diff --git a/trunk/Add-a-test-for-GENERAL_NAME_cmp.patch b/trunk/Add-a-test-for-GENERAL_NAME_cmp.patch new file mode 100644 index 0000000..b3cda2a --- /dev/null +++ b/trunk/Add-a-test-for-GENERAL_NAME_cmp.patch @@ -0,0 +1,382 @@ +From: Matt Caswell +Date: Mon, 30 Nov 2020 13:50:52 +0000 +Subject: Add a test for GENERAL_NAME_cmp + +Based on a boringssl test contributed by David Benjamin +--- + test/v3nametest.c | 344 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 344 insertions(+) + +--- a/crypto/x509v3/v3nametest.c ++++ b/crypto/x509v3/v3nametest.c +@@ -3,6 +3,8 @@ + #include "../e_os.h" + #include + ++#define OSSL_NELEM(x) (sizeof(x)/sizeof(x[0])) ++ + static const char *const names[] = { + "a", "b", ".", "*", "@", + ".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..", +@@ -321,6 +323,349 @@ static void run_cert(X509 *crt, const ch + } + } + ++struct gennamedata { ++ const unsigned char der[22]; ++ size_t derlen; ++} gennames[] = { ++ { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * SEQUENCE {} ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x13, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x02, 0x30, 0x00 ++ }, ++ 21 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * [APPLICATION 0] {} ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x13, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x02, 0x60, 0x00 ++ }, ++ 21 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x0c, 0x01, 0x61 ++ }, ++ 22 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.2 } ++ * [0] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x02, 0xa0, 0x03, 0x0c, 0x01, 0x61 ++ }, ++ 22 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * UTF8String { "b" } ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x0c, 0x01, 0x62 ++ }, ++ 22 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * BOOLEAN { TRUE } ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x01, 0x01, 0xff ++ }, ++ 22 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * BOOLEAN { FALSE } ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x01, 0x01, 0x00 ++ }, ++ 22 ++ }, { ++ /* [1 PRIMITIVE] { "a" } */ ++ { ++ 0x81, 0x01, 0x61 ++ }, ++ 3 ++ }, { ++ /* [1 PRIMITIVE] { "b" } */ ++ { ++ 0x81, 0x01, 0x62 ++ }, ++ 3 ++ }, { ++ /* [2 PRIMITIVE] { "a" } */ ++ { ++ 0x82, 0x01, 0x61 ++ }, ++ 3 ++ }, { ++ /* [2 PRIMITIVE] { "b" } */ ++ { ++ 0x82, 0x01, 0x62 ++ }, ++ 3 ++ }, { ++ /* ++ * [4] { ++ * SEQUENCE { ++ * SET { ++ * SEQUENCE { ++ * # commonName ++ * OBJECT_IDENTIFIER { 2.5.4.3 } ++ * UTF8String { "a" } ++ * } ++ * } ++ * } ++ * } ++ */ ++ { ++ 0xa4, 0x0e, 0x30, 0x0c, 0x31, 0x0a, 0x30, 0x08, 0x06, 0x03, 0x55, ++ 0x04, 0x03, 0x0c, 0x01, 0x61 ++ }, ++ 16 ++ }, { ++ /* ++ * [4] { ++ * SEQUENCE { ++ * SET { ++ * SEQUENCE { ++ * # commonName ++ * OBJECT_IDENTIFIER { 2.5.4.3 } ++ * UTF8String { "b" } ++ * } ++ * } ++ * } ++ * } ++ */ ++ { ++ 0xa4, 0x0e, 0x30, 0x0c, 0x31, 0x0a, 0x30, 0x08, 0x06, 0x03, 0x55, ++ 0x04, 0x03, 0x0c, 0x01, 0x62 ++ }, ++ 16 ++ }, { ++ /* ++ * [5] { ++ * [1] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa5, 0x05, 0xa1, 0x03, 0x0c, 0x01, 0x61 ++ }, ++ 7 ++ }, { ++ /* ++ * [5] { ++ * [1] { ++ * UTF8String { "b" } ++ * } ++ * } ++ */ ++ { ++ 0xa5, 0x05, 0xa1, 0x03, 0x0c, 0x01, 0x62 ++ }, ++ 7 ++ }, { ++ /* ++ * [5] { ++ * [0] { ++ * UTF8String {} ++ * } ++ * [1] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa5, 0x09, 0xa0, 0x02, 0x0c, 0x00, 0xa1, 0x03, 0x0c, 0x01, 0x61 ++ }, ++ 11 ++ }, { ++ /* ++ * [5] { ++ * [0] { ++ * UTF8String { "a" } ++ * } ++ * [1] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa5, 0x0a, 0xa0, 0x03, 0x0c, 0x01, 0x61, 0xa1, 0x03, 0x0c, 0x01, ++ 0x61 ++ }, ++ 12 ++ }, { ++ /* ++ * [5] { ++ * [0] { ++ * UTF8String { "b" } ++ * } ++ * [1] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa5, 0x0a, 0xa0, 0x03, 0x0c, 0x01, 0x62, 0xa1, 0x03, 0x0c, 0x01, ++ 0x61 ++ }, ++ 12 ++ }, { ++ /* [6 PRIMITIVE] { "a" } */ ++ { ++ 0x86, 0x01, 0x61 ++ }, ++ 3 ++ }, { ++ /* [6 PRIMITIVE] { "b" } */ ++ { ++ 0x86, 0x01, 0x62 ++ }, ++ 3 ++ }, { ++ /* [7 PRIMITIVE] { `11111111` } */ ++ { ++ 0x87, 0x04, 0x11, 0x11, 0x11, 0x11 ++ }, ++ 6 ++ }, { ++ /* [7 PRIMITIVE] { `22222222`} */ ++ { ++ 0x87, 0x04, 0x22, 0x22, 0x22, 0x22 ++ }, ++ 6 ++ }, { ++ /* [7 PRIMITIVE] { `11111111111111111111111111111111` } */ ++ { ++ 0x87, 0x10, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, ++ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11 ++ }, ++ 18 ++ }, { ++ /* [7 PRIMITIVE] { `22222222222222222222222222222222` } */ ++ { ++ 0x87, 0x10, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, ++ 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 ++ }, ++ 18 ++ }, { ++ /* [8 PRIMITIVE] { 1.2.840.113554.4.1.72585.2.1 } */ ++ { ++ 0x88, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, ++ 0xb7, 0x09, 0x02, 0x01 ++ }, ++ 15 ++ }, { ++ /* [8 PRIMITIVE] { 1.2.840.113554.4.1.72585.2.2 } */ ++ { ++ 0x88, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, ++ 0xb7, 0x09, 0x02, 0x02 ++ }, ++ 15 ++ } ++}; ++ ++static int test_GENERAL_NAME_cmp(void) ++{ ++ size_t i, j; ++ GENERAL_NAME **namesa = OPENSSL_malloc(sizeof(*namesa) ++ * OSSL_NELEM(gennames)); ++ GENERAL_NAME **namesb = OPENSSL_malloc(sizeof(*namesb) ++ * OSSL_NELEM(gennames)); ++ int testresult = 0; ++ ++ if (namesa == NULL || namesb == NULL) ++ goto end; ++ ++ for (i = 0; i < OSSL_NELEM(gennames); i++) { ++ const unsigned char *derp = gennames[i].der; ++ ++ /* ++ * We create two versions of each GENERAL_NAME so that we ensure when ++ * we compare them they are always different pointers. ++ */ ++ namesa[i] = d2i_GENERAL_NAME(NULL, &derp, gennames[i].derlen); ++ derp = gennames[i].der; ++ namesb[i] = d2i_GENERAL_NAME(NULL, &derp, gennames[i].derlen); ++ if (namesa[i] == NULL || namesb[i] == NULL) ++ goto end; ++ } ++ ++ /* Every name should be equal to itself and not equal to any others. */ ++ for (i = 0; i < OSSL_NELEM(gennames); i++) { ++ for (j = 0; j < OSSL_NELEM(gennames); j++) { ++ if (i == j) { ++ if (GENERAL_NAME_cmp(namesa[i], namesb[j]) != 0) ++ goto end; ++ } else { ++ if (GENERAL_NAME_cmp(namesa[i], namesb[j]) == 0) ++ goto end; ++ } ++ } ++ } ++ testresult = 1; ++ ++ end: ++ for (i = 0; i < OSSL_NELEM(gennames); i++) { ++ if (namesa != NULL) ++ GENERAL_NAME_free(namesa[i]); ++ if (namesb != NULL) ++ GENERAL_NAME_free(namesb[i]); ++ } ++ OPENSSL_free(namesa); ++ OPENSSL_free(namesb); ++ ++ return testresult; ++} ++ + int main(void) + { + const struct set_name_fn *pfn = name_fns; +@@ -342,5 +687,11 @@ int main(void) + } + ++pfn; + } ++ ++ if (!test_GENERAL_NAME_cmp()) { ++ fprintf(stderr, "test_GENERAL_NAME_cmp failed\n"); ++ return 1; ++ } ++ + return errors > 0 ? 1 : 0; + } diff --git a/trunk/CVE-2020-1968.patch b/trunk/CVE-2020-1968.patch new file mode 100644 index 0000000..be0fa39 --- /dev/null +++ b/trunk/CVE-2020-1968.patch @@ -0,0 +1,247 @@ +Description: disable ciphers vulnerable to CVE-2020-1968 +Author: Marc Deslauriers + +--- a/ssl/s3_lib.c ++++ b/ssl/s3_lib.c +@@ -967,6 +967,7 @@ + 128, + }, + /* Cipher 30 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_DSS_WITH_AES_128_SHA, +@@ -981,7 +982,9 @@ + 128, + 128, + }, ++#endif + /* Cipher 31 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_RSA_WITH_AES_128_SHA, +@@ -996,6 +999,7 @@ + 128, + 128, + }, ++#endif + /* Cipher 32 */ + { + 1, +@@ -1058,6 +1062,7 @@ + 256, + }, + /* Cipher 36 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_DSS_WITH_AES_256_SHA, +@@ -1072,8 +1077,10 @@ + 256, + 256, + }, ++#endif + + /* Cipher 37 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_RSA_WITH_AES_256_SHA, +@@ -1088,6 +1095,7 @@ + 256, + 256, + }, ++#endif + + /* Cipher 38 */ + { +@@ -1187,6 +1195,7 @@ + }, + + /* Cipher 3E */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_DSS_WITH_AES_128_SHA256, +@@ -1201,8 +1210,10 @@ + 128, + 128, + }, ++#endif + + /* Cipher 3F */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_RSA_WITH_AES_128_SHA256, +@@ -1217,6 +1228,7 @@ + 128, + 128, + }, ++#endif + + /* Cipher 40 */ + { +@@ -1254,6 +1266,7 @@ + }, + + /* Cipher 42 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, +@@ -1268,8 +1281,10 @@ + 128, + 128, + }, ++#endif + + /* Cipher 43 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, +@@ -1284,6 +1299,7 @@ + 128, + 128, + }, ++#endif + + /* Cipher 44 */ + { +@@ -1479,6 +1495,7 @@ + }, + + /* Cipher 68 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_DSS_WITH_AES_256_SHA256, +@@ -1493,8 +1510,10 @@ + 256, + 256, + }, ++#endif + + /* Cipher 69 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_RSA_WITH_AES_256_SHA256, +@@ -1509,6 +1528,7 @@ + 256, + 256, + }, ++#endif + + /* Cipher 6A */ + { +@@ -1648,6 +1668,7 @@ + 256, + }, + /* Cipher 85 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, +@@ -1662,8 +1683,10 @@ + 256, + 256, + }, ++#endif + + /* Cipher 86 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, +@@ -1678,6 +1701,7 @@ + 256, + 256, + }, ++#endif + + /* Cipher 87 */ + { +@@ -1818,6 +1842,7 @@ + }, + + /* Cipher 97 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_DSS_WITH_SEED_SHA, +@@ -1832,8 +1857,10 @@ + 128, + 128, + }, ++#endif + + /* Cipher 98 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_RSA_WITH_SEED_SHA, +@@ -1848,6 +1875,7 @@ + 128, + 128, + }, ++#endif + + /* Cipher 99 */ + { +@@ -1966,6 +1994,7 @@ + }, + + /* Cipher A0 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, +@@ -1980,8 +2009,10 @@ + 128, + 128, + }, ++#endif + + /* Cipher A1 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, +@@ -1996,6 +2027,7 @@ + 256, + 256, + }, ++#endif + + /* Cipher A2 */ + { +@@ -2030,6 +2062,7 @@ + }, + + /* Cipher A4 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, +@@ -2044,8 +2077,10 @@ + 128, + 128, + }, ++#endif + + /* Cipher A5 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, +@@ -2060,6 +2095,7 @@ + 256, + 256, + }, ++#endif + + /* Cipher A6 */ + { diff --git a/trunk/CVE-2021-23840.patch b/trunk/CVE-2021-23840.patch new file mode 100644 index 0000000..58240ef --- /dev/null +++ b/trunk/CVE-2021-23840.patch @@ -0,0 +1,63 @@ +--- openssl1.0-1.0.2u.orig/crypto/evp/evp_err.c ++++ openssl1.0-1.0.2u/crypto/evp/evp_err.c +@@ -215,6 +215,7 @@ static ERR_STRING_DATA EVP_str_reasons[] + {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), + "operation not supported for this keytype"}, + {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"}, ++ {ERR_REASON(EVP_R_OUTPUT_WOULD_OVERFLOW), "output would overflow"}, + {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE), + "pkcs8 unknown broken type"}, + {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"}, +--- openssl1.0-1.0.2u.orig/crypto/evp/evp_enc.c ++++ openssl1.0-1.0.2u/crypto/evp/evp_enc.c +@@ -357,6 +357,20 @@ static int evp_EncryptDecryptUpdate(EVP_ + return 1; + } else { + j = bl - i; ++ ++ /* ++ * Once we've processed the first j bytes from in, the amount of ++ * data left that is a multiple of the block length is: ++ * (inl - j) & ~(bl - 1) ++ * We must ensure that this amount of data, plus the one block that ++ * we process from ctx->buf does not exceed INT_MAX ++ */ ++ if (((inl - j) & ~(bl - 1)) > INT_MAX - bl) { ++ EVPerr(EVP_F_EVP_ENCRYPTUPDATE, ++ EVP_R_OUTPUT_WOULD_OVERFLOW); ++ return 0; ++ } ++ + memcpy(&(ctx->buf[i]), in, j); + if (!M_do_cipher(ctx, out, ctx->buf, bl)) + return 0; +@@ -482,6 +496,19 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ct + OPENSSL_assert(b <= sizeof(ctx->final)); + + if (ctx->final_used) { ++ /* ++ * final_used is only ever set if buf_len is 0. Therefore the maximum ++ * length output we will ever see from evp_EncryptDecryptUpdate is ++ * the maximum multiple of the block length that is <= inl, or just: ++ * inl & ~(b - 1) ++ * Since final_used has been set then the final output length is: ++ * (inl & ~(b - 1)) + b ++ * This must never exceed INT_MAX ++ */ ++ if ((inl & ~(b - 1)) > INT_MAX - b) { ++ EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_OUTPUT_WOULD_OVERFLOW); ++ return 0; ++ } + memcpy(out, ctx->final, b); + out += b; + fix_len = 1; +--- openssl1.0-1.0.2u.orig/crypto/evp/evp.h ++++ openssl1.0-1.0.2u/crypto/evp/evp.h +@@ -1582,6 +1582,7 @@ void ERR_load_EVP_strings(void); + # define EVP_R_FIPS_MODE_NOT_SUPPORTED 167 + # define EVP_R_INITIALIZATION_ERROR 134 + # define EVP_R_INPUT_NOT_INITIALIZED 111 ++# define EVP_R_OUTPUT_WOULD_OVERFLOW 184 + # define EVP_R_INVALID_DIGEST 152 + # define EVP_R_INVALID_FIPS_MODE 168 + # define EVP_R_INVALID_KEY 171 diff --git a/trunk/CVE-2021-23841.patch b/trunk/CVE-2021-23841.patch new file mode 100644 index 0000000..c41adc4 --- /dev/null +++ b/trunk/CVE-2021-23841.patch @@ -0,0 +1,11 @@ +--- openssl1.0-1.0.2u.orig/crypto/x509/x509_cmp.c ++++ openssl1.0-1.0.2u/crypto/x509/x509_cmp.c +@@ -87,6 +87,8 @@ unsigned long X509_issuer_and_serial_has + + EVP_MD_CTX_init(&ctx); + f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0); ++ if (f == NULL) ++ goto err; + if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)) + goto err; + if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f))) diff --git a/trunk/Check-that-multi-strings-CHOICE-types-don-t-use-implicit-.patch b/trunk/Check-that-multi-strings-CHOICE-types-don-t-use-implicit-.patch new file mode 100644 index 0000000..33ce92c --- /dev/null +++ b/trunk/Check-that-multi-strings-CHOICE-types-don-t-use-implicit-.patch @@ -0,0 +1,78 @@ +From: Matt Caswell +Date: Thu, 12 Nov 2020 11:58:12 +0000 +Subject: Check that multi-strings/CHOICE types don't use implicit tagging + +It never makes sense for multi-string or CHOICE types to use implicit +tagging since the content would be ambiguous. It is an error in the +template if this ever happens. If we detect it we should stop parsing. + +Thanks to David Benjamin from Google for reporting this issue. +--- + crypto/asn1/asn1_err.c | 1 + + crypto/asn1/tasn_dec.c | 19 +++++++++++++++++++ + crypto/err/openssl.txt | 1 + + include/openssl/asn1err.h | 1 + + 4 files changed, 22 insertions(+) + +--- a/crypto/asn1/tasn_dec.c ++++ b/crypto/asn1/tasn_dec.c +@@ -223,6 +223,15 @@ static int asn1_item_ex_d2i(ASN1_VALUE * + break; + + case ASN1_ITYPE_MSTRING: ++ /* ++ * It never makes sense for multi-strings to have implicit tagging, so ++ * if tag != -1, then this looks like an error in the template. ++ */ ++ if (tag != -1) { ++ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_BAD_TEMPLATE); ++ goto err; ++ } ++ + p = *in; + /* Just read in tag and class */ + ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, +@@ -240,6 +249,7 @@ static int asn1_item_ex_d2i(ASN1_VALUE * + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL); + goto err; + } ++ + /* Check tag matches bit map */ + if (!(ASN1_tag2bit(otag) & it->utype)) { + /* If OPTIONAL, assume this is OK */ +@@ -316,6 +326,15 @@ static int asn1_item_ex_d2i(ASN1_VALUE * + goto err; + + case ASN1_ITYPE_CHOICE: ++ /* ++ * It never makes sense for CHOICE types to have implicit tagging, so ++ * if tag != -1, then this looks like an error in the template. ++ */ ++ if (tag != -1) { ++ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_BAD_TEMPLATE); ++ goto err; ++ } ++ + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) + goto auxerr; + if (*pval) { +--- a/crypto/asn1/asn1.h ++++ b/crypto/asn1/asn1.h +@@ -1304,6 +1304,7 @@ void ERR_load_ASN1_strings(void); + # define ASN1_R_BAD_OBJECT_HEADER 102 + # define ASN1_R_BAD_PASSWORD_READ 103 + # define ASN1_R_BAD_TAG 104 ++# define ASN1_R_BAD_TEMPLATE 230 + # define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214 + # define ASN1_R_BN_LIB 105 + # define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 +--- a/crypto/asn1/asn1_err.c ++++ b/crypto/asn1/asn1_err.c +@@ -207,6 +207,7 @@ static ERR_STRING_DATA ASN1_str_reasons[ + {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER), "bad object header"}, + {ERR_REASON(ASN1_R_BAD_PASSWORD_READ), "bad password read"}, + {ERR_REASON(ASN1_R_BAD_TAG), "bad tag"}, ++ {ERR_REASON(ASN1_R_BAD_TEMPLATE), "bad template"}, + {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH), + "bmpstring is wrong length"}, + {ERR_REASON(ASN1_R_BN_LIB), "bn lib"}, diff --git a/trunk/Complain-if-we-are-attempting-to-encode-with-an-invalid-A.patch b/trunk/Complain-if-we-are-attempting-to-encode-with-an-invalid-A.patch new file mode 100644 index 0000000..a63e500 --- /dev/null +++ b/trunk/Complain-if-we-are-attempting-to-encode-with-an-invalid-A.patch @@ -0,0 +1,65 @@ +From: Matt Caswell +Date: Thu, 12 Nov 2020 14:55:31 +0000 +Subject: Complain if we are attempting to encode with an invalid ASN.1 + template + +It never makes sense for multi-string or CHOICE types to have implicit +tagging. If we have a template that uses the in this way then we +should immediately fail. + +Thanks to David Benjamin from Google for reporting this issue. +--- + crypto/asn1/asn1_err.c | 3 ++- + crypto/asn1/tasn_enc.c | 16 ++++++++++++++++ + crypto/err/openssl.txt | 1 + + include/openssl/asn1err.h | 7 +++---- + 4 files changed, 22 insertions(+), 5 deletions(-) + +--- a/crypto/asn1/asn1_err.c ++++ b/crypto/asn1/asn1_err.c +@@ -103,6 +103,7 @@ static ERR_STRING_DATA ASN1_str_functs[] + {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"}, ++ {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_I2D), "ASN1_item_ex_i2d"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"}, +--- a/crypto/asn1/tasn_enc.c ++++ b/crypto/asn1/tasn_enc.c +@@ -151,9 +151,25 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, + break; + + case ASN1_ITYPE_MSTRING: ++ /* ++ * It never makes sense for multi-strings to have implicit tagging, so ++ * if tag != -1, then this looks like an error in the template. ++ */ ++ if (tag != -1) { ++ ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); ++ return -1; ++ } + return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); + + case ASN1_ITYPE_CHOICE: ++ /* ++ * It never makes sense for CHOICE types to have implicit tagging, so ++ * if tag != -1, then this looks like an error in the template. ++ */ ++ if (tag != -1) { ++ ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); ++ return -1; ++ } + if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) + return 0; + i = asn1_get_choice_selector(pval, it); +--- a/crypto/asn1/asn1.h ++++ b/crypto/asn1/asn1.h +@@ -1203,6 +1203,7 @@ void ERR_load_ASN1_strings(void); + # define ASN1_F_ASN1_ITEM_DUP 191 + # define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121 + # define ASN1_F_ASN1_ITEM_EX_D2I 120 ++# define ASN1_F_ASN1_ITEM_EX_I2D 144 + # define ASN1_F_ASN1_ITEM_I2D_BIO 192 + # define ASN1_F_ASN1_ITEM_I2D_FP 193 + # define ASN1_F_ASN1_ITEM_PACK 198 diff --git a/trunk/Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch b/trunk/Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch new file mode 100644 index 0000000..f66cc5c --- /dev/null +++ b/trunk/Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch @@ -0,0 +1,95 @@ +From: Matt Caswell +Date: Wed, 11 Nov 2020 16:12:58 +0000 +Subject: Correctly compare EdiPartyName in GENERAL_NAME_cmp() + +If a GENERAL_NAME field contained EdiPartyName data then it was +incorrectly being handled as type "other". This could lead to a +segmentation fault. + +Many thanks to David Benjamin from Google for reporting this issue. + +CVE-2020-1971 +--- + crypto/x509v3/v3_genn.c | 45 ++++++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 42 insertions(+), 3 deletions(-) + +diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c +index b483f35a9e50..6f0a347cced7 100644 +--- a/crypto/x509v3/v3_genn.c ++++ b/crypto/x509v3/v3_genn.c +@@ -58,6 +58,37 @@ GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a) + (char *)a); + } + ++static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b) ++{ ++ int res; ++ ++ if (a == NULL || b == NULL) { ++ /* ++ * Shouldn't be possible in a valid GENERAL_NAME, but we handle it ++ * anyway. OTHERNAME_cmp treats NULL != NULL so we do the same here ++ */ ++ return -1; ++ } ++ if (a->nameAssigner == NULL && b->nameAssigner != NULL) ++ return -1; ++ if (a->nameAssigner != NULL && b->nameAssigner == NULL) ++ return 1; ++ /* If we get here then both have nameAssigner set, or both unset */ ++ if (a->nameAssigner != NULL) { ++ res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner); ++ if (res != 0) ++ return res; ++ } ++ /* ++ * partyName is required, so these should never be NULL. We treat it in ++ * the same way as the a == NULL || b == NULL case above ++ */ ++ if (a->partyName == NULL || b->partyName == NULL) ++ return -1; ++ ++ return ASN1_STRING_cmp(a->partyName, b->partyName); ++} ++ + /* Returns 0 if they are equal, != 0 otherwise. */ + int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) + { +@@ -67,8 +98,11 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) + return -1; + switch (a->type) { + case GEN_X400: ++ result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address); ++ break; ++ + case GEN_EDIPARTY: +- result = ASN1_TYPE_cmp(a->d.other, b->d.other); ++ result = edipartyname_cmp(a->d.ediPartyName, b->d.ediPartyName); + break; + + case GEN_OTHERNAME: +@@ -115,8 +149,11 @@ void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) + { + switch (type) { + case GEN_X400: ++ a->d.x400Address = value; ++ break; ++ + case GEN_EDIPARTY: +- a->d.other = value; ++ a->d.ediPartyName = value; + break; + + case GEN_OTHERNAME: +@@ -150,8 +187,10 @@ void *GENERAL_NAME_get0_value(const GENERAL_NAME *a, int *ptype) + *ptype = a->type; + switch (a->type) { + case GEN_X400: ++ return a->d.x400Address; ++ + case GEN_EDIPARTY: +- return a->d.other; ++ return a->d.ediPartyName; + + case GEN_OTHERNAME: + return a->d.otherName; diff --git a/trunk/DirectoryString-is-a-CHOICE-type-and-therefore-uses-expli.patch b/trunk/DirectoryString-is-a-CHOICE-type-and-therefore-uses-expli.patch new file mode 100644 index 0000000..1bbdb54 --- /dev/null +++ b/trunk/DirectoryString-is-a-CHOICE-type-and-therefore-uses-expli.patch @@ -0,0 +1,34 @@ +From: Matt Caswell +Date: Wed, 11 Nov 2020 15:19:34 +0000 +Subject: DirectoryString is a CHOICE type and therefore uses explicit tagging + +EDIPartyName has 2 fields that use a DirectoryString. However they were +marked as implicit tagging - which is not correct for a CHOICE type. + +Additionally the partyName field was marked as Optional when, according to +RFC5280 it is not. + +Many thanks to github user @filipnavara for reporting this issue. Also to +David Benjamin from Google who independently identified and reported it. + +Fixes #6859 +--- + crypto/x509v3/v3_genn.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c +index 23e3bc45653c..b483f35a9e50 100644 +--- a/crypto/x509v3/v3_genn.c ++++ b/crypto/x509v3/v3_genn.c +@@ -22,8 +22,9 @@ ASN1_SEQUENCE(OTHERNAME) = { + IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME) + + ASN1_SEQUENCE(EDIPARTYNAME) = { +- ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), +- ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) ++ /* DirectoryString is a CHOICE type so use explicit tagging */ ++ ASN1_EXP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), ++ ASN1_EXP(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) + } ASN1_SEQUENCE_END(EDIPARTYNAME) + + IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME) diff --git a/trunk/Mark-3DES-and-RC4-ciphers-as-weak.patch b/trunk/Mark-3DES-and-RC4-ciphers-as-weak.patch new file mode 100644 index 0000000..0155fa3 --- /dev/null +++ b/trunk/Mark-3DES-and-RC4-ciphers-as-weak.patch @@ -0,0 +1,425 @@ +From: Sebastian Andrzej Siewior +Date: Sun, 18 Dec 2016 15:37:52 +0100 +Subject: [PATCH] Mark 3DES and RC4 ciphers as weak + +This disables RC4 and 3DES in our build + +Signed-off-by: Sebastian Andrzej Siewior +--- + ssl/s3_lib.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 58 insertions(+), 1 deletion(-) + +diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c +index 10c6db683b6e..4b4032ba397a 100644 +--- a/ssl/s3_lib.c ++++ b/ssl/s3_lib.c +@@ -216,6 +216,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + #endif + + /* Cipher 04 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_RSA_RC4_128_MD5, +@@ -230,8 +231,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif + + /* Cipher 05 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_RSA_RC4_128_SHA, +@@ -246,7 +249,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, +- ++#endif + /* Cipher 06 */ + #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { +@@ -320,6 +323,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + #endif + + /* Cipher 0A */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_RSA_DES_192_CBC3_SHA, +@@ -334,6 +338,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* The DH ciphers */ + /* Cipher 0B */ +@@ -373,6 +378,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + #endif + + /* Cipher 0D */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, +@@ -387,6 +393,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher 0E */ + #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS +@@ -425,6 +432,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + #endif + + /* Cipher 10 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, +@@ -439,6 +447,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* The Ephemeral DH ciphers */ + /* Cipher 11 */ +@@ -478,6 +487,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + #endif + + /* Cipher 13 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, +@@ -492,6 +502,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher 14 */ + #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS +@@ -530,6 +541,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + #endif + + /* Cipher 16 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, +@@ -544,6 +556,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher 17 */ + #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS +@@ -564,6 +577,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + #endif + + /* Cipher 18 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_ADH_RC4_128_MD5, +@@ -578,6 +592,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif + + /* Cipher 19 */ + #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS +@@ -616,6 +631,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + #endif + + /* Cipher 1B */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_ADH_DES_192_CBC_SHA, +@@ -630,6 +646,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Fortezza ciphersuite from SSL 3.0 spec */ + #if 0 +@@ -703,6 +720,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + # endif + + /* Cipher 1F */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_KRB5_DES_192_CBC3_SHA, +@@ -717,8 +735,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher 20 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_KRB5_RC4_128_SHA, +@@ -733,6 +753,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif + + /* Cipher 21 */ + { +@@ -769,6 +790,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + # endif + + /* Cipher 23 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_KRB5_DES_192_CBC3_MD5, +@@ -783,8 +805,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher 24 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_KRB5_RC4_128_MD5, +@@ -799,6 +823,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif + + /* Cipher 25 */ + { +@@ -1418,6 +1443,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + # endif + + /* Cipher 66 */ ++# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, +@@ -1432,6 +1458,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif + #endif + + /* TLS v1.2 ciphersuites */ +@@ -1703,6 +1730,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + + #ifndef OPENSSL_NO_PSK + /* Cipher 8A */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_PSK_WITH_RC4_128_SHA, +@@ -1717,8 +1745,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif + + /* Cipher 8B */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, +@@ -1733,6 +1763,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher 8C */ + { +@@ -2095,6 +2126,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + }, + + /* Cipher C002 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA, +@@ -2109,8 +2141,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif + + /* Cipher C003 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, +@@ -2125,6 +2159,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher C004 */ + { +@@ -2175,6 +2210,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + }, + + /* Cipher C007 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, +@@ -2189,8 +2225,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif + + /* Cipher C008 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, +@@ -2205,6 +2243,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher C009 */ + { +@@ -2255,6 +2294,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + }, + + /* Cipher C00C */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA, +@@ -2269,8 +2309,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif + + /* Cipher C00D */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA, +@@ -2285,6 +2327,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher C00E */ + { +@@ -2335,6 +2378,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + }, + + /* Cipher C011 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, +@@ -2349,8 +2393,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif + + /* Cipher C012 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, +@@ -2365,6 +2411,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher C013 */ + { +@@ -2415,6 +2462,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + }, + + /* Cipher C016 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, +@@ -2429,8 +2477,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif + + /* Cipher C017 */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, +@@ -2445,6 +2495,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher C018 */ + { +@@ -2481,6 +2532,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + + #ifndef OPENSSL_NO_SRP + /* Cipher C01A */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, +@@ -2495,8 +2547,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher C01B */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, +@@ -2511,8 +2565,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher C01C */ ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, +@@ -2527,6 +2583,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { + 112, + 168, + }, ++#endif + + /* Cipher C01D */ + { diff --git a/trunk/PKGBUILD b/trunk/PKGBUILD index 39ac1cd..99fa76e 100644 --- a/trunk/PKGBUILD +++ b/trunk/PKGBUILD @@ -17,12 +17,30 @@ source=("https://www.openssl.org/source/openssl-${_ver}.tar.gz" "https://www.openssl.org/source/openssl-${_ver}.tar.gz.asc" 'no-rpath.patch' 'ssl3-test-failure.patch' - 'openssl-1.0-versioned-symbols.patch') + 'openssl-1.0-versioned-symbols.patch' + 'Mark-3DES-and-RC4-ciphers-as-weak.patch' + 'CVE-2020-1968.patch' + 'DirectoryString-is-a-CHOICE-type-and-therefore-uses-expli.patch' + 'Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch' + 'Check-that-multi-strings-CHOICE-types-don-t-use-implicit-.patch' + 'Complain-if-we-are-attempting-to-encode-with-an-invalid-A.patch' + 'Add-a-test-for-GENERAL_NAME_cmp.patch' + 'CVE-2021-23840.patch' + 'CVE-2021-23841.patch') sha256sums=('ecd0c6ffb493dd06707d38b14bb4d8c2288bb7033735606569d8f90f89669d16' 'SKIP' '754d6107a306311e15a1db6a1cc031b81691c8b9865e8809ac60ca6f184c957c' 'c54ae87c602eaa1530a336ab7c6e22e12898e1941012349c153e52553df64a13' - '353a84e4c92e36c379ebd9216b8f8fb9c271396583561eb84ac8c825979acaa6') + '353a84e4c92e36c379ebd9216b8f8fb9c271396583561eb84ac8c825979acaa6' + '4a5601caa88e4359701271d0743fd83cc7ff61d9888585109bd75b9100c78230' + '7d77eed0b9a793f7168e5a94eb49c4aeff03d927789a1d6a98301c52bf7eeffb' + 'f5a846bf1f1ccc2a52bf30c10a1fa5f383f9c882dcaf0f7c485a2ad6478ce5b7' + '9f86101621ed86f290ba8ab14f953c92e648dcc547ec4bfc7f4460936451d579' + '40c79c76b49aaa0b7d1e361d800f9124ae60582793b673d4ad6f2ab1e7f5d2ad' + 'b37c8d012f86ddc726abbc78599f0ca2e1ee6cc45f62bca416c741c9e5e4ce37' + 'c294d366f13b785fb79b0ee7aa9736c24a61e75c0c8402a066c878735e045df2' + '82aa0ec2dad94fb92c2ad68d986cde2a87df48ec3fdb3abd87a50b63cb7aa506' + 'c195f942f44fa74412d9a71107d1f6a7bcec6a0b874b68ed56be8ed50857124c') validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491' '7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C') @@ -37,6 +55,23 @@ prepare() { # add symbol versioning to prevent conflicts with openssl 1.1 symbols (Debian) patch -p1 -i "$srcdir"/openssl-1.0-versioned-symbols.patch + + #CVE-2020-1968 + patch -p1 -i "$srcdir"/Mark-3DES-and-RC4-ciphers-as-weak.patch + patch -p1 -i "$srcdir"/CVE-2020-1968.patch + + #CVE-2020-1971 + patch -p1 -i "$srcdir"/DirectoryString-is-a-CHOICE-type-and-therefore-uses-expli.patch + patch -p1 -i "$srcdir"/Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch + patch -p1 -i "$srcdir"/Check-that-multi-strings-CHOICE-types-don-t-use-implicit-.patch + patch -p1 -i "$srcdir"/Complain-if-we-are-attempting-to-encode-with-an-invalid-A.patch + patch -p1 -i "$srcdir"/Add-a-test-for-GENERAL_NAME_cmp.patch + + #CVE-2021-23840 + patch -p1 -i "$srcdir"/CVE-2021-23840.patch + + #CVE-2021-23841 + patch -p1 -i "$srcdir"/CVE-2021-23841.patch } build() {