Accepting request 832939 from home:vitezslav_cizek:branches:security:tls

- Update to 3.6.15
 * libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing.
   [GNUTLS-SA-2020-09-04, CVSS: medium]
 * libgnutls: If FIPS self-tests are failed, gnutls_fips140_mode_enabled() now
   indicates that with a false return value (!1306).
 * libgnutls: Under FIPS mode, the generated ECDH/DH public keys are checked
   accordingly to SP800-56A rev 3 (!1295, !1299).
 * libgnutls: gnutls_x509_crt_export2() now returns 0 upon success, rather than
   the size of the internal base64 blob (#1025).
 * libgnutls: Certificate verification failue due to OCSP must-stapling is not
   honered is now correctly marked with the GNUTLS_CERT_INVALID flag
 * libgnutls: The audit log message for weak hashes is no longer printed twice
 * libgnutls: Fixed version negotiation when TLS 1.3 is enabled and TLS 1.2 is
   disabled in the priority string. Previously, even when TLS 1.2 is explicitly
   disabled with "-VERS-TLS1.2", the server still offered TLS 1.2 if TLS 1.3 is
   enabled (#1054).
- drop upstreamed patches:
  * gnutls-detect_nettle_so.patch
  * 0001-crypto-api-always-allocate-memory-when-serializing-i.patch

OBS-URL: https://build.opensuse.org/request/show/832939
OBS-URL: https://build.opensuse.org/package/show/security:tls/gnutls?expand=0&rev=39

0001-crypto-api-always-allocate-memory-when-serializing-i.patch

@@ -1,152 +0,0 @@
-From 6fbff7fc8aabeee2254405f254220bbe8c05c67d Mon Sep 17 00:00:00 2001
-From: Daiki Ueno <ueno@gnu.org>
-Date: Fri, 5 Jun 2020 16:26:33 +0200
-Subject: [PATCH] crypto-api: always allocate memory when serializing iovec_t
-
-The AEAD iov interface falls back to serializing the input buffers if
-the low-level cipher doesn't support scatter/gather encryption.
-However, there was a bug in the functions used for the serialization,
-which causes memory leaks under a certain condition (i.e. the number
-of input buffers is 1).
-
-This patch makes the logic of the functions simpler, by removing a
-micro-optimization that tries to minimize the number of calls to
-malloc/free.
-
-The original problem was reported by Marius Steffen in:
-https://bugzilla.samba.org/show_bug.cgi?id=14399
-and the cause was investigated by Alexander Haase in:
-https://gitlab.com/gnutls/gnutls/-/merge_requests/1277
-
-Signed-off-by: Daiki Ueno <ueno@gnu.org>
----
- lib/crypto-api.c        | 36 +++++++++++-------------------------
- tests/aead-cipher-vec.c | 33 ++++++++++++++++++---------------
- 2 files changed, 29 insertions(+), 40 deletions(-)
-
-diff --git a/lib/crypto-api.c b/lib/crypto-api.c
-index 45be64ed1f..8524f5ed4f 100644
---- a/lib/crypto-api.c
-+++ b/lib/crypto-api.c
-@@ -891,32 +891,23 @@ gnutls_aead_cipher_encrypt(gnutls_aead_cipher_hd_t handle,
- struct iov_store_st {
- 	void *data;
- 	size_t size;
--	unsigned allocated;
- };
- 
- static void iov_store_free(struct iov_store_st *s)
- {
--	if (s->allocated) {
--		gnutls_free(s->data);
--		s->allocated = 0;
--	}
-+	gnutls_free(s->data);
- }
- 
- static int iov_store_grow(struct iov_store_st *s, size_t length)
- {
--	if (s->allocated || s->data == NULL) {
--		s->size += length;
--		s->data = gnutls_realloc(s->data, s->size);
--		if (s->data == NULL)
--			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
--		s->allocated = 1;
--	} else {
--		void *data = s->data;
--		size_t size = s->size + length;
--		s->data = gnutls_malloc(size);
--		memcpy(s->data, data, s->size);
--		s->size += length;
--	}
-+	void *data;
-+
-+	s->size += length;
-+	data = gnutls_realloc(s->data, s->size);
-+	if (data == NULL)
-+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
-+
-+	s->data = data;
- 	return 0;
- }
- 
-@@ -926,11 +917,6 @@ copy_from_iov(struct iov_store_st *dst, const giovec_t *iov, int iovcnt)
- 	memset(dst, 0, sizeof(*dst));
- 	if (iovcnt == 0) {
- 		return 0;
--	} else if (iovcnt == 1) {
--		dst->data = iov[0].iov_base;
--		dst->size = iov[0].iov_len;
--		/* implies: dst->allocated = 0; */
--		return 0;
- 	} else {
- 		int i;
- 		uint8_t *p;
-@@ -944,11 +930,11 @@ copy_from_iov(struct iov_store_st *dst, const giovec_t *iov, int iovcnt)
- 
- 		p = dst->data;
- 		for (i=0;i<iovcnt;i++) {
--			memcpy(p, iov[i].iov_base, iov[i].iov_len);
-+			if (iov[i].iov_len > 0)
-+				memcpy(p, iov[i].iov_base, iov[i].iov_len);
- 			p += iov[i].iov_len;
- 		}
- 
--		dst->allocated = 1;
- 		return 0;
- 	}
- }
-diff --git a/tests/aead-cipher-vec.c b/tests/aead-cipher-vec.c
-index fba9010d9e..6a30a35f7b 100644
---- a/tests/aead-cipher-vec.c
-+++ b/tests/aead-cipher-vec.c
-@@ -49,6 +49,7 @@ static void start(const char *name, int algo)
- 	giovec_t auth_iov[2];
- 	uint8_t tag[64];
- 	size_t tag_size = 0;
-+	size_t i;
- 
- 	key.data = key16;
- 	key.size = gnutls_cipher_get_key_size(algo);
-@@ -82,21 +83,23 @@ static void start(const char *name, int algo)
- 	if (ret < 0)
- 		fail("gnutls_cipher_init: %s\n", gnutls_strerror(ret));
- 
--	ret = gnutls_aead_cipher_encryptv2(ch,
--					   iv.data, iv.size,
--					   auth_iov, 2,
--					   iov, 3,
--					   tag, &tag_size);
--	if (ret < 0)
--		fail("could not encrypt data: %s\n", gnutls_strerror(ret));
--
--	ret = gnutls_aead_cipher_decryptv2(ch,
--					   iv.data, iv.size,
--					   auth_iov, 2,
--					   iov, 3,
--					   tag, tag_size);
--	if (ret < 0)
--		fail("could not decrypt data: %s\n", gnutls_strerror(ret));
-+	for (i = 0; i < 2; i++) {
-+		ret = gnutls_aead_cipher_encryptv2(ch,
-+						   iv.data, iv.size,
-+						   auth_iov, 2,
-+						   iov, i + 1,
-+						   tag, &tag_size);
-+		if (ret < 0)
-+			fail("could not encrypt data: %s\n", gnutls_strerror(ret));
-+
-+		ret = gnutls_aead_cipher_decryptv2(ch,
-+						   iv.data, iv.size,
-+						   auth_iov, 2,
-+						   iov, i + 1,
-+						   tag, tag_size);
-+		if (ret < 0)
-+			fail("could not decrypt data: %s\n", gnutls_strerror(ret));
-+	}
- 
- 	gnutls_aead_cipher_deinit(ch);
- }
--- 
-2.25.0
-

gnutls-3.5.11-skip-trust-store-tests.patch

@@ -15,10 +15,10 @@ need ca-certificates-mozilla to run.
 
 But this would create a build cycle. Skip test.
 
-Index: gnutls-3.5.11/tests/trust-store.c
+Index: gnutls-3.6.15/tests/trust-store.c
 ===================================================================
---- gnutls-3.5.11.orig/tests/trust-store.c	2017-04-07 07:52:07.000000000 +0200
-+++ gnutls-3.5.11/tests/trust-store.c	2017-05-18 10:33:53.537598763 +0200
+--- gnutls-3.6.15.orig/tests/trust-store.c	2020-09-08 10:24:24.018094247 +0200
++++ gnutls-3.6.15/tests/trust-store.c	2020-09-08 10:24:25.534104346 +0200
 @@ -44,6 +44,9 @@ static void tls_log_func(int level, cons
  
  void doit(void)

gnutls-3.6.14.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5630751adec7025b8ef955af4d141d00d252a985769f51b4059e5affa3d39d63
-size 6069088

gnutls-3.6.15.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0ea8c3283de8d8335d7ae338ef27c53a916f15f382753b174c18b45ffd481558
+size 6081656

gnutls-3.6.6-set_guile_site_dir.patch

@@ -1,8 +1,8 @@
-Index: gnutls-3.6.6/configure
+Index: gnutls-3.6.15/configure
 ===================================================================
---- gnutls-3.6.6.orig/configure
-+++ gnutls-3.6.6/configure
-@@ -62868,7 +62868,7 @@
+--- gnutls-3.6.15.orig/configure	2020-09-08 10:24:22.362083215 +0200
++++ gnutls-3.6.15/configure	2020-09-08 10:24:28.510124171 +0200
+@@ -69365,7 +69365,7 @@ fi
  
    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for Guile site directory" >&5
  $as_echo_n "checking for Guile site directory... " >&6; }

gnutls-detect_nettle_so.patch

@@ -1,52 +0,0 @@
-Index: gnutls-3.6.14/configure
-===================================================================
---- gnutls-3.6.14.orig/configure	2020-06-09 11:01:15.306654318 +0200
-+++ gnutls-3.6.14/configure	2020-06-09 12:40:08.262985909 +0200
-@@ -66054,12 +66054,12 @@ LIBS="$LIBS $GMP_LIBS"
- $as_echo_n "checking gmp soname... " >&6; }
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h.  */
--
-+#include <gmp.h>
- int
- main ()
- {
--
--  ;
-+  mpz_t n;
-+  mpz_init(n);
-   return 0;
- }
- _ACEOF
-@@ -66088,12 +66088,12 @@ LIBS="$LIBS $NETTLE_LIBS"
- $as_echo_n "checking nettle soname... " >&6; }
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h.  */
--
-+#include <nettle/sha2.h>
- int
- main ()
- {
--
--  ;
-+  struct sha256_ctx ctx;
-+  sha256_init (&ctx);
-   return 0;
- }
- _ACEOF
-@@ -66122,12 +66122,12 @@ LIBS="$LIBS $HOGWEED_LIBS"
- $as_echo_n "checking hogweed soname... " >&6; }
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h.  */
--
-+#include <nettle/rsa.h>
- int
- main ()
- {
--
--  ;
-+  struct rsa_private_key priv;
-+  nettle_rsa_private_key_init(&priv);
-   return 0;
- }
- _ACEOF

gnutls-temporarily_disable_broken_guile_reauth_test.patch

@@ -1,8 +1,8 @@
-Index: gnutls-3.6.14/guile/Makefile.in
+Index: gnutls-3.6.15/guile/Makefile.in
 ===================================================================
---- gnutls-3.6.14.orig/guile/Makefile.in	2020-06-03 15:05:54.000000000 +0200
-+++ gnutls-3.6.14/guile/Makefile.in	2020-06-09 09:03:17.267773380 +0200
-@@ -1850,7 +1850,7 @@ CLEANFILES = modules/gnutls.scm $(am__ap
+--- gnutls-3.6.15.orig/guile/Makefile.in	2020-09-08 10:24:09.581998087 +0200
++++ gnutls-3.6.15/guile/Makefile.in	2020-09-08 10:24:30.046134403 +0200
+@@ -1857,7 +1857,7 @@ CLEANFILES = modules/gnutls.scm $(am__ap
  TESTS = tests/anonymous-auth.scm tests/session-record-port.scm \
  	tests/pkcs-import-export.scm tests/errors.scm \
  	tests/x509-certificates.scm tests/x509-auth.scm \

gnutls.changes

@@ -1,3 +1,26 @@
+-------------------------------------------------------------------
+Tue Sep  8 08:18:48 UTC 2020 - Vítězslav Čížek <vcizek@suse.com>
+
+- Update to 3.6.15
+ * libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing.
+   [GNUTLS-SA-2020-09-04, CVSS: medium]
+ * libgnutls: If FIPS self-tests are failed, gnutls_fips140_mode_enabled() now
+   indicates that with a false return value (!1306).
+ * libgnutls: Under FIPS mode, the generated ECDH/DH public keys are checked
+   accordingly to SP800-56A rev 3 (!1295, !1299).
+ * libgnutls: gnutls_x509_crt_export2() now returns 0 upon success, rather than
+   the size of the internal base64 blob (#1025).
+ * libgnutls: Certificate verification failue due to OCSP must-stapling is not
+   honered is now correctly marked with the GNUTLS_CERT_INVALID flag
+ * libgnutls: The audit log message for weak hashes is no longer printed twice
+ * libgnutls: Fixed version negotiation when TLS 1.3 is enabled and TLS 1.2 is
+   disabled in the priority string. Previously, even when TLS 1.2 is explicitly
+   disabled with "-VERS-TLS1.2", the server still offered TLS 1.2 if TLS 1.3 is
+   enabled (#1054).
+- drop upstreamed patches:
+  * gnutls-detect_nettle_so.patch
+  * 0001-crypto-api-always-allocate-memory-when-serializing-i.patch
+
 -------------------------------------------------------------------
 Tue Jun  9 09:15:45 UTC 2020 - Vítězslav Čížek <vcizek@suse.com>
 

gnutls.spec

@@ -28,7 +28,7 @@
 %bcond_with tpm
 %bcond_without guile
 Name:           gnutls
-Version:        3.6.14
+Version:        3.6.15
 Release:        0
 Summary:        The GNU Transport Layer Security Library
 License:        LGPL-2.1-or-later AND GPL-3.0-or-later
@@ -40,9 +40,7 @@ Source2:        %{name}.keyring
 Source3:        baselibs.conf
 Patch1:         gnutls-3.5.11-skip-trust-store-tests.patch
 Patch4:         gnutls-3.6.6-set_guile_site_dir.patch
-Patch5:         0001-crypto-api-always-allocate-memory-when-serializing-i.patch
 Patch6:         gnutls-temporarily_disable_broken_guile_reauth_test.patch
-Patch7:         gnutls-detect_nettle_so.patch
 BuildRequires:  autogen
 BuildRequires:  automake
 BuildRequires:  datefudge