openssl: Apply latest set of security fixes for OpenSSL
Apply patches from the openssl-1.0.1e-51.el7_2.4.src.rpm package downloaded from the Oracle server. * Wed Feb 24 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.4 - fix CVE-2016-0702 - side channel attack on modular exponentiation - fix CVE-2016-0705 - double-free in DSA private key parsing - fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn * Tue Feb 16 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.3 - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generic TLS method
This commit is contained in:
parent
ceac7bd7b9
commit
ab705eff27
|
@ -0,0 +1,42 @@
|
|||
diff -up openssl-1.0.1e/ssl/s2_srvr.c.ssl2-ciphers openssl-1.0.1e/ssl/s2_srvr.c
|
||||
--- openssl-1.0.1e/ssl/s2_srvr.c.ssl2-ciphers 2016-01-14 17:38:50.000000000 +0100
|
||||
+++ openssl-1.0.1e/ssl/s2_srvr.c 2016-02-16 16:18:59.790225008 +0100
|
||||
@@ -392,7 +392,7 @@ static int get_client_master_key(SSL *s)
|
||||
}
|
||||
|
||||
cp=ssl2_get_cipher_by_char(p);
|
||||
- if (cp == NULL)
|
||||
+ if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0)
|
||||
{
|
||||
ssl2_return_error(s,SSL2_PE_NO_CIPHER);
|
||||
SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
|
||||
@@ -692,9 +692,13 @@ static int get_client_hello(SSL *s)
|
||||
prio = cs;
|
||||
allow = cl;
|
||||
}
|
||||
+
|
||||
+ /* Generate list of SSLv2 ciphers shared between client and server */
|
||||
for (z=0; z<sk_SSL_CIPHER_num(prio); z++)
|
||||
{
|
||||
- if (sk_SSL_CIPHER_find(allow,sk_SSL_CIPHER_value(prio,z)) < 0)
|
||||
+ const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z);
|
||||
+ if ((cp->algorithm_ssl & SSL_SSLV2) == 0 ||
|
||||
+ sk_SSL_CIPHER_find(allow,cp) < 0)
|
||||
{
|
||||
(void)sk_SSL_CIPHER_delete(prio,z);
|
||||
z--;
|
||||
@@ -705,6 +709,14 @@ static int get_client_hello(SSL *s)
|
||||
sk_SSL_CIPHER_free(s->session->ciphers);
|
||||
s->session->ciphers = prio;
|
||||
}
|
||||
+
|
||||
+ /* Make sure we have at least one cipher in common */
|
||||
+ if (sk_SSL_CIPHER_num(s->session->ciphers) == 0)
|
||||
+ {
|
||||
+ ssl2_return_error(s, SSL2_PE_NO_CIPHER);
|
||||
+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH);
|
||||
+ return -1;
|
||||
+ }
|
||||
/* s->session->ciphers should now have a list of
|
||||
* ciphers that are on both the client and server.
|
||||
* This list is ordered by the order the client sent
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,45 @@
|
|||
diff -up openssl-1.0.1e/crypto/dsa/dsa_ameth.c.dsa-doublefree openssl-1.0.1e/crypto/dsa/dsa_ameth.c
|
||||
--- openssl-1.0.1e/crypto/dsa/dsa_ameth.c.dsa-doublefree 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/dsa/dsa_ameth.c 2016-02-24 14:38:46.075165304 +0100
|
||||
@@ -201,6 +201,8 @@ static int dsa_priv_decode(EVP_PKEY *pke
|
||||
STACK_OF(ASN1_TYPE) *ndsa = NULL;
|
||||
DSA *dsa = NULL;
|
||||
|
||||
+ int ret = 0;
|
||||
+
|
||||
if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
|
||||
return 0;
|
||||
X509_ALGOR_get0(NULL, &ptype, &pval, palg);
|
||||
@@ -281,23 +283,21 @@ static int dsa_priv_decode(EVP_PKEY *pke
|
||||
}
|
||||
|
||||
EVP_PKEY_assign_DSA(pkey, dsa);
|
||||
- BN_CTX_free (ctx);
|
||||
- if(ndsa)
|
||||
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
|
||||
- else
|
||||
- ASN1_INTEGER_free(privkey);
|
||||
|
||||
- return 1;
|
||||
+ ret = 1;
|
||||
+ goto done;
|
||||
|
||||
decerr:
|
||||
DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
|
||||
dsaerr:
|
||||
- BN_CTX_free (ctx);
|
||||
- if (privkey)
|
||||
- ASN1_INTEGER_free(privkey);
|
||||
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
|
||||
DSA_free(dsa);
|
||||
- return 0;
|
||||
+ done:
|
||||
+ BN_CTX_free (ctx);
|
||||
+ if (ndsa)
|
||||
+ sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
|
||||
+ else
|
||||
+ ASN1_INTEGER_free(privkey);
|
||||
+ return ret;
|
||||
}
|
||||
|
||||
static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
|
|
@ -0,0 +1,74 @@
|
|||
diff -up openssl-1.0.1e/crypto/bn/bn.h.bn-hex openssl-1.0.1e/crypto/bn/bn.h
|
||||
--- openssl-1.0.1e/crypto/bn/bn.h.bn-hex 2016-02-24 14:23:33.020233047 +0100
|
||||
+++ openssl-1.0.1e/crypto/bn/bn.h 2016-02-24 14:23:06.078615397 +0100
|
||||
@@ -129,6 +129,7 @@
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
#include <stdio.h> /* FILE */
|
||||
#endif
|
||||
+#include <limits.h>
|
||||
#include <openssl/ossl_typ.h>
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
@@ -640,7 +641,8 @@ const BIGNUM *BN_get0_nist_prime_521(voi
|
||||
|
||||
/* library internal functions */
|
||||
|
||||
-#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
|
||||
+#define bn_expand(a,bits) (bits > (INT_MAX - BN_BITS2 + 1)?\
|
||||
+ NULL:(((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
|
||||
(a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
|
||||
#define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
|
||||
BIGNUM *bn_expand2(BIGNUM *a, int words);
|
||||
diff -up openssl-1.0.1e/crypto/bn/bn_print.c.bn-hex openssl-1.0.1e/crypto/bn/bn_print.c
|
||||
--- openssl-1.0.1e/crypto/bn/bn_print.c.bn-hex 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/bn/bn_print.c 2016-02-24 14:15:21.215948376 +0100
|
||||
@@ -58,6 +58,7 @@
|
||||
|
||||
#include <stdio.h>
|
||||
#include <ctype.h>
|
||||
+#include <limits.h>
|
||||
#include "cryptlib.h"
|
||||
#include <openssl/buffer.h>
|
||||
#include "bn_lcl.h"
|
||||
@@ -180,8 +181,10 @@ int BN_hex2bn(BIGNUM **bn, const char *a
|
||||
|
||||
if (*a == '-') { neg=1; a++; }
|
||||
|
||||
- for (i=0; isxdigit((unsigned char) a[i]); i++)
|
||||
+ for (i=0; i <= (INT_MAX/4) && isxdigit((unsigned char) a[i]); i++)
|
||||
;
|
||||
+ if (i > INT_MAX/4)
|
||||
+ goto err;
|
||||
|
||||
num=i+neg;
|
||||
if (bn == NULL) return(num);
|
||||
@@ -197,7 +200,7 @@ int BN_hex2bn(BIGNUM **bn, const char *a
|
||||
BN_zero(ret);
|
||||
}
|
||||
|
||||
- /* i is the number of hex digests; */
|
||||
+ /* i is the number of hex digits */
|
||||
if (bn_expand(ret,i*4) == NULL) goto err;
|
||||
|
||||
j=i; /* least significant 'hex' */
|
||||
@@ -246,8 +249,10 @@ int BN_dec2bn(BIGNUM **bn, const char *a
|
||||
if ((a == NULL) || (*a == '\0')) return(0);
|
||||
if (*a == '-') { neg=1; a++; }
|
||||
|
||||
- for (i=0; isdigit((unsigned char) a[i]); i++)
|
||||
+ for (i=0; i <= (INT_MAX/4) && isdigit((unsigned char) a[i]); i++)
|
||||
;
|
||||
+ if (i > INT_MAX/4)
|
||||
+ goto err;
|
||||
|
||||
num=i+neg;
|
||||
if (bn == NULL) return(num);
|
||||
@@ -264,7 +269,7 @@ int BN_dec2bn(BIGNUM **bn, const char *a
|
||||
BN_zero(ret);
|
||||
}
|
||||
|
||||
- /* i is the number of digests, a bit of an over expand; */
|
||||
+ /* i is the number of digits, a bit of an over expand */
|
||||
if (bn_expand(ret,i*4) == NULL) goto err;
|
||||
|
||||
j=BN_DEC_NUM-(i%BN_DEC_NUM);
|
|
@ -0,0 +1,83 @@
|
|||
diff -up openssl-1.0.1e/ssl/ssl_lib.c.disable-sslv2 openssl-1.0.1e/ssl/ssl_lib.c
|
||||
--- openssl-1.0.1e/ssl/ssl_lib.c.disable-sslv2 2016-01-14 17:38:50.018210499 +0100
|
||||
+++ openssl-1.0.1e/ssl/ssl_lib.c 2016-02-16 16:00:57.151508715 +0100
|
||||
@@ -1903,6 +1903,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
|
||||
*/
|
||||
ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
|
||||
|
||||
+ /* Disable SSLv2 by default (affects the SSLv23_method() only) */
|
||||
+ ret->options |= SSL_OP_NO_SSLv2;
|
||||
+
|
||||
return(ret);
|
||||
err:
|
||||
SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
|
||||
diff -up openssl-1.0.1e/doc/apps/ciphers.pod.disable-sslv2 openssl-1.0.1e/doc/apps/ciphers.pod
|
||||
--- openssl-1.0.1e/doc/apps/ciphers.pod.disable-sslv2 2016-01-14 17:38:50.000000000 +0100
|
||||
+++ openssl-1.0.1e/doc/apps/ciphers.pod 2016-02-24 11:17:36.297955053 +0100
|
||||
@@ -572,11 +572,11 @@ Note: these ciphers can also be used in
|
||||
=head2 Deprecated SSL v2.0 cipher suites.
|
||||
|
||||
SSL_CK_RC4_128_WITH_MD5 RC4-MD5
|
||||
- SSL_CK_RC4_128_EXPORT40_WITH_MD5 EXP-RC4-MD5
|
||||
- SSL_CK_RC2_128_CBC_WITH_MD5 RC2-MD5
|
||||
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 EXP-RC2-MD5
|
||||
+ SSL_CK_RC4_128_EXPORT40_WITH_MD5 Not implemented.
|
||||
+ SSL_CK_RC2_128_CBC_WITH_MD5 RC2-CBC-MD5
|
||||
+ SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 Not implemented.
|
||||
SSL_CK_IDEA_128_CBC_WITH_MD5 IDEA-CBC-MD5
|
||||
- SSL_CK_DES_64_CBC_WITH_MD5 DES-CBC-MD5
|
||||
+ SSL_CK_DES_64_CBC_WITH_MD5 Not implemented.
|
||||
SSL_CK_DES_192_EDE3_CBC_WITH_MD5 DES-CBC3-MD5
|
||||
|
||||
=head1 NOTES
|
||||
diff -up openssl-1.0.1e/ssl/s2_lib.c.disable-sslv2 openssl-1.0.1e/ssl/s2_lib.c
|
||||
--- openssl-1.0.1e/ssl/s2_lib.c.disable-sslv2 2016-02-24 11:23:24.012237164 +0100
|
||||
+++ openssl-1.0.1e/ssl/s2_lib.c 2016-02-24 11:19:34.623773423 +0100
|
||||
@@ -156,6 +156,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
|
||||
128,
|
||||
},
|
||||
|
||||
+#if 0
|
||||
/* RC4_128_EXPORT40_WITH_MD5 */
|
||||
{
|
||||
1,
|
||||
@@ -171,6 +172,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
|
||||
40,
|
||||
128,
|
||||
},
|
||||
+#endif
|
||||
|
||||
/* RC2_128_CBC_WITH_MD5 */
|
||||
{
|
||||
@@ -188,6 +190,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
|
||||
128,
|
||||
},
|
||||
|
||||
+#if 0
|
||||
/* RC2_128_CBC_EXPORT40_WITH_MD5 */
|
||||
{
|
||||
1,
|
||||
@@ -203,6 +206,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
|
||||
40,
|
||||
128,
|
||||
},
|
||||
+#endif
|
||||
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
/* IDEA_128_CBC_WITH_MD5 */
|
||||
@@ -222,6 +226,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
|
||||
},
|
||||
#endif
|
||||
|
||||
+#if 0
|
||||
/* DES_64_CBC_WITH_MD5 */
|
||||
{
|
||||
1,
|
||||
@@ -237,6 +242,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
|
||||
56,
|
||||
56,
|
||||
},
|
||||
+#endif
|
||||
|
||||
/* DES_192_EDE3_CBC_WITH_MD5 */
|
||||
{
|
|
@ -80,6 +80,11 @@ SRC_URI += "file://configure-targets.patch \
|
|||
file://rhel/openssl-1.0.1e-cve-2015-3195.patch \
|
||||
file://rhel/openssl-1.0.1e-cve-2015-3196.patch \
|
||||
file://rhel/openssl-1.0.1e-cve-2015-7575.patch \
|
||||
file://rhel/openssl-1.0.1e-cve-2015-3197.patch \
|
||||
file://rhel/openssl-1.0.1e-disable-sslv2.patch \
|
||||
file://rhel/openssl-1.0.1e-cve-2016-0702.patch \
|
||||
file://rhel/openssl-1.0.1e-cve-2016-0705.patch \
|
||||
file://rhel/openssl-1.0.1e-cve-2016-0797.patch \
|
||||
"
|
||||
# file://rhel/openssl-1.0.1e-evp-wrap.patch -- looks like a feature
|
||||
# file://rhel/openssl-1.0.1e-backports.patch -- doesn't apply cleanly
|
||||
|
|
Loading…
Reference in New Issue