OpenSSL Security Altert - Remote Buffer Overflows

2002-07-30 Thread Ben Laurie
OpenSSL Security Advisory [30 July 2002] This advisory consists of two independent advisories, merged, and is an official OpenSSL advisory. Advisory 1 == A.L. Digital Ltd and The Bunker (http://www.thebunker.net/) are conducting a security review of OpenSSL, under the DARPA program

Re: OpenSSL patches for other versions

2002-07-30 Thread Arne Ansper
These patches are known to apply correctly but have not been thoroughly tested. As I understand it, OpenSSL will call abort() when it detects attack against any hole in SSL. It might be acceptable for process-per-connection situations like Apache, but when one process serves many connections

Re: OpenSSL patches for other versions

2002-07-30 Thread Jeffrey Altman
These patches are known to apply correctly but have not been thoroughly tested. As I understand it, OpenSSL will call abort() when it detects attack against any hole in SSL. It might be acceptable for process-per-connection situations like Apache, but when one process serves many

[openssl.org #169] 0.9.7-b3 compile error on Win32

2002-07-30 Thread Jeffrey Altman via RT
ssl\s3_srver.c (1591) error: pms_length is not a member of evp_cipher_st I believe the correct reference is if (enc_pms.length sizeof pms) instead of if (enc.pms_length sizeof pms) Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!! The Kermit Project @

[openssl.org #169] 0.9.7-b3 compile error on Win32

2002-07-30 Thread Lutz Jaenicke via RT
[[EMAIL PROTECTED] - Tue Jul 30 15:23:37 2002]: ssl\s3_srver.c (1591) error: pms_length is not a member of evp_cipher_st I believe the correct reference is if (enc_pms.length sizeof pms) instead of if (enc.pms_length sizeof pms) Thanks, fixed. Lutz

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 15:26:34 +0200 (METDST), Jeffrey Altman via RT [EMAIL PROTECTED] said: rt Need to add it to the exports list. For anyone who has the time, the fix is to move the declaration (but not the macro die()) from cryptlib.h to crypto.h, then do a make

Re: OpenSSL patches for other versions

2002-07-30 Thread Arne Ansper
As I understand it, OpenSSL will call abort() when it detects attack against any hole in SSL. Unh, no. The only time it calls abort is with -DREF_CHECK, and if a reference count is less than zero, which is a can't happen condition. the new patches that fix various buffer overflows in

Re: OpenSSL patches for other versions

2002-07-30 Thread Rich Salz
As I understand it, OpenSSL will call abort() when it detects attack against any hole in SSL. Unh, no. The only time it calls abort is with -DREF_CHECK, and if a reference count is less than zero, which is a can't happen condition. /r$

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 15:56:30 +0200 (CEST), Richard Levitte - VMS Whacker [EMAIL PROTECTED] said: levitte In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 15:26:34 +0200 (METDST), Jeffrey Altman via RT [EMAIL PROTECTED] said: levitte levitte rt Need to add it to

Re: OpenSSL patches for other versions

2002-07-30 Thread Jeffrey Altman
As I understand it, OpenSSL will call abort() when it detects attack against any hole in SSL. Unh, no. The only time it calls abort is with -DREF_CHECK, and if a reference count is less than zero, which is a can't happen condition. /r$ Or when the new OpenSSLDie() is called.

Re: OpenSSL patches for other versions

2002-07-30 Thread Bodo Moeller
On Tue, Jul 30, 2002 at 03:50:17PM +0300, Arne Ansper wrote: These patches are known to apply correctly but have not been thoroughly tested. As I understand it, OpenSSL will call abort() when it detects attack against any hole in SSL. Not quite. The attacks against known holes are

Re: OpenSSL patches for other versions

2002-07-30 Thread Rich Salz
the new patches that fix various buffer overflows in SSL code call abort() anytime attacker wants. Sorry, I should read all my email first. You're right, of course. __ OpenSSL Project

OpenSSL stability

2002-07-30 Thread Chris Jarshant
I asked this on -users but I think -dev might be more appropriate... Are there any declarations of the stability of the APIs found in the OpenSSL distribution? For example, are there any guarantees or even we will try not to's which limit the amount of change that the APIs can undergo from

Re: Announcement: OpenSSL 0.9.6e (Security related upgrade)

2002-07-30 Thread Claus Assmann
On Tue, Jul 30, 2002, Lutz Jaenicke wrote: OpenSSL version 0.9.6e released Can someone please sign the distribution? Or at least include the MD5 checksum in a PGP signed announcement? There was an openssl-0.9.6d.tar.gz.asc but: Requesting

Re: signing distributions/announcements (was: Announcement: OpenSSL 0.9.6e (Security related upgrade))

2002-07-30 Thread Claus Assmann
On Tue, Jul 30, 2002, Claus Assmann wrote: On Tue, Jul 30, 2002, Lutz Jaenicke wrote: OpenSSL version 0.9.6e released Can someone please sign the distribution? Or at least include the MD5 checksum in a PGP signed announcement? Sorry for the noise, I finally found

[openssl.org #171] packaging problems in 0.9.6e

2002-07-30 Thread Tony Finch via RT
Some of the files in the 0.9.6e tarball have restrictive permissions which prevent building and installing as different non-privileged users. -rw--- openssl/openssl 23853 Jul 30 11:06 2002 openssl-0.9.6e/Makefile.ssl lrwx-- openssl/openssl 0 Jul 30 11:03 2002

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Lutz Jaenicke via RT
On Tue, Jul 30, 2002 at 04:10:45PM +0200, Richard Levitte - VMS Whacker via RT wrote: In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 15:56:30 +0200 (CEST), Richard Levitte - VMS Whacker [EMAIL PROTECTED] said: levitte In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 15:26:34 +0200

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Ben Laurie
Lutz Jaenicke via RT wrote: On Tue, Jul 30, 2002 at 04:10:45PM +0200, Richard Levitte - VMS Whacker via RT wrote: In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 15:56:30 +0200 (CEST), Richard Levitte - VMS Whacker [EMAIL PROTECTED] said: levitte In message [EMAIL PROTECTED] on Tue, 30 Jul

[openssl.org #172] 0.9.7-beta3: evp.h and compatibility defines break crypt()

2002-07-30 Thread Lutz Jaenicke via RT
Due to the re-inclusion of all ciphers from evp.h, the des.h header file with the compatibility define of crypt() is included. If a system header file defines crypt() itself, for HP-UX this is sys/unistd.h, it must fail if included only after evp.h (or one of the other header files includinge

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Jeffrey Altman
OK, I don't understand why it needs to be exported - isn't it internal to the library? But assuming it does, I prefer the original suggestions (i.e. move the declaration of OpenSSLDie()). It needs to be exported because the function is defined in libeay32.dll and used in ssleay32.dll on

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Jeffrey Altman via RT
OK, I don't understand why it needs to be exported - isn't it internal to the library? But assuming it does, I prefer the original suggestions (i.e. move the declaration of OpenSSLDie()). It needs to be exported because the function is defined in libeay32.dll and used in ssleay32.dll on

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Lutz Jaenicke via RT
On Tue, Jul 30, 2002 at 03:26:34PM +0200, Jeffrey Altman via RT wrote: Need to add it to the exports list. I just had a look into this thing. Ben designed the die() function such that it uses cryptlib.h, which is not exported. Thus the macro die() and the underlying OpenSSLDie() function

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Richard Levitte - VMS Whacker via RT
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 15:26:34 +0200 (METDST), Jeffrey Altman via RT [EMAIL PROTECTED] said: rt Need to add it to the exports list. For anyone who has the time, the fix is to move the declaration (but not the macro die()) from cryptlib.h to crypto.h, then do a make

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Arne Ansper
I have added Ben to the CCs of this ticket, as it might affect all other patches, too! btw, i'm in process of rewriting the patches to not use die at all. openssl-0.9.5a is almost ready. arne __ OpenSSL Project

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Jeffrey Altman
rt Need to add it to the exports list. For anyone who has the time, the fix is to move the declaration (but not the macro die()) from cryptlib.h to crypto.h, then do a make update. And this will auto-generate the entry for util/libeay.num ? Cool. Jeffrey Altman * Sr.Software Designer

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Arne Ansper
btw, i'm in process of rewriting the patches to not use die at all. openssl-0.9.5a is almost ready. i started with openssl-0.9.6e instead. attached is a patch for openssl-0.9.6e that removes the usage of die. please review it carefully. all changes are localized but the action i take in

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Jeffrey Altman
jaltman Now the choices as I see it are: jaltman jaltman . export the function. which I have done in order to get the jaltmancode to compile and link on Windows, or jaltman jaltman . remove the call entirely and instead simply have OpenSSL return jaltmanan error to the

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Richard Levitte - VMS Whacker via RT
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 15:49:00 +0100, Ben Laurie [EMAIL PROTECTED] said: ben OK, I don't understand why it needs to be exported - isn't it internal ben to the library? But assuming it does, I prefer the original suggestions ben (i.e. move the declaration of

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 15:49:00 +0100, Ben Laurie [EMAIL PROTECTED] said: ben OK, I don't understand why it needs to be exported - isn't it internal ben to the library? But assuming it does, I prefer the original suggestions ben (i.e. move the declaration of

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 10:56:29 EDT, Jeffrey Altman [EMAIL PROTECTED] said: jaltman jaltman OK, I don't understand why it needs to be exported - isn't it internal jaltman to the library? But assuming it does, I prefer the original suggestions jaltman (i.e. move

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Richard Levitte - VMS Whacker via RT
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 10:56:29 EDT, Jeffrey Altman [EMAIL PROTECTED] said: jaltman jaltman OK, I don't understand why it needs to be exported - isn't it internal jaltman to the library? But assuming it does, I prefer the original suggestions jaltman (i.e. move

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Jeffrey Altman via RT
jaltman Now the choices as I see it are: jaltman jaltman . export the function. which I have done in order to get the jaltmancode to compile and link on Windows, or jaltman jaltman . remove the call entirely and instead simply have OpenSSL return jaltmanan error to the

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Ben Laurie via RT
Lutz Jaenicke via RT wrote: On Tue, Jul 30, 2002 at 04:10:45PM +0200, Richard Levitte - VMS Whacker via RT wrote: In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 15:56:30 +0200 (CEST), Richard Levitte - VMS Whacker [EMAIL PROTECTED] said: levitte In message [EMAIL PROTECTED] on Tue, 30 Jul

Re: [Announce] OpenSSL 0.9.7-beta3 (Security)

2002-07-30 Thread Götz Babin-Ebell
Lutz Jaenicke schrieb: Hello, The third beta release of OpenSSL 0.9.7 is now available from the OpenSSL FTP site URL: ftp://ftp.openssl.org/source/. Quite a lot of code changed between the 0.9.6 release and the 0.9.7 release, so a series of 3 or 4 beta releases is planned before the final

Re: OpenSSL patches for other versions

2002-07-30 Thread mlafon
I've looked at the differences between the 0.9.5a and the official patch and i found that the following portion of asn1_lib.c patch is not in 0.9.5a one althoug the code is already in 0.9.5a source code. Do you have an explanation ? Please cc me for any reply, i'm not subscribe to

OpenSSL patches for other versions

2002-07-30 Thread Ben Laurie
Enclosed are patches for today's OpenSSL security alert which apply to other versions. The patch for 0.9.7 is supplied by Ben Laurie [EMAIL PROTECTED] and the remainder by Vincent Danen (email not supplied). Patches are for 0.9.5a, 0.9.6 (use 0.9.6b patch), 0.9.6b, 0.9.6c, 0.9.7-dev. These

[openssl.org #173] Building 0.9.6e on Win32

2002-07-30 Thread [EMAIL PROTECTED] via RT
Hello... FYI that I had to add OpenSSLDie to util\libeay.num and add crypto/cryptlib.h to $crypto in util\mkdef.pl in order to get the DLL versions of 0.9.6e to build on Win32. This probably affects all other versions that were patched today as well. Ryan Koski Wells Fargo - Cryptography

Re: [openssl.org #172] 0.9.7-beta3: evp.h and compatibilitydefines break crypt()

2002-07-30 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 19:36:18 +0200 (METDST), Lutz Jaenicke via RT [EMAIL PROTECTED] said: rt Shall we disable the crypt() function for more platforms, maybe rt even all platforms? Maybe we should have a macro OPENSSL_NO_CRYPT, which is defined by default... That's

[openssl.org #171] packaging problems in 0.9.6e

2002-07-30 Thread Lutz Jaenicke via RT
[[EMAIL PROTECTED] - Tue Jul 30 18:49:55 2002]: Some of the files in the 0.9.6e tarball have restrictive permissions which prevent building and installing as different non-privileged users. -rw--- openssl/openssl 23853 Jul 30 11:06 2002 openssl- 0.9.6e/Makefile.ssl lrwx--

RE: OpenSSL patches for other versions

2002-07-30 Thread Kim, Peter
Will there be a patch for even older version such as 0.9.3? Thanks. Peter K. -Original Message- From: Ben Laurie [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 30, 2002 3:15 AM To: OpenSSL Announce; Bugtraq; OpenSSL Dev; [EMAIL PROTECTED] Subject: OpenSSL patches for other versions

Re: [openssl.org #172] 0.9.7-beta3: evp.h and compatibility defines break crypt()

2002-07-30 Thread Richard Levitte - VMS Whacker via RT
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 19:36:18 +0200 (METDST), Lutz Jaenicke via RT [EMAIL PROTECTED] said: rt Shall we disable the crypt() function for more platforms, maybe rt even all platforms? Maybe we should have a macro OPENSSL_NO_CRYPT, which is defined by default...

Re: [Announce] OpenSSL 0.9.7-beta3 (Security)

2002-07-30 Thread Lutz Jaenicke
On Tue, Jul 30, 2002 at 09:35:40PM +0200, Götz Babin-Ebell wrote: The third beta release of OpenSSL 0.9.7 is now available from the OpenSSL FTP site URL: ftp://ftp.openssl.org/source/. Quite a lot of code changed between the 0.9.6 release and the 0.9.7 release, so a series of 3 or 4 beta

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 11:31:17 EDT, Jeffrey Altman [EMAIL PROTECTED] said: jaltman since they do not compile on two major platforms. On VMS, creating OpenSSL shared libraries is not the norm yet, so it'll build fine :-). -- Richard Levitte \ Spannvägen 38, II \

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 16:16:50 EDT, Jeffrey Altman [EMAIL PROTECTED] said: jaltman fine. shared libraries won't work on two major platforms. jaltman One of which where it is the norm. I'm not arguing that. jaltman the other bug I submitted this morning prevents the

Announcement: OpenSSL 0.9.6e (Security related upgrade)

2002-07-30 Thread Lutz Jaenicke
OpenSSL version 0.9.6e released === OpenSSL - The Open Source toolkit for SSL/TLS http://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 0.9.6e of our open source toolkit for SSL/TLS. This new OpenSSL version is

[Announce] OpenSSL 0.9.7-beta3 (Security)

2002-07-30 Thread Lutz Jaenicke
The third beta release of OpenSSL 0.9.7 is now available from the OpenSSL FTP site URL: ftp://ftp.openssl.org/source/. Quite a lot of code changed between the 0.9.6 release and the 0.9.7 release, so a series of 3 or 4 beta releases is planned before the final release. SECURITY INFORMATION:

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Jeffrey Altman
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 11:31:17 EDT, Jeffrey Altman [EMAIL PROTECTED] said: jaltman since they do not compile on two major platforms. On VMS, creating OpenSSL shared libraries is not the norm yet, so it'll build fine :-). fine. shared libraries won't work on

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-07-30 Thread Jeffrey Altman via RT
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 11:31:17 EDT, Jeffrey Altman [EMAIL PROTECTED] said: jaltman since they do not compile on two major platforms. On VMS, creating OpenSSL shared libraries is not the norm yet, so it'll build fine :-). fine. shared libraries won't work on

Re: OpenSSL patches for other versions

2002-07-30 Thread Ademar de Souza Reis Jr.
On Tue, Jul 30, 2002 at 11:15:00AM +0100, Ben Laurie wrote: Enclosed are patches for today's OpenSSL security alert which apply to other versions. The patch for 0.9.7 is supplied by Ben Laurie [EMAIL PROTECTED] and the remainder by Vincent Danen (email not supplied). Patches are for

[openssl.org #174] 0.9.7 inclusion of the IBM Crypto Accelerator Engine

2002-07-30 Thread via RT
This patch provides the required support for the IBM Crypto Accelerator engine. We submitted this back in the beginning of the year, and are requesting that this be included with the other engines. The device can be exploited on Windows, AIX, Linux (ppc, x86, system 390) through this patch and

Re: [PATCH] AES counter mode non-zero counter offset

2002-07-30 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Tue, 30 Jul 2002 14:04:21 PDT, Matt Piotrowski [EMAIL PROTECTED] said: matt.piotrowski I think there's a bug in the AES counter mode matt.piotrowski implementation: if you pass a non-zero counter offset matt.piotrowski to AES_ctr128_encrypt() (through the num

Re: [PATCH] AES counter mode non-zero counter offset

2002-07-30 Thread Michael Sierchio
Richard Levitte - VMS Whacker wrote: How could num (or n, inside AES_ctr128_encrypt() ever have a value that isn't between 0 (included) and AES_BLOCK_SIZE (excluded), It's even smaller than that. CTR mode is defined as a BIG-ENDIAN 128-bit number (AES only has one block size) 0 = n = 2^64-1

Re: [PATCH] AES counter mode non-zero counter offset

2002-07-30 Thread Matt Piotrowski
On Tuesday 30 July 2002 02:54 pm, Richard Levitte - VMS Whacker wrote: How could num (or n, inside AES_ctr128_encrypt() ever have a value that isn't between 0 (included) and AES_BLOCK_SIZE (excluded), unless you do something stupid with num between calls? Make note of the following