diff --git a/0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch b/0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch new file mode 100644 index 0000000..61b2312 --- /dev/null +++ b/0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch @@ -0,0 +1,120 @@ +From: Tomas Mraz +Date: Wed, 3 Apr 2019 12:31:32 +0200 +Subject: Fix for BIO_get_mem_ptr and related regressions +Patch-mainline: yes +Git-commit: b238fb79709a180ba9b4d837101c9f75e2978dc0 +References: bnc#1136522 + +Reviewed-by: Bernd Edlinger +Reviewed-by: Matt Caswell +(Merged from https://github.com/openssl/openssl/pull/8649) + +Signed-off-by: Jiri Slaby +--- + crypto/bio/bss_mem.c | 40 ++++++++++++++++++++++++++++------------ + 1 file changed, 28 insertions(+), 12 deletions(-) + +diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c +index 89c54b2d53df..51fae3b2f0b9 100644 +--- a/crypto/bio/bss_mem.c ++++ b/crypto/bio/bss_mem.c +@@ -57,7 +57,12 @@ static const BIO_METHOD secmem_method = { + NULL, /* mem_callback_ctrl */ + }; + +-/* BIO memory stores buffer and read pointer */ ++/* ++ * BIO memory stores buffer and read pointer ++ * however the roles are different for read only BIOs. ++ * In that case the readp just stores the original state ++ * to be used for reset. ++ */ + typedef struct bio_buf_mem_st { + struct buf_mem_st *buf; /* allocated buffer */ + struct buf_mem_st *readp; /* read pointer */ +@@ -192,6 +197,8 @@ static int mem_read(BIO *b, char *out, int outl) + BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)b->ptr; + BUF_MEM *bm = bbm->readp; + ++ if (b->flags & BIO_FLAGS_MEM_RDONLY) ++ bm = bbm->buf; + BIO_clear_retry_flags(b); + ret = (outl >= 0 && (size_t)outl > bm->length) ? (int)bm->length : outl; + if ((out != NULL) && (ret > 0)) { +@@ -241,29 +248,36 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) + BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)b->ptr; + BUF_MEM *bm; + ++ if (b->flags & BIO_FLAGS_MEM_RDONLY) ++ bm = bbm->buf; ++ else ++ bm = bbm->readp; ++ + switch (cmd) { + case BIO_CTRL_RESET: + bm = bbm->buf; + if (bm->data != NULL) { +- /* For read only case reset to the start again */ +- if ((b->flags & BIO_FLAGS_MEM_RDONLY) || (b->flags & BIO_FLAGS_NONCLEAR_RST)) { +- bm->length = bm->max; ++ if (!(b->flags & BIO_FLAGS_MEM_RDONLY)) { ++ if (b->flags & BIO_FLAGS_NONCLEAR_RST) { ++ bm->length = bm->max; ++ } else { ++ memset(bm->data, 0, bm->max); ++ bm->length = 0; ++ } ++ *bbm->readp = *bbm->buf; + } else { +- memset(bm->data, 0, bm->max); +- bm->length = 0; ++ /* For read only case just reset to the start again */ ++ *bbm->buf = *bbm->readp; + } +- *bbm->readp = *bbm->buf; + } + break; + case BIO_CTRL_EOF: +- bm = bbm->readp; + ret = (long)(bm->length == 0); + break; + case BIO_C_SET_BUF_MEM_EOF_RETURN: + b->num = (int)num; + break; + case BIO_CTRL_INFO: +- bm = bbm->readp; + ret = (long)bm->length; + if (ptr != NULL) { + pptr = (char **)ptr; +@@ -278,8 +292,9 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) + break; + case BIO_C_GET_BUF_MEM_PTR: + if (ptr != NULL) { +- mem_buf_sync(b); +- bm = bbm->readp; ++ if (!(b->flags & BIO_FLAGS_MEM_RDONLY)) ++ mem_buf_sync(b); ++ bm = bbm->buf; + pptr = (char **)ptr; + *pptr = (char *)bm; + } +@@ -294,7 +309,6 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) + ret = 0L; + break; + case BIO_CTRL_PENDING: +- bm = bbm->readp; + ret = (long)bm->length; + break; + case BIO_CTRL_DUP: +@@ -318,6 +332,8 @@ static int mem_gets(BIO *bp, char *buf, int size) + BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)bp->ptr; + BUF_MEM *bm = bbm->readp; + ++ if (bp->flags & BIO_FLAGS_MEM_RDONLY) ++ bm = bbm->buf; + BIO_clear_retry_flags(bp); + j = bm->length; + if ((size - 1) < j) +-- +2.21.0 + diff --git a/openssl-1_1.changes b/openssl-1_1.changes index 158d0c2..f6dd3da 100644 --- a/openssl-1_1.changes +++ b/openssl-1_1.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue May 28 08:21:52 UTC 2019 - Jiri Slaby + +- add 0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch + (bnc#1136522) + ------------------------------------------------------------------- Mon May 20 16:21:01 UTC 2019 - Vítězslav Čížek diff --git a/openssl-1_1.spec b/openssl-1_1.spec index b08fe6f..2de9d0d 100644 --- a/openssl-1_1.spec +++ b/openssl-1_1.spec @@ -51,6 +51,8 @@ Patch9: 0001-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch # PATCH-FIX-UPSTREAM https://github.com/openssl/openssl/pull/8371 Patch10: openssl-fix-handling-of-GNU-strerror_r.patch Patch11: openssl-fix_underflow_in_errstr_handling.patch +# PATCH-FIX-UPSTREAM https://github.com/openssl/openssl/pull/8649 bnc#1136522 +Patch11: 0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch BuildRequires: pkgconfig Conflicts: ssl Provides: ssl