Accepting request 662795 from home:vitezslav_cizek:branches:security:tls

- Update to 3.6.5 ** libgnutls: Provide the option of transparent re-handshake/reauthentication when the GNUTLS_AUTO_REAUTH flag is specified in gnutls_init() (#571). ** libgnutls: Added support for TLS 1.3 zero round-trip (0-RTT) mode (#127) ** libgnutls: The priority functions will ignore and not enable TLS1.3 if requested with legacy TLS versions enabled but not TLS1.2. That is because if such a priority string is used in the client side (e.g., TLS1.3+TLS1.0 enabled) servers which do not support TLS1.3 will negotiate TLS1.2 which will be rejected by the client as disabled (#621). ** libgnutls: Change RSA decryption to use a new side-channel silent function. This addresses a security issue where memory access patterns as well as timing on the underlying Nettle rsa-decrypt function could lead to new Bleichenbacher attacks. Side-channel resistant code is slower due to the need to mask access and timings. When used in TLS the new functions cause RSA based handshakes to be between 13% and 28% slower on average (Numbers are indicative, the tests where performed on a relatively modern Intel CPU, results vary depending on the CPU and architecture used). This change makes nettle 3.4.1 the minimum requirement of gnutls (#630). [CVSS: medium] ** libgnutls: gnutls_priority_init() and friends, allow the CTYPE-OPENPGP keyword in the priority string. It is only accepted as legacy option and is ignored. ** libgnutls: Added support for EdDSA under PKCS#11 (#417) ** libgnutls: Added support for AES-CFB8 cipher (#357) ** libgnutls: Added support for AES-CMAC MAC (#351) ** libgnutls: In two previous versions GNUTLS_CIPHER_GOST28147_CPB/CPC/CPD_CFB ciphers have incorrectly used CryptoPro-A S-BOX instead of proper (CryptoPro-B/-C/-D S-BOXes). They are fixed now. ** libgnutls: Added support for GOST key unmasking and unwrapped GOST private keys parsing, as specified in R 50.1.112-2016. ** gnutls-serv: It applies the default settings when no --priority option is given, using gnutls_set_default_priority(). OBS-URL: https://build.opensuse.org/request/show/662795 OBS-URL: https://build.opensuse.org/package/show/security:tls/gnutls?expand=0&rev=16
2019-01-04 13:39:42 +00:00 · 2019-01-04 13:39:42 +00:00 · 6e5080fb38
commit 6e5080fb38
parent 87e88269b9
8 changed files with 92 additions and 62 deletions
--- a/disable-psk-file-test.patch
+++ b/disable-psk-file-test.patch
@ -1,17 +1,17 @@
-diff --git a/tests/Makefile.in b/tests/Makefile.in
-index 07433e0..4ecd431 100644
--- a/tests/Makefile.in
-+++ b/tests/Makefile.in
-@@ -457,7 +457,7 @@ am__EXEEXT_10 = tls13/supported_versions$(EXEEXT) \
+Index: gnutls-3.6.5/tests/Makefile.in
+===================================================================
+--- gnutls-3.6.5.orig/tests/Makefile.in	2018-12-01 06:24:17.000000000 +0100
+++ gnutls-3.6.5/tests/Makefile.in	2019-01-02 16:00:09.649032368 +0100
+@@ -474,7 +474,7 @@ am__EXEEXT_11 = tls13/supported_versions
 	pkcs7-gen$(EXEEXT) dtls-etm$(EXEEXT) \
 	x509sign-verify-rsa$(EXEEXT) x509sign-verify-ecdsa$(EXEEXT) \
 	x509sign-verify-gost$(EXEEXT) mini-alignment$(EXEEXT) \
 -	oids$(EXEEXT) atfork$(EXEEXT) prf$(EXEEXT) psk-file$(EXEEXT) \
 +	oids$(EXEEXT) atfork$(EXEEXT) prf$(EXEEXT) \
- 	priority-init2$(EXEEXT) status-request$(EXEEXT) \
- 	status-request-ok$(EXEEXT) status-request-missing$(EXEEXT) \
- 	sign-verify-ext$(EXEEXT) fallback-scsv$(EXEEXT) \
-@@ -1590,8 +1590,6 @@ privkey_verify_broken_OBJECTS = privkey-verify-broken.$(OBJEXT)
+ 	priority-init2$(EXEEXT) post-client-hello-change-prio$(EXEEXT) \
+ 	status-request$(EXEEXT) status-request-ok$(EXEEXT) \
+ 	status-request-missing$(EXEEXT) sign-verify-ext$(EXEEXT) \
+@@ -1640,8 +1640,6 @@ privkey_verify_broken_OBJECTS = privkey-
 privkey_verify_broken_LDADD = $(LDADD)
 privkey_verify_broken_DEPENDENCIES = $(COMMON_GNUTLS_LDADD) \
 	libutils.la $(am__DEPENDENCIES_2)
@ -20,43 +20,43 @@ index 07433e0..4ecd431 100644
 psk_file_LDADD = $(LDADD)
 psk_file_DEPENDENCIES = $(COMMON_GNUTLS_LDADD) libutils.la \
 	$(am__DEPENDENCIES_2)
-@@ -2723,7 +2721,7 @@ am__depfiles_remade = ./$(DEPDIR)/alerts.Po \
- 	./$(DEPDIR)/priority-init2.Po ./$(DEPDIR)/priority-mix.Po \
- 	./$(DEPDIR)/priority-set.Po ./$(DEPDIR)/priority-set2.Po \
- 	./$(DEPDIR)/privkey-keygen.Po \
+@@ -2810,7 +2808,7 @@ am__depfiles_remade = ./$(DEPDIR)/alerts
+ 	./$(DEPDIR)/priorities.Po ./$(DEPDIR)/priority-init2.Po \
+ 	./$(DEPDIR)/priority-mix.Po ./$(DEPDIR)/priority-set.Po \
+ 	./$(DEPDIR)/priority-set2.Po ./$(DEPDIR)/privkey-keygen.Po \
 -	./$(DEPDIR)/privkey-verify-broken.Po ./$(DEPDIR)/psk-file.Po \
 +	./$(DEPDIR)/privkey-verify-broken.Po \
 	./$(DEPDIR)/pskself.Po ./$(DEPDIR)/pubkey-import-export.Po \
 	./$(DEPDIR)/random-art.Po ./$(DEPDIR)/record-pad.Po \
 	./$(DEPDIR)/record-retvals.Po \
-@@ -3021,7 +3019,7 @@ SOURCES = $(libpkcs11mock1_la_SOURCES) $(libutils_la_SOURCES) alerts.c \
- 	pkcs7-gen.c pkcs8-key-decode.c pkcs8-key-decode-encrypted.c \
- 	prf.c priorities.c priorities-groups.c priority-init2.c \
- 	priority-mix.c priority-set.c priority-set2.c privkey-keygen.c \
+@@ -3120,7 +3118,7 @@ SOURCES = $(libpkcs11mock1_la_SOURCES) $
+ 	post-client-hello-change-prio.c prf.c priorities.c \
+ 	priorities-groups.c priority-init2.c priority-mix.c \
+ 	priority-set.c priority-set2.c privkey-keygen.c \
 -	privkey-verify-broken.c psk-file.c pskself.c \
 +	privkey-verify-broken.c pskself.c \
 	pubkey-import-export.c random-art.c record-pad.c \
 	record-retvals.c record-sizes.c record-sizes-range.c \
 	record-timeouts.c recv-data-before-handshake.c \
-@@ -3183,7 +3181,7 @@ DIST_SOURCES = $(am__libpkcs11mock1_la_SOURCES_DIST) \
- 	pkcs7-gen.c pkcs8-key-decode.c pkcs8-key-decode-encrypted.c \
- 	prf.c priorities.c priorities-groups.c priority-init2.c \
- 	priority-mix.c priority-set.c priority-set2.c privkey-keygen.c \
+@@ -3288,7 +3286,7 @@ DIST_SOURCES = $(am__libpkcs11mock1_la_S
+ 	post-client-hello-change-prio.c prf.c priorities.c \
+ 	priorities-groups.c priority-init2.c priority-mix.c \
+ 	priority-set.c priority-set2.c privkey-keygen.c \
 -	privkey-verify-broken.c psk-file.c pskself.c \
 +	privkey-verify-broken.c pskself.c \
 	pubkey-import-export.c random-art.c record-pad.c \
 	record-retvals.c record-sizes.c record-sizes-range.c \
 	record-timeouts.c recv-data-before-handshake.c \
-@@ -4734,7 +4732,7 @@ ctests = tls13/supported_versions tls13/tls12-no-tls13-exts \
- 	x509-cert-callback-ocsp gnutls_ocsp_resp_list_import2 \
- 	server-sign-md5-rep privkey-keygen mini-tls-nonblock no-signal \
- 	pkcs7-gen dtls-etm x509sign-verify-rsa x509sign-verify-ecdsa \
-	x509sign-verify-gost mini-alignment oids atfork prf psk-file \
-+	x509sign-verify-gost mini-alignment oids atfork prf \
- 	priority-init2 status-request status-request-ok \
+@@ -4872,7 +4870,7 @@ ctests = tls13/supported_versions tls13/
+ 	gnutls_ocsp_resp_list_import2 server-sign-md5-rep \
+ 	privkey-keygen mini-tls-nonblock no-signal pkcs7-gen dtls-etm \
+ 	x509sign-verify-rsa x509sign-verify-ecdsa x509sign-verify-gost \
+-	mini-alignment oids atfork prf psk-file priority-init2 \
+	mini-alignment oids atfork prf priority-init2 \
+ 	post-client-hello-change-prio status-request status-request-ok \
 	status-request-missing sign-verify-ext fallback-scsv \
 	pkcs8-key-decode urls dtls-rehandshake-cert key-usage-rsa \
-@@ -5872,10 +5870,6 @@ privkey-verify-broken$(EXEEXT): $(privkey_verify_broken_OBJECTS) $(privkey_verif
+@@ -6049,10 +6047,6 @@ privkey-verify-broken$(EXEEXT): $(privke
 	@rm -f privkey-verify-broken$(EXEEXT)
 	$(AM_V_CCLD)$(LINK) $(privkey_verify_broken_OBJECTS) $(privkey_verify_broken_LDADD) $(LIBS)
 
@ -67,7 +67,7 @@ index 07433e0..4ecd431 100644
 pskself$(EXEEXT): $(pskself_OBJECTS) $(pskself_DEPENDENCIES) $(EXTRA_pskself_DEPENDENCIES) 
 	@rm -f pskself$(EXEEXT)
 	$(AM_V_CCLD)$(LINK) $(pskself_OBJECTS) $(pskself_LDADD) $(LIBS)
-@@ -6862,7 +6856,6 @@ distclean-compile:
+@@ -7070,7 +7064,6 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/priority-set2.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privkey-keygen.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privkey-verify-broken.Po@am__quote@ # am--include-marker
@ -75,7 +75,7 @@ index 07433e0..4ecd431 100644
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pskself.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pubkey-import-export.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/random-art.Po@am__quote@ # am--include-marker
-@@ -8913,13 +8906,6 @@ prf.log: prf$(EXEEXT)
+@@ -9192,13 +9185,6 @@ prf.log: prf$(EXEEXT)
 	--log-file $$b.log --trs-file $$b.trs \
 	$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
 	"$$tst" $(AM_TESTS_FD_REDIRECT)
@ -89,7 +89,7 @@ index 07433e0..4ecd431 100644
 priority-init2.log: priority-init2$(EXEEXT)
 	@p='priority-init2$(EXEEXT)'; \
 	b='priority-init2'; \
-@@ -10883,7 +10869,6 @@ distclean: distclean-recursive
+@@ -11214,7 +11200,6 @@ distclean: distclean-recursive
 	-rm -f ./$(DEPDIR)/priority-set2.Po
 	-rm -f ./$(DEPDIR)/privkey-keygen.Po
 	-rm -f ./$(DEPDIR)/privkey-verify-broken.Po
@ -97,7 +97,7 @@ index 07433e0..4ecd431 100644
 	-rm -f ./$(DEPDIR)/pskself.Po
 	-rm -f ./$(DEPDIR)/pubkey-import-export.Po
 	-rm -f ./$(DEPDIR)/random-art.Po
-@@ -11318,7 +11303,6 @@ maintainer-clean: maintainer-clean-recursive
+@@ -11660,7 +11645,6 @@ maintainer-clean: maintainer-clean-recur
 	-rm -f ./$(DEPDIR)/priority-set2.Po
 	-rm -f ./$(DEPDIR)/privkey-keygen.Po
 	-rm -f ./$(DEPDIR)/privkey-verify-broken.Po
@ -105,15 +105,3 @@ index 07433e0..4ecd431 100644
 	-rm -f ./$(DEPDIR)/pskself.Po
 	-rm -f ./$(DEPDIR)/pubkey-import-export.Po
 	-rm -f ./$(DEPDIR)/random-art.Po
-diff --git a/tests/Makefile.am b/tests/Makefile.am
--- a/tests/Makefile.am	2018-11-21 16:31:27.871806950 +0100
-+++ b/tests/Makefile.am	2018-11-21 16:31:47.952191845 +0100
-@@ -167,7 +167,7 @@
- 	 tls13-cert-key-exchange x509-cert-callback-ocsp gnutls_ocsp_resp_list_import2 \
- 	 server-sign-md5-rep privkey-keygen mini-tls-nonblock no-signal pkcs7-gen dtls-etm \
- 	 x509sign-verify-rsa x509sign-verify-ecdsa x509sign-verify-gost \
-	 mini-alignment oids atfork prf psk-file priority-init2 \
-+	 mini-alignment oids atfork prf priority-init2 \
- 	 status-request status-request-ok status-request-missing sign-verify-ext \
- 	 fallback-scsv pkcs8-key-decode urls dtls-rehandshake-cert \
- 	 key-usage-rsa key-usage-ecdhe-rsa mini-session-verify-function auto-verify \
--- a/gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
+++ b/gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
@ -1,8 +1,8 @@
-Index: gnutls-3.6.3/tests/Makefile.am
+Index: gnutls-3.6.5/tests/Makefile.am
 ===================================================================
--- gnutls-3.6.3.orig/tests/Makefile.am
-+++ gnutls-3.6.3/tests/Makefile.am
-@@ -406,7 +406,7 @@ if !WINDOWS
+--- gnutls-3.6.5.orig/tests/Makefile.am	2019-01-04 14:11:28.196622546 +0100
+++ gnutls-3.6.5/tests/Makefile.am	2019-01-04 14:11:29.080627637 +0100
+@@ -445,7 +445,7 @@ if !WINDOWS
 # List of tests not available/functional under windows
 #
 
@ -11,20 +11,20 @@ Index: gnutls-3.6.3/tests/Makefile.am
 
 indirect_tests += dtls-stress
 
-Index: gnutls-3.6.3/tests/Makefile.in
+Index: gnutls-3.6.5/tests/Makefile.in
 ===================================================================
--- gnutls-3.6.3.orig/tests/Makefile.in
-+++ gnutls-3.6.3/tests/Makefile.in
-@@ -161,7 +161,7 @@ host_triplet = @host@
+--- gnutls-3.6.5.orig/tests/Makefile.in	2019-01-04 14:11:28.200622568 +0100
+++ gnutls-3.6.5/tests/Makefile.in	2019-01-04 14:11:44.352715599 +0100
+@@ -164,7 +164,7 @@ host_triplet = @host@
 #
 # List of tests not available/functional under windows
 #
-@WINDOWS_FALSE@am__append_12 = dtls/dtls dtls/dtls-resume fastopen.sh \
-+@WINDOWS_FALSE@am__append_12 = dtls/dtls fastopen.sh \
+-@WINDOWS_FALSE@am__append_13 = dtls/dtls dtls/dtls-resume fastopen.sh \
+@WINDOWS_FALSE@am__append_13 = dtls/dtls fastopen.sh \
 @WINDOWS_FALSE@	pkgconfig.sh starttls.sh starttls-ftp.sh \
 @WINDOWS_FALSE@	starttls-smtp.sh starttls-lmtp.sh \
 @WINDOWS_FALSE@	starttls-pop3.sh starttls-nntp.sh \
-@@ -2507,7 +2507,7 @@ x509sign_verify_rsa_DEPENDENCIES = $(COM
+@@ -2663,7 +2663,7 @@ x509sign_verify_rsa_DEPENDENCIES = $(COM
 	$(am__DEPENDENCIES_2)
 am__dist_check_SCRIPTS_DIST = rfc2253-escape-test \
 	rsa-md5-collision/rsa-md5-collision.sh systemkey.sh dtls/dtls \
--- a/gnutls-3.6.4.tar.xz
+++ b/gnutls-3.6.4.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:c663a792fbc84349c27c36059181f2ca86c9442e75ee8b0ad72f5f9b35deab3a
-size 8076364
--- a/gnutls-3.6.4.tar.xz.sig
+++ b/gnutls-3.6.4.tar.xz.sig
--- a/gnutls-3.6.5.tar.xz
+++ b/gnutls-3.6.5.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:073eced3acef49a3883e69ffd5f0f0b5f46e2760ad86eddc6c0866df4e7abb35
+size 8192888
--- a/gnutls-3.6.5.tar.xz.sig
+++ b/gnutls-3.6.5.tar.xz.sig
--- a/gnutls.changes
+++ b/gnutls.changes
@ -1,3 +1,45 @@
+-------------------------------------------------------------------
+Wed Jan  2 13:36:26 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
+
+- Update to 3.6.5
+  ** libgnutls: Provide the option of transparent re-handshake/reauthentication
+     when the GNUTLS_AUTO_REAUTH flag is specified in gnutls_init() (#571).
+  ** libgnutls: Added support for TLS 1.3 zero round-trip (0-RTT) mode (#127)
+  ** libgnutls: The priority functions will ignore and not enable TLS1.3 if
+     requested with legacy TLS versions enabled but not TLS1.2. That is because
+     if such a priority string is used in the client side (e.g., TLS1.3+TLS1.0 enabled)
+     servers which do not support TLS1.3 will negotiate TLS1.2 which will be
+     rejected by the client as disabled (#621).
+  ** libgnutls: Change RSA decryption to use a new side-channel silent function.
+     This addresses a security issue where memory access patterns as well as timing
+     on the underlying Nettle rsa-decrypt function could lead to new Bleichenbacher
+     attacks. Side-channel resistant code is slower due to the need to mask
+     access and timings. When used in TLS the new functions cause RSA based
+     handshakes to be between 13% and 28% slower on average (Numbers are indicative,
+     the tests where performed on a relatively modern Intel CPU, results vary
+     depending on the CPU and architecture used). This change makes nettle 3.4.1
+     the minimum requirement of gnutls (#630). [CVSS: medium]
+  ** libgnutls: gnutls_priority_init() and friends, allow the CTYPE-OPENPGP keyword
+     in the priority string. It is only accepted as legacy option and is ignored.
+  ** libgnutls: Added support for EdDSA under PKCS#11 (#417)
+  ** libgnutls: Added support for AES-CFB8 cipher (#357)
+  ** libgnutls: Added support for AES-CMAC MAC (#351)
+  ** libgnutls: In two previous versions GNUTLS_CIPHER_GOST28147_CPB/CPC/CPD_CFB ciphers
+       have incorrectly used CryptoPro-A S-BOX instead of proper (CryptoPro-B/-C/-D
+     S-BOXes). They are fixed now.
+  ** libgnutls: Added support for GOST key unmasking and unwrapped GOST private
+     keys parsing, as specified in R 50.1.112-2016.
+  ** gnutls-serv: It applies the default settings when no --priority option is given,
+     using gnutls_set_default_priority().
+  ** p11tool: Fix initialization of security officer's PIN with the --initialize-so-pin
+     option (#561)
+  ** certtool: Add parameter --no-text that prevents certtool from outputting
+     text before PEM-encoded private key, public key, certificate, CRL or CSR.
+- minimum required libnettle is now 3.4.1
+- refresh
+  * disable-psk-file-test.patch
+  * gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
+
 -------------------------------------------------------------------
 Tue Nov 27 13:46:27 UTC 2018 - jbrielmaier@suse.de

--- a/gnutls.spec
+++ b/gnutls.spec
@ -1,7 +1,7 @@
 #
 # spec file for package gnutls
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -29,7 +29,7 @@
 %bcond_with tpm
 %bcond_without guile
 Name:           gnutls
-Version:        3.6.4
+Version:        3.6.5
 Release:        0
 Summary:        The GNU Transport Layer Security Library
 License:        LGPL-2.1-or-later AND GPL-3.0-or-later
@ -53,7 +53,7 @@ BuildRequires:  pkgconfig(autoopts)
 # The test suite calls /usr/bin/ss from iproute2. It's our own duty to ensure we have it present
 BuildRequires:  iproute2
 BuildRequires:  libidn2-devel
-BuildRequires:  libnettle-devel >= 3.1
+BuildRequires:  libnettle-devel >= 3.4.1
 BuildRequires:  libtasn1-devel >= 4.9
 BuildRequires:  libtool
 BuildRequires:  libunistring-devel