Accepting request 363602 from Base:System

- update to 1.0.2g (bsc#968044) * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. Builds that are not configured with "enable-weak-ssl-ciphers" will not provide any "EXPORT" or "LOW" strength ciphers. * Disable SSLv2 default build, default negotiation and weak ciphers. SSLv2 is by default disabled at build-time. Builds that are not configured with "enable-ssl2" will not support SSLv2. Even if "enable-ssl2" is used, users who want to negotiate SSLv2 via the version-flexible SSLv23_method() will need to explicitly call either of: SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); or SSL_clear_options(ssl, SSL_OP_NO_SSLv2); (CVE-2016-0800) * Fix a double-free in DSA code (CVE-2016-0705) * Disable SRP fake user seed to address a server memory leak. Add a new method SRP_VBASE_get1_by_user that handles the seed properly. (CVE-2016-0798) * Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797) *) Side channel attack on modular exponentiation http://cachebleed.info. (CVE-2016-0702) *) Change the req app to generate a 2048-bit RSA/DSA key by default, if no keysize is specified with default_bits. This fixes an omission in an earlier change that changed all RSA/DSA key generation apps to use 2048 bits by default. (forwarded request 363599 from vitezslav_cizek) OBS-URL: https://build.opensuse.org/request/show/363602 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=130
2016-03-05 10:21:18 +00:00 · 2016-03-05 10:21:18 +00:00 · 2ebd052507
commit 2ebd052507
parent ed81eb44e1
9 changed files with 648 additions and 474 deletions
--- a/0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
+++ b/0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
@ -4,10 +4,10 @@ Date: Sun, 4 May 2014 23:36:54 -0400
 Subject: [PATCH] Axe builtin printf implementation, use glibc instead
-Index: openssl-1.0.2b/crypto/bio/b_print.c
+Index: openssl-1.0.2g/crypto/bio/b_print.c
 ===================================================================
--- openssl-1.0.2b.orig/crypto/bio/b_print.c	2015-06-11 15:01:06.000000000 +0200
+--- openssl-1.0.2g.orig/crypto/bio/b_print.c	2016-03-01 14:35:05.000000000 +0100
-+++ openssl-1.0.2b/crypto/bio/b_print.c	2015-06-11 17:50:00.893823977 +0200
+++ openssl-1.0.2g/crypto/bio/b_print.c	2016-03-01 15:26:55.597307479 +0100
@@ -56,17 +56,10 @@
  * [including the GNU Public Licence.]
  */
@ -28,7 +28,7 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 #include <stdio.h>
 #include <string.h>
 #include <ctype.h>
-@@ -79,668 +72,6 @@
+@@ -79,708 +72,6 @@
 #include <openssl/bn.h>         /* To get BN_LLONG properly defined */
 #include <openssl/bio.h>
@ -78,16 +78,16 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -# define LLONG long
 -#endif
 -
-static void fmtstr(char **, char **, size_t *, size_t *,
+-static int fmtstr(char **, char **, size_t *, size_t *,
-                   const char *, int, int, int);
+-                  const char *, int, int, int);
-static void fmtint(char **, char **, size_t *, size_t *,
+-static int fmtint(char **, char **, size_t *, size_t *,
-                   LLONG, int, int, int, int);
+-                  LLONG, int, int, int, int);
-static void fmtfp(char **, char **, size_t *, size_t *,
+-static int fmtfp(char **, char **, size_t *, size_t *,
-                  LDOUBLE, int, int, int);
+-                 LDOUBLE, int, int, int);
-static void doapr_outch(char **, char **, size_t *, size_t *, int);
+-static int doapr_outch(char **, char **, size_t *, size_t *, int);
-static void _dopr(char **sbuffer, char **buffer,
+-static int _dopr(char **sbuffer, char **buffer,
-                  size_t *maxlen, size_t *retlen, int *truncated,
+-                 size_t *maxlen, size_t *retlen, int *truncated,
-                  const char *format, va_list args);
+-                 const char *format, va_list args);
 -
 -/* format read states */
 -#define DP_S_DEFAULT    0
@ -118,7 +118,7 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -#define char_to_int(p) (p - '0')
 -#define OSSL_MAX(p,q) ((p >= q) ? p : q)
 -
-static void
+-static int
 -_dopr(char **sbuffer,
 -      char **buffer,
 -      size_t *maxlen,
@ -149,7 +149,8 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -            if (ch == '%')
 -                state = DP_S_FLAGS;
 -            else
-                doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
+-                if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
 -                    return 0;
 -            ch = *format++;
 -            break;
 -        case DP_S_FLAGS:
@ -255,8 +256,9 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -                    value = va_arg(args, int);
 -                    break;
 -                }
-                fmtint(sbuffer, buffer, &currlen, maxlen,
+-                if (!fmtint(sbuffer, buffer, &currlen, maxlen, value, 10, min,
-                       value, 10, min, max, flags);
+-                            max, flags))
 -                    return 0;
 -                break;
 -            case 'X':
 -                flags |= DP_F_UP;
@ -279,17 +281,19 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -                    value = (LLONG) va_arg(args, unsigned int);
 -                    break;
 -                }
-                fmtint(sbuffer, buffer, &currlen, maxlen, value,
+-                if (!fmtint(sbuffer, buffer, &currlen, maxlen, value,
-                       ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
+-                            ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
-                       min, max, flags);
+-                            min, max, flags))
 -                    return 0;
 -                break;
 -            case 'f':
 -                if (cflags == DP_C_LDOUBLE)
 -                    fvalue = va_arg(args, LDOUBLE);
 -                else
 -                    fvalue = va_arg(args, double);
-                fmtfp(sbuffer, buffer, &currlen, maxlen,
+-                if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
-                      fvalue, min, max, flags);
+-                           flags))
 -                    return 0;
 -                break;
 -            case 'E':
 -                flags |= DP_F_UP;
@ -308,8 +312,9 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -                    fvalue = va_arg(args, double);
 -                break;
 -            case 'c':
-                doapr_outch(sbuffer, buffer, &currlen, maxlen,
+-                if(!doapr_outch(sbuffer, buffer, &currlen, maxlen,
-                            va_arg(args, int));
+-                            va_arg(args, int)))
 -                    return 0;
 -                break;
 -            case 's':
 -                strvalue = va_arg(args, char *);
@ -319,13 +324,15 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -                    else
 -                        max = *maxlen;
 -                }
-                fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
+-                if (!fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
-                       flags, min, max);
+-                            flags, min, max))
 -                    return 0;
 -                break;
 -            case 'p':
 -                value = (long)va_arg(args, void *);
-                fmtint(sbuffer, buffer, &currlen, maxlen,
+-                if (!fmtint(sbuffer, buffer, &currlen, maxlen,
-                       value, 16, min, max, flags | DP_F_NUM);
+-                            value, 16, min, max, flags | DP_F_NUM))
 -                    return 0;
 -                break;
 -            case 'n':          /* XXX */
 -                if (cflags == DP_C_SHORT) {
@ -347,7 +354,8 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -                }
 -                break;
 -            case '%':
-                doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
+-                if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
 -                    return 0;
 -                break;
 -            case 'w':
 -                /* not supported yet, treat as next char */
@ -371,46 +379,56 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -    *truncated = (currlen > *maxlen - 1);
 -    if (*truncated)
 -        currlen = *maxlen - 1;
-    doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0');
+-    if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
 -        return 0;
 -    *retlen = currlen - 1;
-    return;
+-    return 1;
 -}
 -
-static void
+-static int
 -fmtstr(char **sbuffer,
 -       char **buffer,
 -       size_t *currlen,
 -       size_t *maxlen, const char *value, int flags, int min, int max)
 -{
-    int padlen, strln;
+-    int padlen;
 -    size_t strln;
 -    int cnt = 0;
 -
 -    if (value == 0)
 -        value = "<NULL>";
-    for (strln = 0; value[strln]; ++strln) ;
+-
 -    strln = strlen(value);
 -    if (strln > INT_MAX)
 -        strln = INT_MAX;
 -
 -    padlen = min - strln;
-    if (padlen < 0)
+-    if (min < 0 || padlen < 0)
 -        padlen = 0;
 -    if (flags & DP_F_MINUS)
 -        padlen = -padlen;
 -
 -    while ((padlen > 0) && (cnt < max)) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
 -            return 0;
 -        --padlen;
 -        ++cnt;
 -    }
 -    while (*value && (cnt < max)) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, *value++);
+-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *value++))
 -            return 0;
 -        ++cnt;
 -    }
 -    while ((padlen < 0) && (cnt < max)) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
 -            return 0;
 -        ++padlen;
 -        ++cnt;
 -    }
 -    return 1;
 -}
 -
-static void
+-static int
 -fmtint(char **sbuffer,
 -       char **buffer,
 -       size_t *currlen,
@ -470,37 +488,44 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -
 -    /* spaces */
 -    while (spadlen > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
 -            return 0;
 -        --spadlen;
 -    }
 -
 -    /* sign */
 -    if (signvalue)
-        doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
+-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
 -            return 0;
 -
 -    /* prefix */
 -    while (*prefix) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix);
+-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix))
 -            return 0;
 -        prefix++;
 -    }
 -
 -    /* zeros */
 -    if (zpadlen > 0) {
 -        while (zpadlen > 0) {
-            doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
+-            if(!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
 -                return 0;
 -            --zpadlen;
 -        }
 -    }
 -    /* digits */
-    while (place > 0)
+-    while (place > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]);
+-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]))
 -            return 0;
 -    }
 -
 -    /* left justified spaces */
 -    while (spadlen < 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
 -            return 0;
 -        ++spadlen;
 -    }
-    return;
+-    return 1;
 -}
 -
 -static LDOUBLE abs_val(LDOUBLE value)
@ -531,7 +556,7 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -    return intpart;
 -}
 -
-static void
+-static int
 -fmtfp(char **sbuffer,
 -      char **buffer,
 -      size_t *currlen,
@ -610,47 +635,61 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -
 -    if ((flags & DP_F_ZERO) && (padlen > 0)) {
 -        if (signvalue) {
-            doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
+-            if (!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
 -                return 0;
 -            --padlen;
 -            signvalue = 0;
 -        }
 -        while (padlen > 0) {
-            doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
+-            if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
 -                return 0;
 -            --padlen;
 -        }
 -    }
 -    while (padlen > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
 -            return 0;
 -        --padlen;
 -    }
-    if (signvalue)
+-    if (signvalue && !doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
-        doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
+-        return 0;
 -
-    while (iplace > 0)
+-    while (iplace > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]);
+-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]))
 -            return 0;
 -    }
 -
 -    /*
 -     * Decimal point. This should probably use locale to find the correct
 -     * char to print out.
 -     */
 -    if (max > 0 || (flags & DP_F_NUM)) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, '.');
+-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '.'))
 -            return 0;
 -
-        while (fplace > 0)
+-        while (fplace > 0) {
-            doapr_outch(sbuffer, buffer, currlen, maxlen, fconvert[--fplace]);
+-            if(!doapr_outch(sbuffer, buffer, currlen, maxlen,
 -                            fconvert[--fplace]))
 -                return 0;
 -        }
 -    }
 -    while (zpadlen > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
+-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
 -            return 0;
 -        --zpadlen;
 -    }
 -
 -    while (padlen < 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
 -            return 0;
 -        ++padlen;
 -    }
 -    return 1;
 -}
 -
-static void
+-#define BUFFER_INC  1024
 -
 -static int
 -doapr_outch(char **sbuffer,
 -            char **buffer, size_t *currlen, size_t *maxlen, int c)
 -{
@ -661,24 +700,25 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -    assert(*currlen <= *maxlen);
 -
 -    if (buffer && *currlen == *maxlen) {
-        *maxlen += 1024;
+-        if (*maxlen > INT_MAX - BUFFER_INC)
 -            return 0;
 -
 -        *maxlen += BUFFER_INC;
 -        if (*buffer == NULL) {
 -            *buffer = OPENSSL_malloc(*maxlen);
-            if (!*buffer) {
+-            if (*buffer == NULL)
-                /* Panic! Can't really do anything sensible. Just return */
+-                return 0;
 -                return;
 -            }
 -            if (*currlen > 0) {
 -                assert(*sbuffer != NULL);
 -                memcpy(*buffer, *sbuffer, *currlen);
 -            }
 -            *sbuffer = NULL;
 -        } else {
-            *buffer = OPENSSL_realloc(*buffer, *maxlen);
+-            char *tmpbuf;
-            if (!*buffer) {
+-            tmpbuf = OPENSSL_realloc(*buffer, *maxlen);
-                /* Panic! Can't really do anything sensible. Just return */
+-            if (tmpbuf == NULL)
-                return;
+-                return 0;
-            }
+-            *buffer = tmpbuf;
 -        }
 -    }
 -
@ -689,7 +729,7 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -            (*buffer)[(*currlen)++] = (char)c;
 -    }
 -
-    return;
+-    return 1;
 -}
 -
 -/***************************************************************************/
@ -697,7 +737,7 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 int BIO_printf(BIO *bio, const char *format, ...)
 {
     va_list args;
-@@ -754,28 +85,36 @@ int BIO_printf(BIO *bio, const char *for
+@@ -794,32 +85,36 @@ int BIO_printf(BIO *bio, const char *for
     return (ret);
 }
@ -726,7 +766,11 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -
 -    dynbuf = NULL;
 -    CRYPTO_push_info("doapr()");
-    _dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format, args);
+-    if (!_dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format,
 -                args)) {
 -        OPENSSL_free(dynbuf);
 -        return -1;
 -    }
 -    if (dynbuf) {
 -        ret = BIO_write(bio, dynbuf, (int)retlen);
 -        OPENSSL_free(dynbuf);
@ -753,7 +797,7 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
     return (ret);
 }
-@@ -791,28 +130,22 @@ int BIO_snprintf(char *buf, size_t n, co
+@@ -835,29 +130,21 @@ int BIO_snprintf(char *buf, size_t n, co
     int ret;
     va_start(args, format);
@ -772,10 +816,13 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -    size_t retlen;
 -    int truncated;
 +    int ret;
 -    _dopr(&buf, NULL, &n, &retlen, &truncated, format, args);
 +    ret = vsnprintf(buf, n, format, args);
 -    if(!_dopr(&buf, NULL, &n, &retlen, &truncated, format, args))
 -        return -1;
 +    if (ret >= n || ret == -1)
 +        return (-1);
 -    if (truncated)
 -        /*
 -         * In case of truncation, return -1 like traditional snprintf.
@ -786,8 +833,5 @@ Index: openssl-1.0.2b/crypto/bio/b_print.c
 -        return -1;
 -    else
 -        return (retlen <= INT_MAX) ? (int)retlen : -1;
 +    if (ret >= n || ret == -1)
 +        return (-1);
 +
 +    return (ret);
 }
--- a/openssl-1.0.2a-new-fips-reqs.patch
+++ b/openssl-1.0.2a-new-fips-reqs.patch
@ -1,7 +1,8 @@
-diff -up openssl-1.0.2a/crypto/bn/bn_rand.c.fips-reqs openssl-1.0.2a/crypto/bn/bn_rand.c
+Index: openssl-1.0.2f/crypto/bn/bn_rand.c
--- openssl-1.0.2a/crypto/bn/bn_rand.c.fips-reqs	2015-03-19 14:19:00.000000000 +0100
+===================================================================
-+++ openssl-1.0.2a/crypto/bn/bn_rand.c	2015-04-22 15:06:37.907003880 +0200
+--- openssl-1.0.2f.orig/crypto/bn/bn_rand.c	2016-01-28 14:38:30.000000000 +0100
-@@ -136,9 +136,11 @@ static int bnrand(int pseudorand, BIGNUM
+++ openssl-1.0.2f/crypto/bn/bn_rand.c	2016-01-28 15:59:54.945269236 +0100
@@ -141,9 +141,11 @@ static int bnrand(int pseudorand, BIGNUM
         goto err;
     }
@ -16,9 +17,10 @@ diff -up openssl-1.0.2a/crypto/bn/bn_rand.c.fips-reqs openssl-1.0.2a/crypto/bn/b
     if (pseudorand) {
         if (RAND_pseudo_bytes(buf, bytes) == -1)
-diff -up openssl-1.0.2a/crypto/dh/dh_gen.c.fips-reqs openssl-1.0.2a/crypto/dh/dh_gen.c
+Index: openssl-1.0.2f/crypto/dh/dh_gen.c
--- openssl-1.0.2a/crypto/dh/dh_gen.c.fips-reqs	2015-04-22 15:06:37.840002285 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/dh/dh_gen.c	2015-04-22 15:06:37.907003880 +0200
+--- openssl-1.0.2f.orig/crypto/dh/dh_gen.c	2016-01-28 15:59:54.912268693 +0100
 +++ openssl-1.0.2f/crypto/dh/dh_gen.c	2016-01-28 15:59:54.945269236 +0100
@@ -128,7 +128,7 @@ static int dh_builtin_genparams(DH *ret,
         return 0;
     }
@ -28,9 +30,10 @@ diff -up openssl-1.0.2a/crypto/dh/dh_gen.c.fips-reqs openssl-1.0.2a/crypto/dh/dh
         DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL);
         goto err;
     }
-diff -up openssl-1.0.2a/crypto/dh/dh.h.fips-reqs openssl-1.0.2a/crypto/dh/dh.h
+Index: openssl-1.0.2f/crypto/dh/dh.h
--- openssl-1.0.2a/crypto/dh/dh.h.fips-reqs	2015-04-22 15:06:37.908003903 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/dh/dh.h	2015-04-22 15:07:25.265130812 +0200
+--- openssl-1.0.2f.orig/crypto/dh/dh.h	2016-01-28 15:59:54.912268693 +0100
 +++ openssl-1.0.2f/crypto/dh/dh.h	2016-01-28 15:59:54.945269236 +0100
@@ -78,6 +78,7 @@
 # endif
@ -39,44 +42,11 @@ diff -up openssl-1.0.2a/crypto/dh/dh.h.fips-reqs openssl-1.0.2a/crypto/dh/dh.h
 # define DH_FLAG_CACHE_MONT_P     0x01
-diff -up openssl-1.0.2a/crypto/dh/dh_check.c.fips-reqs openssl-1.0.2a/crypto/dh/dh_check.c
+Index: openssl-1.0.2f/crypto/dsa/dsa_gen.c
--- openssl-1.0.2a/crypto/dh/dh_check.c.fips-reqs	2015-03-19 14:30:36.000000000 +0100
+===================================================================
-+++ openssl-1.0.2a/crypto/dh/dh_check.c	2015-04-22 15:06:37.908003903 +0200
+--- openssl-1.0.2f.orig/crypto/dsa/dsa_gen.c	2016-01-28 15:59:54.913268710 +0100
-@@ -164,7 +164,30 @@ int DH_check_pub_key(const DH *dh, const
+++ openssl-1.0.2f/crypto/dsa/dsa_gen.c	2016-01-28 15:59:54.945269236 +0100
-     BN_sub_word(q, 1);
+@@ -157,9 +157,11 @@ int dsa_builtin_paramgen(DSA *ret, size_
     if (BN_cmp(pub_key, q) >= 0)
         *ret |= DH_CHECK_PUBKEY_TOO_LARGE;
 +#ifdef OPENSSL_FIPS
 +    if (FIPS_mode() && dh->q != NULL) {
 +        BN_CTX *ctx = NULL;
 +        ctx = BN_CTX_new();
 +        if (ctx == NULL)
 +            goto err;
 +
 +        if (BN_mod_exp_mont(q, pub_key, dh->q, dh->p, ctx, NULL) <= 0) {
 +            BN_CTX_free(ctx);
 +            goto err;
 +        }
 +        if (!BN_is_one(q)) {
 +            /* it would be more correct to add new return flag 
 +             * for this test, but we do not want to do it
 +             * so just error out
 +             */
 +            BN_CTX_free(ctx);
 +            goto err;
 +        }
 +
 +        BN_CTX_free(ctx);
 +    }
 +#endif
     ok = 1;
  err:
     if (q != NULL)
 diff -up openssl-1.0.2a/crypto/dsa/dsa_gen.c.fips-reqs openssl-1.0.2a/crypto/dsa/dsa_gen.c
 --- openssl-1.0.2a/crypto/dsa/dsa_gen.c.fips-reqs	2015-04-22 15:06:37.841002309 +0200
 +++ openssl-1.0.2a/crypto/dsa/dsa_gen.c	2015-04-22 15:06:37.908003903 +0200
@@ -165,9 +165,11 @@ int dsa_builtin_paramgen(DSA *ret, size_
     }
     if (FIPS_module_mode() &&
@ -91,9 +61,10 @@ diff -up openssl-1.0.2a/crypto/dsa/dsa_gen.c.fips-reqs openssl-1.0.2a/crypto/dsa
         DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN, DSA_R_KEY_SIZE_INVALID);
         goto err;
     }
-diff -up openssl-1.0.2a/crypto/dsa/dsa.h.fips-reqs openssl-1.0.2a/crypto/dsa/dsa.h
+Index: openssl-1.0.2f/crypto/dsa/dsa.h
--- openssl-1.0.2a/crypto/dsa/dsa.h.fips-reqs	2015-04-22 15:06:37.908003903 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/dsa/dsa.h	2015-04-22 15:09:01.291415852 +0200
+--- openssl-1.0.2f.orig/crypto/dsa/dsa.h	2016-01-28 15:59:54.913268710 +0100
 +++ openssl-1.0.2f/crypto/dsa/dsa.h	2016-01-28 15:59:54.946269253 +0100
@@ -89,6 +89,7 @@
 # endif
@ -114,10 +85,11 @@ diff -up openssl-1.0.2a/crypto/dsa/dsa.h.fips-reqs openssl-1.0.2a/crypto/dsa/dsa
  * Rabin-Miller
  */
 # define DSA_is_prime(n, callback, cb_arg) \
-diff -up openssl-1.0.2a/crypto/dsa/dsa_key.c.fips-reqs openssl-1.0.2a/crypto/dsa/dsa_key.c
+Index: openssl-1.0.2f/crypto/dsa/dsa_key.c
--- openssl-1.0.2a/crypto/dsa/dsa_key.c.fips-reqs	2015-04-22 15:06:37.905003832 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/dsa/dsa_key.c	2015-04-22 15:06:37.908003903 +0200
+--- openssl-1.0.2f.orig/crypto/dsa/dsa_key.c	2016-01-28 15:59:54.913268710 +0100
-@@ -125,7 +125,7 @@ static int dsa_builtin_keygen(DSA *dsa)
+++ openssl-1.0.2f/crypto/dsa/dsa_key.c	2016-01-28 15:59:54.946269253 +0100
@@ -120,7 +120,7 @@ static int dsa_builtin_keygen(DSA *dsa)
 # ifdef OPENSSL_FIPS
     if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)
@ -126,10 +98,11 @@ diff -up openssl-1.0.2a/crypto/dsa/dsa_key.c.fips-reqs openssl-1.0.2a/crypto/dsa
         DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL);
         goto err;
     }
-diff -up openssl-1.0.2a/crypto/fips/fips.c.fips-reqs openssl-1.0.2a/crypto/fips/fips.c
+Index: openssl-1.0.2f/crypto/fips/fips.c
--- openssl-1.0.2a/crypto/fips/fips.c.fips-reqs	2015-04-22 15:06:37.905003832 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/fips/fips.c	2015-04-22 15:06:37.909003927 +0200
+--- openssl-1.0.2f.orig/crypto/fips/fips.c	2016-01-28 15:59:54.939269138 +0100
-@@ -424,26 +424,24 @@ int FIPS_module_mode_set(int onoff, cons
+++ openssl-1.0.2f/crypto/fips/fips.c	2016-01-28 15:59:54.946269253 +0100
@@ -418,26 +418,24 @@ int FIPS_module_mode_set(int onoff, cons
                 ret = 0;
                 goto end;
             }
@ -162,9 +135,10 @@ diff -up openssl-1.0.2a/crypto/fips/fips.c.fips-reqs openssl-1.0.2a/crypto/fips/
         ret = 1;
         goto end;
     }
-diff -up openssl-1.0.2a/crypto/fips/fips_dh_selftest.c.fips-reqs openssl-1.0.2a/crypto/fips/fips_dh_selftest.c
+Index: openssl-1.0.2f/crypto/fips/fips_dh_selftest.c
--- openssl-1.0.2a/crypto/fips/fips_dh_selftest.c.fips-reqs	2015-04-22 15:06:37.909003927 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/fips/fips_dh_selftest.c	2015-04-22 15:06:37.909003927 +0200
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
 +++ openssl-1.0.2f/crypto/fips/fips_dh_selftest.c	2016-01-28 15:59:54.946269253 +0100
@@ -0,0 +1,162 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@ -328,9 +302,10 @@ diff -up openssl-1.0.2a/crypto/fips/fips_dh_selftest.c.fips-reqs openssl-1.0.2a/
 +    return ret;
 +}
 +#endif
-diff -up openssl-1.0.2a/crypto/fips/fips.h.fips-reqs openssl-1.0.2a/crypto/fips/fips.h
+Index: openssl-1.0.2f/crypto/fips/fips.h
--- openssl-1.0.2a/crypto/fips/fips.h.fips-reqs	2015-04-22 15:06:37.899003689 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/fips/fips.h	2015-04-22 15:06:37.909003927 +0200
+--- openssl-1.0.2f.orig/crypto/fips/fips.h	2016-01-28 15:59:54.939269138 +0100
 +++ openssl-1.0.2f/crypto/fips/fips.h	2016-01-28 15:59:54.946269253 +0100
@@ -96,6 +96,7 @@ extern "C" {
     int FIPS_selftest_dsa(void);
     int FIPS_selftest_ecdsa(void);
@ -339,9 +314,10 @@ diff -up openssl-1.0.2a/crypto/fips/fips.h.fips-reqs openssl-1.0.2a/crypto/fips/
     void FIPS_corrupt_rng(void);
     void FIPS_rng_stick(void);
     void FIPS_x931_stick(int onoff);
-diff -up openssl-1.0.2a/crypto/fips/fips_post.c.fips-reqs openssl-1.0.2a/crypto/fips/fips_post.c
+Index: openssl-1.0.2f/crypto/fips/fips_post.c
--- openssl-1.0.2a/crypto/fips/fips_post.c.fips-reqs	2015-04-22 15:06:37.895003594 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/fips/fips_post.c	2015-04-22 15:06:37.909003927 +0200
+--- openssl-1.0.2f.orig/crypto/fips/fips_post.c	2016-01-28 15:59:54.933269039 +0100
 +++ openssl-1.0.2f/crypto/fips/fips_post.c	2016-01-28 15:59:54.946269253 +0100
@@ -99,6 +99,8 @@ int FIPS_selftest(void)
         rv = 0;
     if (!FIPS_selftest_dsa())
@ -351,9 +327,10 @@ diff -up openssl-1.0.2a/crypto/fips/fips_post.c.fips-reqs openssl-1.0.2a/crypto/
     if (!FIPS_selftest_ecdh())
         rv = 0;
     return rv;
-diff -up openssl-1.0.2a/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.2a/crypto/fips/fips_rsa_selftest.c
+Index: openssl-1.0.2f/crypto/fips/fips_rsa_selftest.c
--- openssl-1.0.2a/crypto/fips/fips_rsa_selftest.c.fips-reqs	2015-04-22 15:06:37.854002618 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/fips/fips_rsa_selftest.c	2015-04-22 15:06:37.910003951 +0200
+--- openssl-1.0.2f.orig/crypto/fips/fips_rsa_selftest.c	2016-01-28 15:59:54.920268825 +0100
 +++ openssl-1.0.2f/crypto/fips/fips_rsa_selftest.c	2016-01-28 15:59:54.947269270 +0100
@@ -60,68 +60,107 @@
 #ifdef OPENSSL_FIPS
@ -1008,9 +985,10 @@ diff -up openssl-1.0.2a/crypto/fips/fips_rsa_selftest.c.fips-reqs openssl-1.0.2a
         RSA_free(key);
     return ret;
 }
-diff -up openssl-1.0.2a/crypto/fips/Makefile.fips-reqs openssl-1.0.2a/crypto/fips/Makefile
+Index: openssl-1.0.2f/crypto/fips/Makefile
--- openssl-1.0.2a/crypto/fips/Makefile.fips-reqs	2015-04-22 15:06:37.895003594 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/fips/Makefile	2015-04-22 15:06:37.910003951 +0200
+--- openssl-1.0.2f.orig/crypto/fips/Makefile	2016-01-28 15:59:54.933269039 +0100
 +++ openssl-1.0.2f/crypto/fips/Makefile	2016-01-28 15:59:54.947269270 +0100
@@ -24,13 +24,15 @@ LIBSRC=fips_aes_selftest.c fips_des_self
     fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c  fips_rand.c \
     fips_rsa_x931g.c fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \
@ -1029,9 +1007,10 @@ diff -up openssl-1.0.2a/crypto/fips/Makefile.fips-reqs openssl-1.0.2a/crypto/fip
 LIBCRYPTO=-L.. -lcrypto
-diff -up openssl-1.0.2a/crypto/rand/rand_lcl.h.fips-reqs openssl-1.0.2a/crypto/rand/rand_lcl.h
+Index: openssl-1.0.2f/crypto/rand/rand_lcl.h
--- openssl-1.0.2a/crypto/rand/rand_lcl.h.fips-reqs	2015-04-22 15:06:37.599996574 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/rand/rand_lcl.h	2015-04-22 15:06:37.910003951 +0200
+--- openssl-1.0.2f.orig/crypto/rand/rand_lcl.h	2016-01-28 14:38:31.000000000 +0100
 +++ openssl-1.0.2f/crypto/rand/rand_lcl.h	2016-01-28 15:59:54.947269270 +0100
@@ -112,7 +112,7 @@
 #ifndef HEADER_RAND_LCL_H
 # define HEADER_RAND_LCL_H
@ -1041,9 +1020,10 @@ diff -up openssl-1.0.2a/crypto/rand/rand_lcl.h.fips-reqs openssl-1.0.2a/crypto/r
 # if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
 #  if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-diff -up openssl-1.0.2a/crypto/rand/rand_lib.c.fips-reqs openssl-1.0.2a/crypto/rand/rand_lib.c
+Index: openssl-1.0.2f/crypto/rand/rand_lib.c
--- openssl-1.0.2a/crypto/rand/rand_lib.c.fips-reqs	2015-03-19 14:19:00.000000000 +0100
+===================================================================
-+++ openssl-1.0.2a/crypto/rand/rand_lib.c	2015-04-22 15:06:37.910003951 +0200
+--- openssl-1.0.2f.orig/crypto/rand/rand_lib.c	2016-01-28 14:38:31.000000000 +0100
 +++ openssl-1.0.2f/crypto/rand/rand_lib.c	2016-01-28 15:59:54.947269270 +0100
@@ -236,12 +236,22 @@ static int drbg_rand_add(DRBG_CTX *ctx,
                          double entropy)
 {
@ -1067,9 +1047,10 @@ diff -up openssl-1.0.2a/crypto/rand/rand_lib.c.fips-reqs openssl-1.0.2a/crypto/r
     return 1;
 }
-diff -up openssl-1.0.2a/crypto/rsa/rsa_gen.c.fips-reqs openssl-1.0.2a/crypto/rsa/rsa_gen.c
+Index: openssl-1.0.2f/crypto/rsa/rsa_gen.c
--- openssl-1.0.2a/crypto/rsa/rsa_gen.c.fips-reqs	2015-04-22 15:06:37.858002714 +0200
+===================================================================
-+++ openssl-1.0.2a/crypto/rsa/rsa_gen.c	2015-04-22 15:06:37.910003951 +0200
+--- openssl-1.0.2f.orig/crypto/rsa/rsa_gen.c	2016-01-28 15:59:54.923268874 +0100
 +++ openssl-1.0.2f/crypto/rsa/rsa_gen.c	2016-01-28 15:59:54.947269270 +0100
@@ -1,5 +1,6 @@
 /* crypto/rsa/rsa_gen.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@ -1371,9 +1352,10 @@ diff -up openssl-1.0.2a/crypto/rsa/rsa_gen.c.fips-reqs openssl-1.0.2a/crypto/rsa
     ok = 1;
  err:
     if (ok == -1) {
-diff -up openssl-1.0.2a/ssl/t1_enc.c.fips-reqs openssl-1.0.2a/ssl/t1_enc.c
+Index: openssl-1.0.2f/ssl/t1_enc.c
--- openssl-1.0.2a/ssl/t1_enc.c.fips-reqs	2015-03-19 14:30:36.000000000 +0100
+===================================================================
-+++ openssl-1.0.2a/ssl/t1_enc.c	2015-04-22 15:06:37.911003975 +0200
+--- openssl-1.0.2f.orig/ssl/t1_enc.c	2016-01-28 14:56:08.000000000 +0100
 +++ openssl-1.0.2f/ssl/t1_enc.c	2016-01-28 15:59:54.947269270 +0100
@@ -292,6 +292,23 @@ static int tls1_PRF(long digest_mask,
     return ret;
 }
--- a/openssl-1.0.2e-fips.patch
+++ b/openssl-1.0.2e-fips.patch
--- a/openssl-1.0.2e.tar.gz
+++ b/openssl-1.0.2e.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:e23ccafdb75cfcde782da0151731aa2185195ac745eea3846133f2e05c0e0bff
 size 5256555
--- a/openssl-1.0.2e.tar.gz.asc
+++ b/openssl-1.0.2e.tar.gz.asc
@ -1,11 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 iQEcBAABAgAGBQJWYIyiAAoJENnE0m0OYESRdSwIAIlfOOvtTaKbsY1gDhM8LaAM
 gC2HYR18ipcz0ZdZzNch/mGy8gpVNmBWDhWzTd5Yz0AHRFX0fpOX7QZXHozV/QaB
 2LmQ9N1QbztqSq0MW+2VCX31BR79wWYHVQF4A9QT7MOwCSA3RhGfEiZiIHNNloRa
 j55Dpe0CMVdpdQc2WxlUC1A8O837bwr6ruPxctneJAvHK/XyeS/ta7a4eI8UQxMS
 zkBNlsuiWQRzlAqMyiAkqu9NBkuLdBhP5Gkh2D8XP/yt1KwECFJiyAc0PFXTMILi
 cNG5KdPe3tN3xCgR38k4/DKRNi4F1IVoe5YE7sk7U2wmG4dc5Z/9zGCTx+2atc0=
 =PIJl
 -----END PGP SIGNATURE-----
--- a/openssl-1.0.2g.tar.gz
+++ b/openssl-1.0.2g.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33
 size 5266102
--- a/openssl-1.0.2g.tar.gz.asc
+++ b/openssl-1.0.2g.tar.gz.asc
@ -0,0 +1,11 @@
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 iQEcBAABAgAGBQJW1Zr6AAoJENnE0m0OYESRRpkH/0SkDJcp4rvICbxuaD9jyJCa
 UJLH3vSMfJ9QNMdIp8yemixGSvjr0mPhFOcZPysXRZo88IwuIV0+Q5I7hvCQ0PSt
 YH/HzBZO0eShhUyDxb397odbbhsAkZFJytT+EXdFqd0HJLtWuPxaBF0WPgkklOQC
 3R/sv+M8FAaZiIbdBwNv1FNgGG26T4up0RgV0ETpXXv9Da+AViGrefA5szKAj9aL
 SOCRuUnzQO7ohSh5AZvgHylh1m7CGpH4MIyoAtNFtyogukO3yS3CzZ1iFcjsdHDn
 sDIRZ18a5JOX/vWU0OmUXGhF7XXV93S1/1mKAAEXRJZOxzrneFuyv5b61t/xXCE=
 =/pDQ
 -----END PGP SIGNATURE-----
--- a/openssl.changes
+++ b/openssl.changes
@ -1,3 +1,58 @@
 -------------------------------------------------------------------
 Tue Mar  1 14:40:18 UTC 2016 - vcizek@suse.com
 - update to 1.0.2g (bsc#968044)
  * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
    Builds that are not configured with "enable-weak-ssl-ciphers" will not
    provide any "EXPORT" or "LOW" strength ciphers.
  * Disable SSLv2 default build, default negotiation and weak ciphers.  SSLv2
    is by default disabled at build-time.  Builds that are not configured with
    "enable-ssl2" will not support SSLv2.  Even if "enable-ssl2" is used,
    users who want to negotiate SSLv2 via the version-flexible SSLv23_method()
    will need to explicitly call either of:
        SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
    or
        SSL_clear_options(ssl, SSL_OP_NO_SSLv2);
    (CVE-2016-0800)
  * Fix a double-free in DSA code
     (CVE-2016-0705)
  * Disable SRP fake user seed to address a server memory leak.
     Add a new method SRP_VBASE_get1_by_user that handles the seed properly.
     (CVE-2016-0798)
  * Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
     (CVE-2016-0797)
  *) Side channel attack on modular exponentiation
     http://cachebleed.info.
     (CVE-2016-0702)
  *) Change the req app to generate a 2048-bit RSA/DSA key by default,
     if no keysize is specified with default_bits. This fixes an
     omission in an earlier change that changed all RSA/DSA key generation
     apps to use 2048 bits by default.
 -------------------------------------------------------------------
 Thu Jan 28 15:10:38 UTC 2016 - vcizek@suse.com
 - update to 1.0.2f (boo#963410)
  *) DH small subgroups (boo#963413)
     Historically OpenSSL only ever generated DH parameters based on "safe"
     primes. More recently (in version 1.0.2) support was provided for
     generating X9.42 style parameter files such as those required for RFC 5114
     support. The primes used in such files may not be "safe". Where an
     application is using DH configured with parameters based on primes that are
     not "safe" then an attacker could use this fact to find a peer's private
     DH exponent. This attack requires that the attacker complete multiple
     handshakes in which the peer uses the same private DH exponent. For example
     this could be used to discover a TLS server's private DH exponent if it's
     reusing the private DH exponent or it's using a static DH ciphersuite.
     (CVE-2016-0701)
  *) SSLv2 doesn't block disabled ciphers (boo#963415)
     A malicious client can negotiate SSLv2 ciphers that have been disabled on
     the server and complete SSLv2 handshakes even if all SSLv2 ciphers have
     been disabled, provided that the SSLv2 protocol was not also disabled via
     SSL_OP_NO_SSLv2.
     (CVE-2015-3197)
  *) Reject DH handshakes with parameters shorter than 1024 bits.
 -------------------------------------------------------------------
 Fri Dec  4 23:06:18 UTC 2015 - vcizek@suse.com
--- a/openssl.spec
+++ b/openssl.spec
@ -1,7 +1,7 @@
 #
 # spec file for package openssl
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -29,7 +29,7 @@ Provides:       ssl
 %ifarch ppc64
 Obsoletes:      openssl-64bit
 %endif
-Version:        1.0.2e
+Version:        1.0.2g
 Release:        0
 Summary:        Secure Sockets and Transport Layer Security
 License:        OpenSSL