From a42b43aa4dce9d7df3929a8dc9ca2973d23f56f63a15914cb180b092389ca2af Mon Sep 17 00:00:00 2001
From: Dominique Leuenberger <dleuenberger@suse.com>
Date: Fri, 14 Jun 2019 06:34:53 +0000
Subject: [PATCH] Merge the update into TW - the updtae won't happen quickly,
 as the maintainer submitted 1.1.1c

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=7
---
 ..._get_mem_ptr-and-related-regressions.patch | 120 ++++++++++++++++++
 openssl-1_1.changes                           |  12 ++
 openssl-1_1.spec                              |   3 +
 openssl-fix-handling-of-GNU-strerror_r.patch  |  14 +-
 ...ssl-fix_underflow_in_errstr_handling.patch |  24 ++++
 5 files changed, 166 insertions(+), 7 deletions(-)
 create mode 100644 0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch
 create mode 100644 openssl-fix_underflow_in_errstr_handling.patch

diff --git a/0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch b/0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch
new file mode 100644
index 0000000..61b2312
--- /dev/null
+++ b/0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch
@@ -0,0 +1,120 @@
+From: Tomas Mraz <tmraz@fedoraproject.org>
+Date: Wed, 3 Apr 2019 12:31:32 +0200
+Subject: Fix for BIO_get_mem_ptr and related regressions
+Patch-mainline: yes
+Git-commit: b238fb79709a180ba9b4d837101c9f75e2978dc0
+References: bnc#1136522
+
+Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
+Reviewed-by: Matt Caswell <matt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/8649)
+
+Signed-off-by: Jiri Slaby <jslaby@suse.cz>
+---
+ crypto/bio/bss_mem.c | 40 ++++++++++++++++++++++++++++------------
+ 1 file changed, 28 insertions(+), 12 deletions(-)
+
+diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
+index 89c54b2d53df..51fae3b2f0b9 100644
+--- a/crypto/bio/bss_mem.c
++++ b/crypto/bio/bss_mem.c
+@@ -57,7 +57,12 @@ static const BIO_METHOD secmem_method = {
+     NULL,                      /* mem_callback_ctrl */
+ };
+ 
+-/* BIO memory stores buffer and read pointer  */
++/*
++ * BIO memory stores buffer and read pointer
++ * however the roles are different for read only BIOs.
++ * In that case the readp just stores the original state
++ * to be used for reset.
++ */
+ typedef struct bio_buf_mem_st {
+     struct buf_mem_st *buf;   /* allocated buffer */
+     struct buf_mem_st *readp; /* read pointer */
+@@ -192,6 +197,8 @@ static int mem_read(BIO *b, char *out, int outl)
+     BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)b->ptr;
+     BUF_MEM *bm = bbm->readp;
+ 
++    if (b->flags & BIO_FLAGS_MEM_RDONLY)
++        bm = bbm->buf;
+     BIO_clear_retry_flags(b);
+     ret = (outl >= 0 && (size_t)outl > bm->length) ? (int)bm->length : outl;
+     if ((out != NULL) && (ret > 0)) {
+@@ -241,29 +248,36 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
+     BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)b->ptr;
+     BUF_MEM *bm;
+ 
++    if (b->flags & BIO_FLAGS_MEM_RDONLY)
++        bm = bbm->buf;
++    else
++        bm = bbm->readp;
++
+     switch (cmd) {
+     case BIO_CTRL_RESET:
+         bm = bbm->buf;
+         if (bm->data != NULL) {
+-            /* For read only case reset to the start again */
+-            if ((b->flags & BIO_FLAGS_MEM_RDONLY) || (b->flags & BIO_FLAGS_NONCLEAR_RST)) {
+-                bm->length = bm->max;
++            if (!(b->flags & BIO_FLAGS_MEM_RDONLY)) {
++                if (b->flags & BIO_FLAGS_NONCLEAR_RST) {
++                    bm->length = bm->max;
++                } else {
++                    memset(bm->data, 0, bm->max);
++                    bm->length = 0;
++                }
++                *bbm->readp = *bbm->buf;
+             } else {
+-                memset(bm->data, 0, bm->max);
+-                bm->length = 0;
++                /* For read only case just reset to the start again */
++                *bbm->buf = *bbm->readp;
+             }
+-            *bbm->readp = *bbm->buf;
+         }
+         break;
+     case BIO_CTRL_EOF:
+-        bm = bbm->readp;
+         ret = (long)(bm->length == 0);
+         break;
+     case BIO_C_SET_BUF_MEM_EOF_RETURN:
+         b->num = (int)num;
+         break;
+     case BIO_CTRL_INFO:
+-        bm = bbm->readp;
+         ret = (long)bm->length;
+         if (ptr != NULL) {
+             pptr = (char **)ptr;
+@@ -278,8 +292,9 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
+         break;
+     case BIO_C_GET_BUF_MEM_PTR:
+         if (ptr != NULL) {
+-            mem_buf_sync(b);
+-            bm = bbm->readp;
++            if (!(b->flags & BIO_FLAGS_MEM_RDONLY))
++                mem_buf_sync(b);
++            bm = bbm->buf;
+             pptr = (char **)ptr;
+             *pptr = (char *)bm;
+         }
+@@ -294,7 +309,6 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
+         ret = 0L;
+         break;
+     case BIO_CTRL_PENDING:
+-        bm = bbm->readp;
+         ret = (long)bm->length;
+         break;
+     case BIO_CTRL_DUP:
+@@ -318,6 +332,8 @@ static int mem_gets(BIO *bp, char *buf, int size)
+     BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)bp->ptr;
+     BUF_MEM *bm = bbm->readp;
+ 
++    if (bp->flags & BIO_FLAGS_MEM_RDONLY)
++        bm = bbm->buf;
+     BIO_clear_retry_flags(bp);
+     j = bm->length;
+     if ((size - 1) < j)
+-- 
+2.21.0
+
diff --git a/openssl-1_1.changes b/openssl-1_1.changes
index eaa4251..f6dd3da 100644
--- a/openssl-1_1.changes
+++ b/openssl-1_1.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Tue May 28 08:21:52 UTC 2019 - Jiri Slaby <jslaby@suse.com>
+
+- add 0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch
+  (bnc#1136522)
+
+-------------------------------------------------------------------
+Mon May 20 16:21:01 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
+
+- Fix a crash caused by long locale messages (bsc#1135550)
+  * add openssl-fix_underflow_in_errstr_handling.patch
+
 -------------------------------------------------------------------
 Mon Mar  4 13:01:18 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
 
diff --git a/openssl-1_1.spec b/openssl-1_1.spec
index 7080663..287c4ed 100644
--- a/openssl-1_1.spec
+++ b/openssl-1_1.spec
@@ -50,6 +50,9 @@ Patch8:         0002-crypto-chacha-asm-chacha-s390x.pl-add-vx-code-path.patch
 Patch9:         0001-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch
 # PATCH-FIX-UPSTREAM https://github.com/openssl/openssl/pull/8371
 Patch10:        openssl-fix-handling-of-GNU-strerror_r.patch
+Patch11:        openssl-fix_underflow_in_errstr_handling.patch
+# PATCH-FIX-UPSTREAM https://github.com/openssl/openssl/pull/8649 bnc#1136522
+Patch12:        0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch
 BuildRequires:  pkgconfig
 Conflicts:      ssl
 Provides:       ssl
diff --git a/openssl-fix-handling-of-GNU-strerror_r.patch b/openssl-fix-handling-of-GNU-strerror_r.patch
index 39b751a..1624159 100644
--- a/openssl-fix-handling-of-GNU-strerror_r.patch
+++ b/openssl-fix-handling-of-GNU-strerror_r.patch
@@ -1,8 +1,8 @@
-diff --git a/crypto/o_str.c b/crypto/o_str.c
-index 02578dbf0d..3b271e745b 100644
---- a/crypto/o_str.c
-+++ b/crypto/o_str.c
-@@ -223,7 +223,26 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen)
+Index: openssl-1.1.1b/crypto/o_str.c
+===================================================================
+--- openssl-1.1.1b.orig/crypto/o_str.c	2019-02-26 15:15:30.000000000 +0100
++++ openssl-1.1.1b/crypto/o_str.c	2019-05-20 17:06:07.956663953 +0200
+@@ -223,7 +223,26 @@ int openssl_strerror_r(int errnum, char
  #if defined(_MSC_VER) && _MSC_VER>=1400
      return !strerror_s(buf, buflen, errnum);
  #elif defined(_GNU_SOURCE)
@@ -30,7 +30,7 @@ index 02578dbf0d..3b271e745b 100644
  #elif (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || \
        (defined(_XOPEN_SOURCE) && _XOPEN_SOURCE >= 600)
      /*
-@@ -234,6 +253,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen)
+@@ -234,6 +253,7 @@ int openssl_strerror_r(int errnum, char
      return !strerror_r(errnum, buf, buflen);
  #else
      char *err;
@@ -38,7 +38,7 @@ index 02578dbf0d..3b271e745b 100644
      /* Fall back to non-thread safe strerror()...its all we can do */
      if (buflen < 2)
          return 0;
-@@ -241,8 +261,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen)
+@@ -241,8 +261,7 @@ int openssl_strerror_r(int errnum, char
      /* Can this ever happen? */
      if (err == NULL)
          return 0;
diff --git a/openssl-fix_underflow_in_errstr_handling.patch b/openssl-fix_underflow_in_errstr_handling.patch
new file mode 100644
index 0000000..557b994
--- /dev/null
+++ b/openssl-fix_underflow_in_errstr_handling.patch
@@ -0,0 +1,24 @@
+Index: openssl-1.1.1b/crypto/err/err.c
+===================================================================
+--- openssl-1.1.1b.orig/crypto/err/err.c	2019-02-26 15:15:30.000000000 +0100
++++ openssl-1.1.1b/crypto/err/err.c	2019-05-21 21:14:31.211536069 +0200
+@@ -185,7 +185,7 @@ static ERR_STRING_DATA *int_err_get_item
+ 
+ #ifndef OPENSSL_NO_ERR
+ /* A measurement on Linux 2018-11-21 showed about 3.5kib */
+-# define SPACE_SYS_STR_REASONS 4 * 1024
++# define SPACE_SYS_STR_REASONS 8 * 1024
+ # define NUM_SYS_STR_REASONS 127
+ 
+ static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
+@@ -225,8 +225,8 @@ static void build_SYS_str_reasons(void)
+ 
+                 str->string = cur;
+                 cnt += l;
+-                if (cnt > sizeof(strerror_pool))
+-                    cnt = sizeof(strerror_pool);
++                if (cnt >= sizeof(strerror_pool))
++                    cnt = sizeof(strerror_pool) - 1;
+                 cur += l;
+ 
+                 /*