From 01e6d006eb7a57a712fd0d7d9bc4aae893930a69e1ce8cea3d454f72a274600d Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Fri, 2 Nov 2007 00:32:58 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mono-core?expand=0&rev=13 --- mono-boo_ia64_fix.patch | 22 + mono-core.changes | 11 + mono-core.spec | 38 +- mono-mcs_r85721_biginteger_security_fix.patch | 399 ++++++++++++++++++ 4 files changed, 463 insertions(+), 7 deletions(-) create mode 100644 mono-boo_ia64_fix.patch create mode 100644 mono-mcs_r85721_biginteger_security_fix.patch diff --git a/mono-boo_ia64_fix.patch b/mono-boo_ia64_fix.patch new file mode 100644 index 0000000..903412d --- /dev/null +++ b/mono-boo_ia64_fix.patch @@ -0,0 +1,22 @@ +Index: mono/io-layer/atomic.h +=================================================================== +--- mono/io-layer/atomic.h (revision 87799) ++++ mono/io-layer/atomic.h (revision 87800) +@@ -710,13 +710,16 @@ + gint32 exch, gint32 comp) + { + gint32 old; ++ guint64 real_comp; + + #ifdef __INTEL_COMPILER + old = _InterlockedCompareExchange (dest, exch, comp); + #else ++ /* cmpxchg4 zero extends the value read from memory */ ++ real_comp = (guint64)(guint32)comp; + asm volatile ("mov ar.ccv = %2 ;;\n\t" + "cmpxchg4.acq %0 = [%1], %3, ar.ccv\n\t" +- : "=r" (old) : "r" (dest), "r" (comp), "r" (exch)); ++ : "=r" (old) : "r" (dest), "r" (real_comp), "r" (exch)); + #endif + + return(old); diff --git a/mono-core.changes b/mono-core.changes index 53fdc4a..838892f 100644 --- a/mono-core.changes +++ b/mono-core.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Tue Oct 23 21:37:23 CEST 2007 - wberrier@suse.de + +- mono-boo_ia64_fix.patch: fix boo build on ia64. + +------------------------------------------------------------------- +Thu Sep 20 05:41:09 CEST 2007 - wberrier@suse.de + +- BigInteger Security fix: bnc #310044 + -MaintenanceTracker-13335 + ------------------------------------------------------------------- Fri Aug 31 05:55:26 CEST 2007 - wberrier@suse.de diff --git a/mono-core.spec b/mono-core.spec index fb0e0ef..af9c88c 100644 --- a/mono-core.spec +++ b/mono-core.spec @@ -11,17 +11,19 @@ # norootforbuild Name: mono-core -License: LGPL v2 or later +License: LGPL v2.1 or later Group: Development/Languages/Mono Summary: A .NET Runtime Environment -URL: http://go-mono.org/ +Url: http://go-mono.org/ Version: 1.2.5 -Release: 10 +Release: 26 BuildRoot: %{_tmppath}/%{name}-%{version}-build Source0: mono-%{version}.tar.bz2 Patch0: mono_1.2.5_p4.patch.bz2 Patch1: mono_1.2.5_p5_p6_final.patch -ExclusiveArch: %ix86 x86_64 ppc hppa armv4l sparc s390 ia64 s390x +Patch2: mono-mcs_r85721_biginteger_security_fix.patch +Patch3: mono-boo_ia64_fix.patch +ExclusiveArch: %ix86 x86_64 ppc hppa armv4l sparc s390 ia64 s390x BuildRoot: %{_tmppath}/%{name}-%{version}-build Provides: mono = %{version}-%{release} Provides: mono-ikvm = %{version}-%{release} @@ -43,7 +45,7 @@ Requires: libgdiplus %else # suse would rather have recommends so that all sorts of graphic libs aren't # pulled in when libgdiplus is installed -Recommends: libgdiplus +Recommends: libgdiplus %endif BuildRequires: glib2-devel #### suse options #### @@ -214,6 +216,7 @@ fi %postun /sbin/ldconfig + %package -n mono-jscript Summary: JScript .NET support for Mono Group: Development/Languages/Mono @@ -240,6 +243,7 @@ Authors: %_prefix/lib/mono/gac/Microsoft.JScript %_prefix/lib/mono/1.0/Microsoft.JScript.dll %_prefix/lib/mono/2.0/Microsoft.JScript.dll + %package -n mono-locale-extras Summary: Extra locale information Group: Development/Languages/Mono @@ -277,6 +281,7 @@ Authors: %_prefix/lib/mono/gac/I18N.Other %_prefix/lib/mono/1.0/I18N.Other.dll %_prefix/lib/mono/2.0/I18N.Other.dll + %package -n mono-data Summary: Database connectivity for Mono Group: Development/Languages/Mono @@ -334,6 +339,7 @@ Authors: %_prefix/lib/mono/2.0/System.DirectoryServices.dll %_prefix/lib/mono/gac/System.Transactions %_prefix/lib/mono/2.0/System.Transactions.dll + %package -n mono-winforms Summary: Mono's Windows Forms implementation Group: Development/Languages/Mono @@ -373,6 +379,7 @@ Authors: %_prefix/lib/mono/gac/System.Drawing.Design %_prefix/lib/mono/1.0/System.Drawing.Design.dll %_prefix/lib/mono/2.0/System.Drawing.Design.dll + %package -n ibm-data-db2 Summary: Database connectivity for DB2 Group: Development/Languages/Mono @@ -400,6 +407,7 @@ Authors: %defattr(-, root, root) %_prefix/lib/mono/gac/IBM.Data.DB2 %_prefix/lib/mono/1.0/IBM.Data.DB2.dll + %package -n mono-extras Summary: Extra packages Group: Development/Languages/Mono @@ -449,6 +457,7 @@ Authors: %_prefix/lib/mono/gac/Microsoft.Vsa %_prefix/lib/mono/1.0/Microsoft.Vsa.dll %_prefix/lib/mono/2.0/Microsoft.Vsa.dll + %package -n mono-data-sqlite Summary: Database connectivity for Mono Group: Development/Languages/Mono @@ -483,6 +492,7 @@ Authors: %_prefix/lib/mono/gac/Mono.Data.Sqlite %_prefix/lib/mono/1.0/Mono.Data.Sqlite.dll %_prefix/lib/mono/2.0/Mono.Data.Sqlite.dll + %package -n mono-data-sybase Summary: Database connectivity for Mono Group: Development/Languages/Mono @@ -512,6 +522,7 @@ Authors: %_prefix/lib/mono/gac/Mono.Data.SybaseClient %_prefix/lib/mono/1.0/Mono.Data.SybaseClient.dll %_prefix/lib/mono/2.0/Mono.Data.SybaseClient.dll + %package -n mono-web Summary: Mono implementation of ASP.NET, Remoting and Web Services Group: Development/Languages/Mono @@ -579,6 +590,7 @@ Authors: %config /etc/mono/1.0/DefaultWsdlHelpGenerator.aspx %config /etc/mono/2.0/DefaultWsdlHelpGenerator.aspx %config /etc/mono/2.0/web.config + %package -n mono-data-oracle Summary: Database connectivity for Mono Group: Development/Languages/Mono @@ -608,6 +620,7 @@ Authors: %_prefix/lib/mono/gac/System.Data.OracleClient %_prefix/lib/mono/1.0/System.Data.OracleClient.dll %_prefix/lib/mono/2.0/System.Data.OracleClient.dll + %package -n mono-data-postgresql Summary: Database connectivity for Mono Group: Development/Languages/Mono @@ -637,6 +650,7 @@ Authors: %_prefix/lib/mono/gac/Npgsql %_prefix/lib/mono/1.0/Npgsql.dll %_prefix/lib/mono/2.0/Npgsql.dll + %package -n bytefx-data-mysql Summary: Database connectivity for Mono Group: Development/Languages/Mono @@ -666,12 +680,14 @@ Authors: %_prefix/lib/mono/gac/ByteFX.Data %_prefix/lib/mono/1.0/ByteFX.Data.dll %_prefix/lib/mono/2.0/ByteFX.Data.dll + %package -n mono-nunit Summary: NUnit Testing Framework Group: Development/Languages/Mono Requires: mono-core == %version-%release # No idea why this Requires is here... removing (bnc #210224) #Requires: glib2-devel + %package -n mono-data-firebird Summary: Database connectivity for Mono Group: Development/Languages/Mono @@ -729,6 +745,7 @@ Authors: %_prefix/lib/mono/gac/nunit.util %_prefix/lib/mono/gac/nunit.mocks %_libdir/pkgconfig/mono-nunit.pc + %package -n mono-devel Summary: Mono development tools Group: Development/Languages/Mono @@ -752,7 +769,6 @@ Authors: Paolo Molaro Dietmar Maurer - %post -n mono-devel /sbin/ldconfig @@ -889,6 +905,7 @@ Authors: %dir %_prefix/share/mono-1.0/mono/cil # Reminder: when removing man pages in this list, they are not # yet gzipped + %package -n mono-complete Summary: A .NET Runtime Environment Group: Development/Languages/Mono @@ -927,10 +944,13 @@ Authors: # Put dir files here so we don't have an empty package %dir %_prefix/lib/mono/compat-1.0 %dir %_prefix/lib/mono/compat-2.0 + %prep %setup -q -n mono-%{version} %patch0 %patch1 -p1 +%patch2 +%patch3 %build # These are only needed if there are patches to the runtime @@ -1017,8 +1037,12 @@ rm -f ./usr/lib/mono/1.0/culevel.exe* %clean rm -rf ${RPM_BUILD_ROOT} - %changelog +* Tue Oct 23 2007 - wberrier@suse.de +- mono-boo_ia64_fix.patch: fix boo build on ia64. +* Thu Sep 20 2007 - wberrier@suse.de +- BigInteger Security fix: bnc #310044 + -MaintenanceTracker-13335 * Fri Aug 31 2007 - wberrier@suse.de - Regressions found in 1.2.5: -Bug #82428: crypto buffer length fix diff --git a/mono-mcs_r85721_biginteger_security_fix.patch b/mono-mcs_r85721_biginteger_security_fix.patch new file mode 100644 index 0000000..47a461b --- /dev/null +++ b/mono-mcs_r85721_biginteger_security_fix.patch @@ -0,0 +1,399 @@ +Index: mcs/class/corlib/Mono.Math.Prime.Generator/PrimeGeneratorBase.cs +=================================================================== +--- mcs/class/corlib/Mono.Math.Prime.Generator/PrimeGeneratorBase.cs (revision 85720) ++++ mcs/class/corlib/Mono.Math.Prime.Generator/PrimeGeneratorBase.cs (revision 85721) +@@ -8,8 +8,6 @@ + // + + // +-// Copyright (C) 2004 Novell, Inc (http://www.novell.com) +-// + // Permission is hereby granted, free of charge, to any person obtaining + // a copy of this software and associated documentation files (the + // "Software"), to deal in the Software without restriction, including +Index: mcs/class/corlib/Mono.Math.Prime.Generator/ChangeLog +=================================================================== +--- mcs/class/corlib/Mono.Math.Prime.Generator/ChangeLog (revision 85720) ++++ mcs/class/corlib/Mono.Math.Prime.Generator/ChangeLog (revision 85721) +@@ -1,3 +1,8 @@ ++2007-09-12 Sebastien Pouliot ++ ++ * NextPrimeFinder.cs, PrimeGeneratorBase.cs: Updated to match ++ Mono.Security sources. ++ + 2004-09-16 Sebastien Pouliot + + * SequentialSearchPrimeGeneratorBase.cs: Fixed warning (l4) for unused +Index: mcs/class/corlib/Mono.Math.Prime.Generator/NextPrimeFinder.cs +=================================================================== +--- mcs/class/corlib/Mono.Math.Prime.Generator/NextPrimeFinder.cs (revision 85720) ++++ mcs/class/corlib/Mono.Math.Prime.Generator/NextPrimeFinder.cs (revision 85721) +@@ -8,8 +8,6 @@ + // + + // +-// Copyright (C) 2004 Novell, Inc (http://www.novell.com) +-// + // Permission is hereby granted, free of charge, to any person obtaining + // a copy of this software and associated documentation files (the + // "Software"), to deal in the Software without restriction, including +Index: mcs/class/corlib/Mono.Math.Prime/ConfidenceFactor.cs +=================================================================== +--- mcs/class/corlib/Mono.Math.Prime/ConfidenceFactor.cs (revision 85720) ++++ mcs/class/corlib/Mono.Math.Prime/ConfidenceFactor.cs (revision 85721) +@@ -8,8 +8,6 @@ + // + + // +-// Copyright (C) 2004 Novell, Inc (http://www.novell.com) +-// + // Permission is hereby granted, free of charge, to any person obtaining + // a copy of this software and associated documentation files (the + // "Software"), to deal in the Software without restriction, including +Index: mcs/class/corlib/Mono.Math.Prime/PrimalityTests.cs +=================================================================== +--- mcs/class/corlib/Mono.Math.Prime/PrimalityTests.cs (revision 85720) ++++ mcs/class/corlib/Mono.Math.Prime/PrimalityTests.cs (revision 85721) +@@ -8,8 +8,6 @@ + // + + // +-// Copyright (C) 2004 Novell, Inc (http://www.novell.com) +-// + // Permission is hereby granted, free of charge, to any person obtaining + // a copy of this software and associated documentation files (the + // "Software"), to deal in the Software without restriction, including +@@ -94,10 +92,19 @@ + } + } + ++ public static bool Test (BigInteger n, ConfidenceFactor confidence) ++ { ++ // Rabin-Miller fails with smaller primes (at least with our BigInteger code) ++ if (n.BitCount () < 33) ++ return SmallPrimeSppTest (n, confidence); ++ else ++ return RabinMillerTest (n, confidence); ++ } ++ + /// + /// Probabilistic prime test based on Rabin-Miller's test + /// +- /// ++ /// + /// + /// The number to test. + /// +@@ -116,67 +123,51 @@ + /// False if "this" is definitely NOT prime. + /// + /// +- public static bool RabinMillerTest (BigInteger bi, ConfidenceFactor confidence) ++ public static bool RabinMillerTest (BigInteger n, ConfidenceFactor confidence) + { +- int Rounds = GetSPPRounds (bi, confidence); ++ int bits = n.BitCount (); ++ int t = GetSPPRounds (bits, confidence); + +- // calculate values of s and t +- BigInteger p_sub1 = bi - 1; +- int s = p_sub1.LowestSetBit (); ++ // n - 1 == 2^s * r, r is odd ++ BigInteger n_minus_1 = n - 1; ++ int s = n_minus_1.LowestSetBit (); ++ BigInteger r = n_minus_1 >> s; + +- BigInteger t = p_sub1 >> s; +- +- int bits = bi.BitCount (); +- BigInteger a = null; +- BigInteger.ModulusRing mr = new BigInteger.ModulusRing (bi); ++ BigInteger.ModulusRing mr = new BigInteger.ModulusRing (n); + + // Applying optimization from HAC section 4.50 (base == 2) + // not a really random base but an interesting (and speedy) one +- BigInteger b = mr.Pow (2, t); +- if (b != 1) { +- bool result = false; +- for (int j=0; j < s; j++) { +- if (b == p_sub1) { // a^((2^j)*t) mod p = p-1 for some 0 <= j <= s-1 +- result = true; +- break; +- } ++ BigInteger y = null; ++ // FIXME - optimization disable for small primes due to bug #81857 ++ if (n.BitCount () > 100) ++ y = mr.Pow (2, r); + +- b = (b * b) % bi; +- } +- if (!result) +- return false; +- } +- + // still here ? start at round 1 (round 0 was a == 2) +- for (int round = 1; round < Rounds; round++) { +- while (true) { // generate a < n +- a = BigInteger.GenerateRandom (bits); ++ for (int round = 0; round < t; round++) { + +- // make sure "a" is not 0 (and not 2 as we have already tested that) +- if (a > 2 && a < bi) +- break; +- } ++ if ((round > 0) || (y == null)) { ++ BigInteger a = null; + +- if (a.GCD (bi) != 1) +- return false; ++ // check for 2 <= a <= n - 2 ++ // ...but we already did a == 2 previously as an optimization ++ do { ++ a = BigInteger.GenerateRandom (bits); ++ } while ((a <= 2) && (a >= n_minus_1)); + +- b = mr.Pow (a, t); ++ y = mr.Pow (a, r); ++ } + +- if (b == 1) +- continue; // a^t mod p = 1 ++ if (y == 1) ++ continue; + +- bool result = false; +- for (int j = 0; j < s; j++) { ++ for (int j = 0; ((j < s) && (y != n_minus_1)); j++) { + +- if (b == p_sub1) { // a^((2^j)*t) mod p = p-1 for some 0 <= j <= s-1 +- result = true; +- break; +- } +- +- b = (b * b) % bi; ++ y = mr.Pow (y, 2); ++ if (y == 1) ++ return false; + } + +- if (!result) ++ if (y != n_minus_1) + return false; + } + return true; +Index: mcs/class/corlib/Mono.Math.Prime/ChangeLog +=================================================================== +--- mcs/class/corlib/Mono.Math.Prime/ChangeLog (revision 85720) ++++ mcs/class/corlib/Mono.Math.Prime/ChangeLog (revision 85721) +@@ -1,3 +1,8 @@ ++2007-09-12 Sebastien Pouliot ++ ++ * ConfidenceFactor.cs, PrimalityTests.cs: Updated to match ++ Mono.Security sources. ++ + 2004-05-07 Sebastien Pouliot + + * PrimalityTests.cs: In sync with Mono.Security.dll version. +Index: mcs/class/corlib/Mono.Math/BigInteger.cs +=================================================================== +--- mcs/class/corlib/Mono.Math/BigInteger.cs (revision 85720) ++++ mcs/class/corlib/Mono.Math/BigInteger.cs (revision 85721) +@@ -13,7 +13,7 @@ + // Copyright (c) 2002 Chew Keong TAN + // All rights reserved. + // +-// Copyright (C) 2004 Novell, Inc (http://www.novell.com) ++// Copyright (C) 2004, 2007 Novell, Inc (http://www.novell.com) + // + // Permission is hereby granted, free of charge, to any person obtaining + // a copy of this software and associated documentation files (the +@@ -862,10 +862,16 @@ + + public override bool Equals (object o) + { +- if (o == null) return false; +- if (o is int) return (int)o >= 0 && this == (uint)o; ++ if (o == null) ++ return false; ++ if (o is int) ++ return (int)o >= 0 && this == (uint)o; + +- return Kernel.Compare (this, (BigInteger)o) == 0; ++ BigInteger bi = o as BigInteger; ++ if (bi == null) ++ return false; ++ ++ return Kernel.Compare (this, bi) == 0; + } + + #endregion +@@ -894,19 +900,23 @@ + + public bool IsProbablePrime () + { +- if (this < smallPrimes [smallPrimes.Length - 1]) { ++ // can we use our small-prime table ? ++ if (this <= smallPrimes[smallPrimes.Length - 1]) { + for (int p = 0; p < smallPrimes.Length; p++) { +- if (this == smallPrimes [p]) ++ if (this == smallPrimes[p]) + return true; + } ++ // the list is complete, so it's not a prime ++ return false; + } +- else { +- for (int p = 0; p < smallPrimes.Length; p++) { +- if (this % smallPrimes [p] == 0) +- return false; +- } ++ ++ // otherwise check if we can divide by one of the small primes ++ for (int p = 0; p < smallPrimes.Length; p++) { ++ if (this % smallPrimes[p] == 0) ++ return false; + } +- return PrimalityTests.RabinMillerTest (this, Prime.ConfidenceFactor.Medium); ++ // the last step is to confirm the "large" prime with the SPP or Miller-Rabin test ++ return PrimalityTests.Test (this, Prime.ConfidenceFactor.Medium); + } + + #endregion +@@ -1038,18 +1048,12 @@ + { + if (a == 0 || b == 0) return 0; + +- if (a.length >= mod.length << 1) ++ if (a > mod) + a %= mod; + +- if (b.length >= mod.length << 1) ++ if (b > mod) + b %= mod; + +- if (a.length >= mod.length) +- BarrettReduction (a); +- +- if (b.length >= mod.length) +- BarrettReduction (b); +- + BigInteger ret = new BigInteger (a * b); + BarrettReduction (ret); + +@@ -1082,7 +1086,25 @@ + diff = mod - diff; + return diff; + } ++#if true ++ public BigInteger Pow (BigInteger a, BigInteger k) ++ { ++ BigInteger b = new BigInteger (1); ++ if (k == 0) ++ return b; + ++ BigInteger A = a; ++ if (k.TestBit (0)) ++ b = a; ++ ++ for (int i = 1; i < k.BitCount (); i++) { ++ A = Multiply (A, A); ++ if (k.TestBit (i)) ++ b = Multiply (A, b); ++ } ++ return b; ++ } ++#else + public BigInteger Pow (BigInteger b, BigInteger exp) + { + if ((mod.data [0] & 1) == 1) return OddPow (b, exp); +@@ -1146,14 +1168,17 @@ + Montgomery.Reduce (resultNum, mod, mPrime); + } + +- Kernel.SquarePositive (tempNum, ref wkspace); +- Montgomery.Reduce (tempNum, mod, mPrime); ++ // the value of tempNum is required in the last loop ++ if (pos < totalBits - 1) { ++ Kernel.SquarePositive (tempNum, ref wkspace); ++ Montgomery.Reduce (tempNum, mod, mPrime); ++ } + } + + Montgomery.Reduce (resultNum, mod, mPrime); + return resultNum; + } +- ++#endif + #region Pow Small Base + + // TODO: Make tests for this, not really needed b/c prime stuff +@@ -1161,14 +1186,20 @@ + #if !INSIDE_CORLIB + [CLSCompliant (false)] + #endif ++#if true + public BigInteger Pow (uint b, BigInteger exp) + { ++ return Pow (new BigInteger (b), exp); ++ } ++#else ++ public BigInteger Pow (uint b, BigInteger exp) ++ { + // if (b != 2) { + if ((mod.data [0] & 1) == 1) + return OddPow (b, exp); + else + return EvenPow (b, exp); +-/* buggy in some cases (like the well tested primes) ++/* buggy in some cases (like the well tested primes) + } else { + if ((mod.data [0] & 1) == 1) + return OddModTwoPow (exp); +@@ -1187,7 +1218,8 @@ + + uint mPrime = Montgomery.Inverse (mod.data [0]); + +- uint pos = (uint)exp.BitCount () - 2; ++ int bc = exp.BitCount () - 2; ++ uint pos = (bc > 1 ? (uint) bc : 1); + + // + // We know that the first itr will make the val b +@@ -1387,8 +1419,9 @@ + + return resultNum; + } +- +-/* known to be buggy in some cases ++#endif ++/* known to be buggy in some cases */ ++#if false + private unsafe BigInteger EvenModTwoPow (BigInteger exp) + { + exp.Normalize (); +@@ -1521,7 +1554,7 @@ + resultNum = Montgomery.Reduce (resultNum, mod, mPrime); + return resultNum; + } +-*/ ++#endif + #endregion + } + +Index: mcs/class/corlib/Mono.Math/ChangeLog +=================================================================== +--- mcs/class/corlib/Mono.Math/ChangeLog (revision 85720) ++++ mcs/class/corlib/Mono.Math/ChangeLog (revision 85721) +@@ -1,3 +1,12 @@ ++2007-09-12 Sebastien Pouliot ++ ++ * BigInteger.cs: Updated to match Mono.Security sources. ++ ++2007-07-28 Miguel de Icaza ++ ++ * BigInteger.cs: Do not cast inside Equals,instead use the as ++ operator, as reported by Jesse Jones. ++ + 2004-12-03 Sebastien Pouliot + + * BigInteger.cs: Fix issue #70169 in ModPow when modulus is a power of