From f3f9661f10ba83e9c88692eb3d5aa43512796148e87ae23c6df33c25481c227e Mon Sep 17 00:00:00 2001 From: Stephan Kulow Date: Mon, 11 Feb 2013 10:07:26 +0000 Subject: [PATCH] Accepting request 155059 from Base:System Fix nasty 1.0.1d regression (forwarded request 155056 from sumski) OBS-URL: https://build.opensuse.org/request/show/155059 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=85 --- openssl-1.0.1d-s3-packet.patch | 76 ++++++++++++++++++++++++++++++++++ openssl.changes | 6 +++ openssl.spec | 3 ++ 3 files changed, 85 insertions(+) create mode 100644 openssl-1.0.1d-s3-packet.patch diff --git a/openssl-1.0.1d-s3-packet.patch b/openssl-1.0.1d-s3-packet.patch new file mode 100644 index 0000000..583cb56 --- /dev/null +++ b/openssl-1.0.1d-s3-packet.patch @@ -0,0 +1,76 @@ +https://bugs.gentoo.org/456108 + +taken from upstream + +From 32cc2479b473c49ce869e57fded7e9a77b695c0d Mon Sep 17 00:00:00 2001 +From: "Dr. Stephen Henson" +Date: Thu, 7 Feb 2013 21:06:37 +0000 +Subject: [PATCH] Fix IV check and padding removal. + +Fix the calculation that checks there is enough room in a record +after removing padding and optional explicit IV. (by Steve) + +For AEAD remove the correct number of padding bytes (by Andy) +--- + ssl/s3_cbc.c | 33 ++++++++++++--------------------- + 1 file changed, 12 insertions(+), 21 deletions(-) + +diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c +index ce77acd..0f60507 100644 +--- a/ssl/s3_cbc.c ++++ b/ssl/s3_cbc.c +@@ -139,31 +139,22 @@ int tls1_cbc_remove_padding(const SSL* s, + unsigned mac_size) + { + unsigned padding_length, good, to_check, i; +- const char has_explicit_iv = +- s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION; +- const unsigned overhead = 1 /* padding length byte */ + +- mac_size + +- (has_explicit_iv ? block_size : 0); +- +- /* These lengths are all public so we can test them in non-constant +- * time. */ +- if (overhead > rec->length) +- return 0; +- +- /* We can always safely skip the explicit IV. We check at the beginning +- * of this function that the record has at least enough space for the +- * IV, MAC and padding length byte. (These can be checked in +- * non-constant time because it's all public information.) So, if the +- * padding was invalid, then we didn't change |rec->length| and this is +- * safe. If the padding was valid then we know that we have at least +- * overhead+padding_length bytes of space and so this is still safe +- * because overhead accounts for the explicit IV. */ +- if (has_explicit_iv) ++ const unsigned overhead = 1 /* padding length byte */ + mac_size; ++ /* Check if version requires explicit IV */ ++ if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION) + { ++ /* These lengths are all public so we can test them in ++ * non-constant time. ++ */ ++ if (overhead + block_size > rec->length) ++ return 0; ++ /* We can now safely skip explicit IV */ + rec->data += block_size; + rec->input += block_size; + rec->length -= block_size; + } ++ else if (overhead > rec->length) ++ return 0; + + padding_length = rec->data[rec->length-1]; + +@@ -190,7 +181,7 @@ int tls1_cbc_remove_padding(const SSL* s, + if (EVP_CIPHER_flags(s->enc_read_ctx->cipher)&EVP_CIPH_FLAG_AEAD_CIPHER) + { + /* padding is already verified */ +- rec->length -= padding_length; ++ rec->length -= padding_length + 1; + return 1; + } + +-- +1.8.0.2 + diff --git a/openssl.changes b/openssl.changes index b5cd285..c971b9b 100644 --- a/openssl.changes +++ b/openssl.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Sun Feb 10 20:33:51 UTC 2013 - hrvoje.senjan@gmail.com + +- Added openssl-1.0.1d-s3-packet.patch from upstream, fixes + bnc#803004, openssl ticket#2975 + ------------------------------------------------------------------- Tue Feb 5 16:00:17 UTC 2013 - meissner@suse.com diff --git a/openssl.spec b/openssl.spec index f9340e0..7eab170 100644 --- a/openssl.spec +++ b/openssl.spec @@ -46,6 +46,8 @@ Patch1: openssl-1.0.0-c_rehash-compat.diff Patch2: bug610223.patch Patch3: openssl-ocloexec.patch Patch4: VIA_padlock_support_on_64systems.patch +# PATCH-FIX-UPSTREAM openssl-1.0.1d-s3-packet.patch Fix the calculation that checks there is enough room in a record after removing padding and optional explicit IV bnc#803004, openssl ticket#2975 +Patch5: openssl-1.0.1d-s3-packet.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -176,6 +178,7 @@ Authors: %patch2 -p1 %patch3 %patch4 -p1 +%patch5 -p1 cp -p %{S:10} . echo "adding/overwriting some entries in the 'table' hash in Configure" # $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags