Commit 2e22f5e2 authored by Jung-uk Kim's avatar Jung-uk Kim
Browse files

Import OpenSSL 1.0.1h.

Approved by:	so (delphij)
parent 06369e39
......@@ -10,13 +10,18 @@ OpenSSL project.
We would like to identify and thank the following such sponsors for their past
or current significant support of the OpenSSL project:
Major support:
Qualys http://www.qualys.com/
Very significant support:
OpenGear: www.opengear.com
OpenGear: http://www.opengear.com/
Significant support:
PSW Group: www.psw.net
PSW Group: http://www.psw.net/
Acano Ltd. http://acano.com/
Please note that we ask permission to identify sponsors and that some sponsors
we consider eligible for inclusion here have requested to remain anonymous.
......
......@@ -2,6 +2,50 @@
OpenSSL CHANGES
_______________
Changes between 1.0.1g and 1.0.1h [5 Jun 2014]
*) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
handshake can force the use of weak keying material in OpenSSL
SSL/TLS clients and servers.
Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and
researching this issue. (CVE-2014-0224)
[KIKUCHI Masashi, Steve Henson]
*) Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an
OpenSSL DTLS client the code can be made to recurse eventually crashing
in a DoS attack.
Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.
(CVE-2014-0221)
[Imre Rad, Steve Henson]
*) Fix DTLS invalid fragment vulnerability. A buffer overrun attack can
be triggered by sending invalid DTLS fragments to an OpenSSL DTLS
client or server. This is potentially exploitable to run arbitrary
code on a vulnerable client or server.
Thanks to Jüri Aedla for reporting this issue. (CVE-2014-0195)
[Jüri Aedla, Steve Henson]
*) Fix bug in TLS code where clients enable anonymous ECDH ciphersuites
are subject to a denial of service attack.
Thanks to Felix Gröbert and Ivan Fratric at Google for discovering
this issue. (CVE-2014-3470)
[Felix Gröbert, Ivan Fratric, Steve Henson]
*) Harmonize version and its documentation. -f flag is used to display
compilation flags.
[mancha <mancha1@zoho.com>]
*) Fix eckey_priv_encode so it immediately returns an error upon a failure
in i2d_ECPrivateKey.
[mancha <mancha1@zoho.com>]
*) Fix some double frees. These are not thought to be exploitable.
[mancha <mancha1@zoho.com>]
Changes between 1.0.1f and 1.0.1g [7 Apr 2014]
*) A missing bounds check in the handling of the TLS heartbeat extension
......
......@@ -11,8 +11,8 @@ First, read http://wiki.freebsd.org/SubversionPrimer/VendorImports
# Xlist
setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist
setenv FSVN "svn+ssh://svn.freebsd.org/base"
setenv OSSLVER 1.0.1g
# OSSLTAG format: v1_0_1g
setenv OSSLVER 1.0.1h
# OSSLTAG format: v1_0_1h
###setenv OSSLTAG v`echo ${OSSLVER} | tr . _`
......
......@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
VERSION=1.0.1g
VERSION=1.0.1h
MAJOR=1
MINOR=0.1
SHLIB_VERSION_NUMBER=1.0.0
......
......@@ -5,6 +5,14 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
o Fix for CVE-2014-0224
o Fix for CVE-2014-0221
o Fix for CVE-2014-0195
o Fix for CVE-2014-3470
o Fix for CVE-2010-5298
Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]
o Fix for CVE-2014-0160
......
OpenSSL 1.0.1g 7 Apr 2014
OpenSSL 1.0.1h 5 Jun 2014
Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
......
......@@ -331,6 +331,12 @@ int MAIN(int argc, char **argv)
setup_engine(bio_err, engine, 0);
#endif
if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
{
BIO_printf(bio_err, "AEAD ciphers not supported by the enc utility\n");
goto end;
}
if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
{
BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
......
......@@ -127,6 +127,7 @@ int MAIN(int argc, char **argv)
ENGINE *e = NULL;
char **args;
char *host = NULL, *port = NULL, *path = "/";
char *thost = NULL, *tport = NULL, *tpath = NULL;
char *reqin = NULL, *respin = NULL;
char *reqout = NULL, *respout = NULL;
char *signfile = NULL, *keyfile = NULL;
......@@ -204,6 +205,12 @@ int MAIN(int argc, char **argv)
}
else if (!strcmp(*args, "-url"))
{
if (thost)
OPENSSL_free(thost);
if (tport)
OPENSSL_free(tport);
if (tpath)
OPENSSL_free(tpath);
if (args[1])
{
args++;
......@@ -212,6 +219,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "Error parsing URL\n");
badarg = 1;
}
thost = host;
tport = port;
tpath = path;
}
else badarg = 1;
}
......@@ -920,12 +930,12 @@ int MAIN(int argc, char **argv)
sk_X509_pop_free(verify_other, X509_free);
sk_CONF_VALUE_pop_free(headers, X509V3_conf_free);
if (use_ssl != -1)
{
OPENSSL_free(host);
OPENSSL_free(port);
OPENSSL_free(path);
}
if (thost)
OPENSSL_free(thost);
if (tport)
OPENSSL_free(tport);
if (tpath)
OPENSSL_free(tpath);
OPENSSL_EXIT(ret);
}
......
......@@ -1489,7 +1489,13 @@ static int add_DN_object(X509_NAME *n, char *text, const char *def, char *value,
#ifdef CHARSET_EBCDIC
ebcdic2ascii(buf, buf, i);
#endif
if(!req_check_len(i, n_min, n_max)) goto start;
if(!req_check_len(i, n_min, n_max))
{
if (batch || value)
return 0;
goto start;
}
if (!X509_NAME_add_entry_by_NID(n,nid, chtype,
(unsigned char *) buf, -1,-1,mval)) goto err;
ret=1;
......@@ -1548,7 +1554,12 @@ static int add_attribute_object(X509_REQ *req, char *text, const char *def,
#ifdef CHARSET_EBCDIC
ebcdic2ascii(buf, buf, i);
#endif
if(!req_check_len(i, n_min, n_max)) goto start;
if(!req_check_len(i, n_min, n_max))
{
if (batch || value)
return 0;
goto start;
}
if(!X509_REQ_add1_attr_by_NID(req, nid, chtype,
(unsigned char *)buf, -1)) {
......
......@@ -747,6 +747,10 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
break;
#endif
case TLSEXT_TYPE_padding:
extname = "TLS padding";
break;
default:
extname = "unknown";
break;
......
......@@ -274,7 +274,7 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
{
i=0;
i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
if (i < 0) { perror("keepalive"); return(0); }
if (i < 0) { closesocket(s); perror("keepalive"); return(0); }
}
#endif
......@@ -450,6 +450,7 @@ static int do_accept(int acc_sock, int *sock, char **host)
if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
{
perror("OPENSSL_malloc");
closesocket(ret);
return(0);
}
BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
......@@ -458,11 +459,13 @@ static int do_accept(int acc_sock, int *sock, char **host)
if (h2 == NULL)
{
BIO_printf(bio_err,"gethostbyname failure\n");
closesocket(ret);
return(0);
}
if (h2->h_addrtype != AF_INET)
{
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
closesocket(ret);
return(0);
}
}
......
......@@ -541,8 +541,8 @@ int MAIN(int argc, char **argv)
{
if (!cipher)
{
#ifndef OPENSSL_NO_RC2
cipher = EVP_rc2_40_cbc();
#ifndef OPENSSL_NO_DES
cipher = EVP_des_ede3_cbc();
#else
BIO_printf(bio_err, "No cipher selected\n");
goto end;
......
......@@ -74,7 +74,7 @@ static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
* certain software (e.g. Netscape) has problems with them.
*/
static unsigned long global_mask = 0xFFFFFFFFL;
static unsigned long global_mask = B_ASN1_UTF8STRING;
void ASN1_STRING_set_default_mask(unsigned long mask)
{
......
......@@ -1333,7 +1333,7 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
bio_dgram_sctp_data *data = NULL;
socklen_t sockopt_len = 0;
struct sctp_authkeyid authkeyid;
struct sctp_authkey *authkey;
struct sctp_authkey *authkey = NULL;
data = (bio_dgram_sctp_data *)b->ptr;
......@@ -1388,6 +1388,11 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
/* Add new key */
sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
authkey = OPENSSL_malloc(sockopt_len);
if (authkey == NULL)
{
ret = -1;
break;
}
memset(authkey, 0x00, sockopt_len);
authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
#ifndef __FreeBSD__
......@@ -1399,6 +1404,8 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey, sockopt_len);
OPENSSL_free(authkey);
authkey = NULL;
if (ret < 0) break;
/* Reset active key */
......
......@@ -478,32 +478,38 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
const BIGNUM *mod, BN_CTX *ctx)
{
int got_write_lock = 0;
BN_MONT_CTX *ret;
CRYPTO_r_lock(lock);
if (!*pmont)
ret = *pmont;
CRYPTO_r_unlock(lock);
if (ret)
return ret;
/* We don't want to serialise globally while doing our lazy-init math in
* BN_MONT_CTX_set. That punishes threads that are doing independent
* things. Instead, punish the case where more than one thread tries to
* lazy-init the same 'pmont', by having each do the lazy-init math work
* independently and only use the one from the thread that wins the race
* (the losers throw away the work they've done). */
ret = BN_MONT_CTX_new();
if (!ret)
return NULL;
if (!BN_MONT_CTX_set(ret, mod, ctx))
{
CRYPTO_r_unlock(lock);
CRYPTO_w_lock(lock);
got_write_lock = 1;
BN_MONT_CTX_free(ret);
return NULL;
}
if (!*pmont)
{
ret = BN_MONT_CTX_new();
if (ret && !BN_MONT_CTX_set(ret, mod, ctx))
BN_MONT_CTX_free(ret);
else
*pmont = ret;
}
/* The locked compare-and-set, after the local work is done. */
CRYPTO_w_lock(lock);
if (*pmont)
{
BN_MONT_CTX_free(ret);
ret = *pmont;
}
ret = *pmont;
if (got_write_lock)
CRYPTO_w_unlock(lock);
else
CRYPTO_r_unlock(lock);
*pmont = ret;
CRYPTO_w_unlock(lock);
return ret;
}
......@@ -185,6 +185,8 @@ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
if (flags & CMS_USE_KEYID)
{
ktri->version = 2;
if (env->version < 2)
env->version = 2;
type = CMS_RECIPINFO_KEYIDENTIFIER;
}
else
......
......@@ -158,8 +158,8 @@ static void cms_sd_set_version(CMS_SignedData *sd)
if (sd->version < 3)
sd->version = 3;
}
else
sd->version = 1;
else if (si->version < 1)
si->version = 1;
}
if (sd->version < 1)
......
......@@ -611,7 +611,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
STACK_OF(CMS_RecipientInfo) *ris;
CMS_RecipientInfo *ri;
int i, r;
int debug = 0;
int debug = 0, ri_match = 0;
ris = CMS_get0_RecipientInfos(cms);
if (ris)
debug = cms->d.envelopedData->encryptedContentInfo->debug;
......@@ -620,6 +620,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
ri = sk_CMS_RecipientInfo_value(ris, i);
if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_TRANS)
continue;
ri_match = 1;
/* If we have a cert try matching RecipientInfo
* otherwise try them all.
*/
......@@ -655,7 +656,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
}
}
/* If no cert and not debugging always return success */
if (!cert && !debug)
if (ri_match && !cert && !debug)
{
ERR_clear_error();
return 1;
......
......@@ -464,7 +464,7 @@ static int dlfcn_pathbyaddr(void *addr,char *path,int sz)
return len;
}
ERR_add_error_data(4, "dlfcn_pathbyaddr(): ", dlerror());
ERR_add_error_data(2, "dlfcn_pathbyaddr(): ", dlerror());
#endif
return -1;
}
......
......@@ -352,6 +352,7 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
EC_KEY_set_enc_flags(ec_key, old_flags);
OPENSSL_free(ep);
ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
return 0;
}
/* restore old encoding flags */
EC_KEY_set_enc_flags(ec_key, old_flags);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment