diff --git a/openssl-1_1.changes b/openssl-1_1.changes index a8659bf..561cb4b 100644 --- a/openssl-1_1.changes +++ b/openssl-1_1.changes @@ -1,3 +1,36 @@ +------------------------------------------------------------------- +Fri Mar 1 13:28:03 UTC 2019 - Vítězslav Čížek + +- Use upstream-approved patch for the handling of strerror_r + * https://github.com/openssl/openssl/pull/8371 +- add openssl-fix-handling-of-GNU-strerror_r.patch +- drop strerror.patch + +------------------------------------------------------------------- +Thu Feb 28 13:37:55 UTC 2019 - Pedro Monreal Gonzalez + +- Update to 1.1.1b + * Added SCA hardening for modular field inversion in EC_GROUP + through a new dedicated field_inv() pointer in EC_METHOD. + * Change the info callback signals for the start and end of a post-handshake + message exchange in TLSv1.3. In 1.1.1/1.1.1a we used SSL_CB_HANDSHAKE_START + and SSL_CB_HANDSHAKE_DONE. Experience has shown that many applications get + confused by this and assume that a TLSv1.2 renegotiation has started. This + can break KeyUpdate handling. Instead we no longer signal the start and end + of a post handshake message exchange (although the messages themselves are + still signalled). This could break some applications that were expecting + the old signals. However without this KeyUpdate is not usable for many + applications. + * Fix a bug in the computation of the endpoint-pair shared secret used + by DTLS over SCTP. This breaks interoperability with older versions + of OpenSSL like OpenSSL 1.1.0 and OpenSSL 1.0.2. There is a runtime + switch SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG (off by default) enabling + interoperability with such broken implementations. However, enabling + this switch breaks interoperability with correct implementations. + * Fix a use after free bug in d2i_X509_PUBKEY when overwriting a + re-used X509_PUBKEY object if the second PUBKEY is malformed. + * Move strictness check from EVP_PKEY_asn1_new() to EVP_PKEY_asn1_add0() + ------------------------------------------------------------------- Thu Feb 28 12:10:33 UTC 2019 - Vítězslav Čížek diff --git a/openssl-1_1.spec b/openssl-1_1.spec index 5ef7220..0feba7d 100644 --- a/openssl-1_1.spec +++ b/openssl-1_1.spec @@ -48,7 +48,8 @@ Patch7: 0001-s390x-assembly-pack-perlasm-support.patch Patch8: 0002-crypto-chacha-asm-chacha-s390x.pl-add-vx-code-path.patch # PATCH-FIX-UPSTREAM FATE#326351 Add vectorized poly1305 implementation for s390x (https://github.com/openssl/openssl/pull/7991) Patch9: 0001-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch -Patch10: strerror.patch +# PATCH-FIX-UPSTREAM https://github.com/openssl/openssl/pull/8371 +Patch10: openssl-fix-handling-of-GNU-strerror_r.patch BuildRequires: bc BuildRequires: ed diff --git a/openssl-fix-handling-of-GNU-strerror_r.patch b/openssl-fix-handling-of-GNU-strerror_r.patch new file mode 100644 index 0000000..39b751a --- /dev/null +++ b/openssl-fix-handling-of-GNU-strerror_r.patch @@ -0,0 +1,50 @@ +diff --git a/crypto/o_str.c b/crypto/o_str.c +index 02578dbf0d..3b271e745b 100644 +--- a/crypto/o_str.c ++++ b/crypto/o_str.c +@@ -223,7 +223,26 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) + #if defined(_MSC_VER) && _MSC_VER>=1400 + return !strerror_s(buf, buflen, errnum); + #elif defined(_GNU_SOURCE) +- return strerror_r(errnum, buf, buflen) != NULL; ++ char *err; ++ ++ /* ++ * GNU strerror_r may not actually set buf. ++ * It can return a pointer to some (immutable) static string in which case ++ * buf is left unused. ++ */ ++ err = strerror_r(errnum, buf, buflen); ++ if (err == NULL) ++ return 0; ++ /* ++ * If err is statically allocated, err != buf and we need to copy the data. ++ * If err points somewhere inside buf, OPENSSL_strlcpy can handle this, ++ * since src and dest are not annotated with __restrict and the function ++ * reads src byte for byte and writes to dest. ++ * If err == buf we do not have to copy anything. ++ */ ++ if (err != buf) ++ OPENSSL_strlcpy(buf, err, buflen); ++ return 1; + #elif (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || \ + (defined(_XOPEN_SOURCE) && _XOPEN_SOURCE >= 600) + /* +@@ -234,6 +253,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) + return !strerror_r(errnum, buf, buflen); + #else + char *err; ++ + /* Fall back to non-thread safe strerror()...its all we can do */ + if (buflen < 2) + return 0; +@@ -241,8 +261,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) + /* Can this ever happen? */ + if (err == NULL) + return 0; +- strncpy(buf, err, buflen - 1); +- buf[buflen - 1] = '\0'; ++ OPENSSL_strlcpy(buf, err, buflen); + return 1; + #endif + } diff --git a/strerror.patch b/strerror.patch deleted file mode 100644 index 8769dfd..0000000 --- a/strerror.patch +++ /dev/null @@ -1,30 +0,0 @@ -Index: openssl-1.1.1b/crypto/o_str.c -=================================================================== ---- openssl-1.1.1b.orig/crypto/o_str.c 2019-02-26 15:15:30.000000000 +0100 -+++ openssl-1.1.1b/crypto/o_str.c 2019-02-28 13:07:50.382438959 +0100 -@@ -220,19 +220,6 @@ char *OPENSSL_buf2hexstr(const unsigned - - int openssl_strerror_r(int errnum, char *buf, size_t buflen) - { --#if defined(_MSC_VER) && _MSC_VER>=1400 -- return !strerror_s(buf, buflen, errnum); --#elif defined(_GNU_SOURCE) -- return strerror_r(errnum, buf, buflen) != NULL; --#elif (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || \ -- (defined(_XOPEN_SOURCE) && _XOPEN_SOURCE >= 600) -- /* -- * We can use "real" strerror_r. The OpenSSL version differs in that it -- * gives 1 on success and 0 on failure for consistency with other OpenSSL -- * functions. Real strerror_r does it the other way around -- */ -- return !strerror_r(errnum, buf, buflen); --#else - char *err; - /* Fall back to non-thread safe strerror()...its all we can do */ - if (buflen < 2) -@@ -244,5 +231,4 @@ int openssl_strerror_r(int errnum, char - strncpy(buf, err, buflen - 1); - buf[buflen - 1] = '\0'; - return 1; --#endif - }