 -r1.12.4.3.4.1 src/crypto/dist/openssl/ssl/s3_clnt.c
cvs rdiff -u -r1.9.4.3 -r1.9.4.3.6.1 src/crypto/dist/openssl/ssl/s3_pkt.c
cvs rdiff -u -r1.15.4.4 -r1.15.4.4.4.1 src/crypto/dist/openssl/ssl/s3_srvr.c
cvs rdiff -u -r1.8 -r1.8.2.1 src/crypto/dist/openssl/ssl/ssl3.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/dist/openssl/crypto/bn/bn.h
diff -u src/crypto/dist/openssl/crypto/bn/bn.h:1.12 src/crypto/dist/openssl/crypto/bn/bn.h:1.12.2.1
--- src/crypto/dist/openssl/crypto/bn/bn.h:1.12	Fri May  9 21:49:39 2008
+++ src/crypto/dist/openssl/crypto/bn/bn.h	Fri Jun  6 06:42:08 2014
@@ -520,6 +520,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *ret,
 BIGNUM *BN_mod_sqrt(BIGNUM *ret,
 	const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
 
+void	BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
+
 /* Deprecated versions */
 #ifndef OPENSSL_NO_DEPRECATED
 BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,
@@ -742,11 +744,20 @@ int RAND_pseudo_bytes(unsigned char *buf
 
 #define bn_fix_top(a)		bn_check_top(a)
 
+#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
+#define bn_wcheck_size(bn, words) \
+	do { \
+		const BIGNUM *_bnum2 = (bn); \
+		assert(words = (_bnum2)-dmax  words = (_bnum2)-top); \
+	} while(0)
+
 #else /* !BN_DEBUG */
 
 #define bn_pollute(a)
 #define bn_check_top(a)
 #define bn_fix_top(a)		bn_correct_top(a)
+#define bn_check_size(bn, bits)
+#define bn_wcheck_size(bn, words)
 
 #endif
 

Index: src/crypto/dist/openssl/crypto/bn/bn_lib.c
diff -u src/crypto/dist/openssl/crypto/bn/bn_lib.c:1.7 src/crypto/dist/openssl/crypto/bn/bn_lib.c:1.7.2.1
--- src/crypto/dist/openssl/crypto/bn/bn_lib.c:1.7	Fri May  9 21:49:39 2008
+++ src/crypto/dist/openssl/crypto/bn/bn_lib.c	Fri Jun  6 06:42:08 2014
@@ -843,3 +843,55 @@ int bn_cmp_part_words(const BN_ULONG *a,
 		}
 	return bn_cmp_words(a,b,cl);
 	}
+
+/* 
+ * Constant-time conditional swap of a and b.  
+ * a and b are swapped if condition is not 0.  The code assumes that at most one bit of condition is set.
+ * nwords is the number of words to swap.  The code assumes that at least nwords are allocated in both a and b,
+ * and that no more than nwords are used by either a or b.
+ * a and b cannot be the same number
+ */
+void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
+	{
+	BN_ULONG t;
+	int i;
+
+	bn_wcheck_size(a, nwords);
+	bn_wcheck_size(b, nwords);
+

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

2014-06-06 Thread SAITOH Masanobu

Module Name:src
Committed By:   msaitoh
Date:   Fri Jun  6 06:42:08 UTC 2014

Modified Files:
src/crypto/dist/openssl/crypto/bn [netbsd-5-2]: bn.h bn_lib.c
src/crypto/dist/openssl/crypto/ec [netbsd-5-2]: ec2_mult.c
src/crypto/dist/openssl/ssl [netbsd-5-2]: d1_both.c s3_clnt.c s3_pkt.c
s3_srvr.c ssl3.h

Log Message:
Pull up following revision(s) (requested by spz in ticket #1908):
crypto/dist/openssl/crypto/bn/bn.h  patch
crypto/dist/openssl/crypto/bn/bn_lib.c  patch
crypto/dist/openssl/crypto/ec/ec2_mult.cpatch
crypto/dist/openssl/ssl/d1_both.c   patch
crypto/dist/openssl/ssl/s3_clnt.c   patch
crypto/dist/openssl/ssl/s3_pkt.cpatch
crypto/dist/openssl/ssl/s3_srvr.c   patch
crypto/dist/openssl/ssl/ssl3.h  patch

  *) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
 handshake can force the use of weak keying material in OpenSSL
 SSL/TLS clients and servers.

 Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and
 researching this issue. (CVE-2014-0224)
 [KIKUCHI Masashi, Steve Henson]

  *) Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an
 OpenSSL DTLS client the code can be made to recurse eventually crashing
 in a DoS attack.

 Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.
 (CVE-2014-0221)
 [Imre Rad, Steve Henson]

  *) Fix DTLS invalid fragment vulnerability. A buffer overrun attack can
 be triggered by sending invalid DTLS fragments to an OpenSSL DTLS
 client or server. This is potentially exploitable to run arbitrary
 code on a vulnerable client or server.

 Thanks to Jüri Aedla for reporting this issue. (CVE-2014-0195)
 [Jüri Aedla, Steve Henson]

  *) Fix bug in TLS code where clients enable anonymous ECDH ciphersuites
 are subject to a denial of service attack.

 Thanks to Felix Gröbert and Ivan Fratric at Google for discovering
 this issue. (CVE-2014-3470)
 [Felix Gröbert, Ivan Fratric, Steve Henson]


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.12.2.1 src/crypto/dist/openssl/crypto/bn/bn.h
cvs rdiff -u -r1.7 -r1.7.2.1 src/crypto/dist/openssl/crypto/bn/bn_lib.c
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.2.1 \
src/crypto/dist/openssl/crypto/ec/ec2_mult.c
cvs rdiff -u -r1.3.4.2 -r1.3.4.2.6.1 src/crypto/dist/openssl/ssl/d1_both.c
cvs rdiff -u -r1.12.4.3 -r1.12.4.3.4.1 src/crypto/dist/openssl/ssl/s3_clnt.c
cvs rdiff -u -r1.9.4.3 -r1.9.4.3.6.1 src/crypto/dist/openssl/ssl/s3_pkt.c
cvs rdiff -u -r1.15.4.4 -r1.15.4.4.4.1 src/crypto/dist/openssl/ssl/s3_srvr.c
cvs rdiff -u -r1.8 -r1.8.2.1 src/crypto/dist/openssl/ssl/ssl3.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

CVS commit: [netbsd-5-2] src/crypto/dist/openssl

10 matches

Site Navigation

Mail list logo

Footer information