rpm/openssl-1_1
SHA256
1
0
Fork 0
forked from pool/openssl-1_1
Code Pull Requests Activity

Merge the update into TW - the updtae won't happen quickly, as the maintainer submitted 1.1.1c

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=7
This commit is contained in:
Dominique Leuenberger 2019-06-14 06:34:53 +00:00 committed by Git OBS Bridge
parent 6fa52bddfa
commit a42b43aa4d
5 changed files with 166 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch Normal file
View File

@ -0,0 +1,120 @@
From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Wed, 3 Apr 2019 12:31:32 +0200
Subject: Fix for BIO_get_mem_ptr and related regressions
Patch-mainline: yes
Git-commit: b238fb79709a180ba9b4d837101c9f75e2978dc0
References: bnc#1136522
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8649)
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
---
crypto/bio/bss_mem.c | 40 ++++++++++++++++++++++++++++------------
1 file changed, 28 insertions(+), 12 deletions(-)
diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
index 89c54b2d53df..51fae3b2f0b9 100644
--- a/crypto/bio/bss_mem.c
+++ b/crypto/bio/bss_mem.c
@@ -57,7 +57,12 @@ static const BIO_METHOD secmem_method = {
NULL, /* mem_callback_ctrl */
};
-/* BIO memory stores buffer and read pointer */
+/*
+ * BIO memory stores buffer and read pointer
+ * however the roles are different for read only BIOs.
+ * In that case the readp just stores the original state
+ * to be used for reset.
+ */
typedef struct bio_buf_mem_st {
struct buf_mem_st *buf; /* allocated buffer */
struct buf_mem_st *readp; /* read pointer */
@@ -192,6 +197,8 @@ static int mem_read(BIO *b, char *out, int outl)
BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)b->ptr;
BUF_MEM *bm = bbm->readp;
+ if (b->flags & BIO_FLAGS_MEM_RDONLY)
+ bm = bbm->buf;
BIO_clear_retry_flags(b);
ret = (outl >= 0 && (size_t)outl > bm->length) ? (int)bm->length : outl;
if ((out != NULL) && (ret > 0)) {
@@ -241,29 +248,36 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)b->ptr;
BUF_MEM *bm;
+ if (b->flags & BIO_FLAGS_MEM_RDONLY)
+ bm = bbm->buf;
+ else
+ bm = bbm->readp;
+
switch (cmd) {
case BIO_CTRL_RESET:
bm = bbm->buf;
if (bm->data != NULL) {
- /* For read only case reset to the start again */
- if ((b->flags & BIO_FLAGS_MEM_RDONLY) || (b->flags & BIO_FLAGS_NONCLEAR_RST)) {
- bm->length = bm->max;
+ if (!(b->flags & BIO_FLAGS_MEM_RDONLY)) {
+ if (b->flags & BIO_FLAGS_NONCLEAR_RST) {
+ bm->length = bm->max;
+ } else {
+ memset(bm->data, 0, bm->max);
+ bm->length = 0;
+ }
+ *bbm->readp = *bbm->buf;
} else {
- memset(bm->data, 0, bm->max);
- bm->length = 0;
+ /* For read only case just reset to the start again */
+ *bbm->buf = *bbm->readp;
}
- *bbm->readp = *bbm->buf;
}
break;
case BIO_CTRL_EOF:
- bm = bbm->readp;
ret = (long)(bm->length == 0);
break;
case BIO_C_SET_BUF_MEM_EOF_RETURN:
b->num = (int)num;
break;
case BIO_CTRL_INFO:
- bm = bbm->readp;
ret = (long)bm->length;
if (ptr != NULL) {
pptr = (char **)ptr;
@@ -278,8 +292,9 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
break;
case BIO_C_GET_BUF_MEM_PTR:
if (ptr != NULL) {
- mem_buf_sync(b);
- bm = bbm->readp;
+ if (!(b->flags & BIO_FLAGS_MEM_RDONLY))
+ mem_buf_sync(b);
+ bm = bbm->buf;
pptr = (char **)ptr;
*pptr = (char *)bm;
}
@@ -294,7 +309,6 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
ret = 0L;
break;
case BIO_CTRL_PENDING:
- bm = bbm->readp;
ret = (long)bm->length;
break;
case BIO_CTRL_DUP:
@@ -318,6 +332,8 @@ static int mem_gets(BIO *bp, char *buf, int size)
BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)bp->ptr;
BUF_MEM *bm = bbm->readp;
+ if (bp->flags & BIO_FLAGS_MEM_RDONLY)
+ bm = bbm->buf;
BIO_clear_retry_flags(bp);
j = bm->length;
if ((size - 1) < j)
--
2.21.0

12
openssl-1_1.changes
View File

@ -1,3 +1,15 @@
-------------------------------------------------------------------
Tue May 28 08:21:52 UTC 2019 - Jiri Slaby <jslaby@suse.com>
- add 0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch
(bnc#1136522)
-------------------------------------------------------------------
Mon May 20 16:21:01 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
- Fix a crash caused by long locale messages (bsc#1135550)
* add openssl-fix_underflow_in_errstr_handling.patch
-------------------------------------------------------------------
Mon Mar 4 13:01:18 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>

3
openssl-1_1.spec
View File

@ -50,6 +50,9 @@ Patch8: 0002-crypto-chacha-asm-chacha-s390x.pl-add-vx-code-path.patch
Patch9: 0001-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch
# PATCH-FIX-UPSTREAM https://github.com/openssl/openssl/pull/8371
Patch10: openssl-fix-handling-of-GNU-strerror_r.patch
Patch11: openssl-fix_underflow_in_errstr_handling.patch
# PATCH-FIX-UPSTREAM https://github.com/openssl/openssl/pull/8649 bnc#1136522
Patch12: 0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch
BuildRequires: pkgconfig
Conflicts: ssl
Provides: ssl

14
openssl-fix-handling-of-GNU-strerror_r.patch
View File

@ -1,8 +1,8 @@
diff --git a/crypto/o_str.c b/crypto/o_str.c
index 02578dbf0d..3b271e745b 100644
--- a/crypto/o_str.c
+++ b/crypto/o_str.c
@@ -223,7 +223,26 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen)
Index: openssl-1.1.1b/crypto/o_str.c
===================================================================
--- openssl-1.1.1b.orig/crypto/o_str.c 2019-02-26 15:15:30.000000000 +0100
+++ openssl-1.1.1b/crypto/o_str.c 2019-05-20 17:06:07.956663953 +0200
@@ -223,7 +223,26 @@ int openssl_strerror_r(int errnum, char
#if defined(_MSC_VER) && _MSC_VER>=1400
return !strerror_s(buf, buflen, errnum);
#elif defined(_GNU_SOURCE)
@ -30,7 +30,7 @@ index 02578dbf0d..3b271e745b 100644
#elif (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || \
(defined(_XOPEN_SOURCE) && _XOPEN_SOURCE >= 600)
/*
@@ -234,6 +253,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen)
@@ -234,6 +253,7 @@ int openssl_strerror_r(int errnum, char
return !strerror_r(errnum, buf, buflen);
#else
char *err;
@ -38,7 +38,7 @@ index 02578dbf0d..3b271e745b 100644
/* Fall back to non-thread safe strerror()...its all we can do */
if (buflen < 2)
return 0;
@@ -241,8 +261,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen)
@@ -241,8 +261,7 @@ int openssl_strerror_r(int errnum, char
/* Can this ever happen? */
if (err == NULL)
return 0;

24
openssl-fix_underflow_in_errstr_handling.patch Normal file
View File

@ -0,0 +1,24 @@
Index: openssl-1.1.1b/crypto/err/err.c
===================================================================
--- openssl-1.1.1b.orig/crypto/err/err.c 2019-02-26 15:15:30.000000000 +0100
+++ openssl-1.1.1b/crypto/err/err.c 2019-05-21 21:14:31.211536069 +0200
@@ -185,7 +185,7 @@ static ERR_STRING_DATA *int_err_get_item
#ifndef OPENSSL_NO_ERR
/* A measurement on Linux 2018-11-21 showed about 3.5kib */
-# define SPACE_SYS_STR_REASONS 4 * 1024
+# define SPACE_SYS_STR_REASONS 8 * 1024
# define NUM_SYS_STR_REASONS 127
static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
@@ -225,8 +225,8 @@ static void build_SYS_str_reasons(void)
str->string = cur;
cnt += l;
- if (cnt > sizeof(strerror_pool))
- cnt = sizeof(strerror_pool);
+ if (cnt >= sizeof(strerror_pool))
+ cnt = sizeof(strerror_pool) - 1;
cur += l;
/*