From abc16f3f9239cc1b8fe9580212315f4e4d2d73346fdb3654b9b0f5a1fdf98fa2 Mon Sep 17 00:00:00 2001 From: Stephan Kulow Date: Wed, 19 Oct 2011 11:40:21 +0000 Subject: [PATCH] Accepting request 88591 from Base:System - AES-NI: Check the return value of Engine_add() if the ENGINE_add() call fails: it ends up adding a reference to a freed up ENGINE which is likely to subsequently contain garbage This will happen if an ENGINE with the same name is added multiple times,for example different libraries. [bnc#720601] (forwarded request 88590 from elvigia) OBS-URL: https://build.opensuse.org/request/show/88591 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=69 --- openssl-1.0.0b-aesni.patch | 65 ++++++++++++++++---------------------- openssl.changes | 16 ++++++++++ openssl.spec | 3 +- 3 files changed, 45 insertions(+), 39 deletions(-) diff --git a/openssl-1.0.0b-aesni.patch b/openssl-1.0.0b-aesni.patch index 3b07c2f..b760aa2 100644 --- a/openssl-1.0.0b-aesni.patch +++ b/openssl-1.0.0b-aesni.patch @@ -1,6 +1,5 @@ -diff -up openssl-1.0.0b/Configure.aesni openssl-1.0.0b/Configure ---- openssl-1.0.0b/Configure.aesni 2010-11-16 17:33:22.000000000 +0100 -+++ openssl-1.0.0b/Configure 2010-11-16 17:35:15.000000000 +0100 +--- Configure.orig ++++ Configure @@ -123,11 +123,11 @@ my $tlib="-lnsl -lsocket"; my $bits1="THIRTY_TWO_BIT "; my $bits2="SIXTY_FOUR_BIT "; @@ -24,7 +23,7 @@ diff -up openssl-1.0.0b/Configure.aesni openssl-1.0.0b/Configure "debug-VC-WIN64I","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32", "debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:auto:win32", # x86 Win32 target defaults to ANSI API, if you want UNICODE, complement -@@ -1419,6 +1419,7 @@ if ($rmd160_obj =~ /\.o$/) +@@ -1410,6 +1410,7 @@ if ($rmd160_obj =~ /\.o$/) if ($aes_obj =~ /\.o$/) { $cflags.=" -DAES_ASM"; @@ -32,9 +31,8 @@ diff -up openssl-1.0.0b/Configure.aesni openssl-1.0.0b/Configure } else { $aes_obj=$aes_enc; -diff -up openssl-1.0.0b/crypto/aes/asm/aesni-x86.pl.aesni openssl-1.0.0b/crypto/aes/asm/aesni-x86.pl ---- openssl-1.0.0b/crypto/aes/asm/aesni-x86.pl.aesni 2010-11-16 17:33:23.000000000 +0100 -+++ openssl-1.0.0b/crypto/aes/asm/aesni-x86.pl 2010-11-16 17:33:23.000000000 +0100 +--- /dev/null ++++ crypto/aes/asm/aesni-x86.pl @@ -0,0 +1,765 @@ +#!/usr/bin/env perl + @@ -801,9 +799,8 @@ diff -up openssl-1.0.0b/crypto/aes/asm/aesni-x86.pl.aesni openssl-1.0.0b/crypto/ +&asciz("AES for Intel AES-NI, CRYPTOGAMS by "); + +&asm_finish(); -diff -up openssl-1.0.0b/crypto/aes/asm/aesni-x86_64.pl.aesni openssl-1.0.0b/crypto/aes/asm/aesni-x86_64.pl ---- openssl-1.0.0b/crypto/aes/asm/aesni-x86_64.pl.aesni 2010-11-16 17:33:23.000000000 +0100 -+++ openssl-1.0.0b/crypto/aes/asm/aesni-x86_64.pl 2010-11-16 17:33:23.000000000 +0100 +--- /dev/null ++++ crypto/aes/asm/aesni-x86_64.pl @@ -0,0 +1,991 @@ +#!/usr/bin/env perl +# @@ -1796,9 +1793,8 @@ diff -up openssl-1.0.0b/crypto/aes/asm/aesni-x86_64.pl.aesni openssl-1.0.0b/cryp +print $code; + +close STDOUT; -diff -up openssl-1.0.0b/crypto/aes/Makefile.aesni openssl-1.0.0b/crypto/aes/Makefile ---- openssl-1.0.0b/crypto/aes/Makefile.aesni 2008-12-23 12:33:00.000000000 +0100 -+++ openssl-1.0.0b/crypto/aes/Makefile 2010-11-16 17:33:23.000000000 +0100 +--- crypto/aes/Makefile.orig ++++ crypto/aes/Makefile @@ -50,9 +50,13 @@ aes-ia64.s: asm/aes-ia64.S aes-586.s: asm/aes-586.pl ../perlasm/x86asm.pl @@ -1813,9 +1809,8 @@ diff -up openssl-1.0.0b/crypto/aes/Makefile.aesni openssl-1.0.0b/crypto/aes/Make aes-sparcv9.s: asm/aes-sparcv9.pl $(PERL) asm/aes-sparcv9.pl $(CFLAGS) > $@ -diff -up openssl-1.0.0b/crypto/engine/eng_aesni.c.aesni openssl-1.0.0b/crypto/engine/eng_aesni.c ---- openssl-1.0.0b/crypto/engine/eng_aesni.c.aesni 2010-11-16 17:33:23.000000000 +0100 -+++ openssl-1.0.0b/crypto/engine/eng_aesni.c 2010-11-16 17:33:23.000000000 +0100 +--- /dev/null ++++ crypto/engine/eng_aesni.c @@ -0,0 +1,413 @@ +/* + * Support for Intel AES-NI intruction set @@ -1923,7 +1918,7 @@ diff -up openssl-1.0.0b/crypto/engine/eng_aesni.c.aesni openssl-1.0.0b/crypto/en + ENGINE *toadd = ENGINE_aesni(); + if (!toadd) + return; -+ ENGINE_add (toadd); ++ if(ENGINE_add (toadd)) + ENGINE_register_complete (toadd); + ENGINE_free (toadd); + ERR_clear_error (); @@ -2230,10 +2225,9 @@ diff -up openssl-1.0.0b/crypto/engine/eng_aesni.c.aesni openssl-1.0.0b/crypto/en + +#endif /* COMPILE_HW_AESNI */ +#endif /* !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_AESNI) && !defined(OPENSSL_NO_AES) */ -diff -up openssl-1.0.0b/crypto/engine/eng_all.c.aesni openssl-1.0.0b/crypto/engine/eng_all.c ---- openssl-1.0.0b/crypto/engine/eng_all.c.aesni 2010-11-16 17:33:22.000000000 +0100 -+++ openssl-1.0.0b/crypto/engine/eng_all.c 2010-11-16 17:33:23.000000000 +0100 -@@ -85,6 +85,9 @@ void ENGINE_load_builtin_engines(void) +--- crypto/engine/eng_all.c.orig ++++ crypto/engine/eng_all.c +@@ -71,6 +71,9 @@ void ENGINE_load_builtin_engines(void) #if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)) ENGINE_load_cryptodev(); #endif @@ -2243,10 +2237,9 @@ diff -up openssl-1.0.0b/crypto/engine/eng_all.c.aesni openssl-1.0.0b/crypto/engi ENGINE_load_dynamic(); #ifndef OPENSSL_NO_STATIC_ENGINE #ifndef OPENSSL_NO_HW -diff -up openssl-1.0.0b/crypto/engine/engine.h.aesni openssl-1.0.0b/crypto/engine/engine.h ---- openssl-1.0.0b/crypto/engine/engine.h.aesni 2010-11-16 17:33:22.000000000 +0100 -+++ openssl-1.0.0b/crypto/engine/engine.h 2010-11-16 17:33:23.000000000 +0100 -@@ -338,6 +338,7 @@ void ENGINE_load_gost(void); +--- crypto/engine/engine.h.orig ++++ crypto/engine/engine.h +@@ -344,6 +344,7 @@ void ENGINE_load_gost(void); #endif #endif void ENGINE_load_cryptodev(void); @@ -2254,9 +2247,8 @@ diff -up openssl-1.0.0b/crypto/engine/engine.h.aesni openssl-1.0.0b/crypto/engin void ENGINE_load_builtin_engines(void); /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation -diff -up openssl-1.0.0b/crypto/engine/Makefile.aesni openssl-1.0.0b/crypto/engine/Makefile ---- openssl-1.0.0b/crypto/engine/Makefile.aesni 2010-11-15 15:44:49.000000000 +0100 -+++ openssl-1.0.0b/crypto/engine/Makefile 2010-11-16 17:33:23.000000000 +0100 +--- crypto/engine/Makefile.orig ++++ crypto/engine/Makefile @@ -21,12 +21,14 @@ LIBSRC= eng_err.c eng_lib.c eng_list.c e eng_table.c eng_pkey.c eng_fat.c eng_all.c \ tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \ @@ -2274,9 +2266,8 @@ diff -up openssl-1.0.0b/crypto/engine/Makefile.aesni openssl-1.0.0b/crypto/engin SRC= $(LIBSRC) -diff -up openssl-1.0.0b/crypto/evp/evp_err.c.aesni openssl-1.0.0b/crypto/evp/evp_err.c ---- openssl-1.0.0b/crypto/evp/evp_err.c.aesni 2010-11-16 17:33:22.000000000 +0100 -+++ openssl-1.0.0b/crypto/evp/evp_err.c 2010-11-16 17:33:23.000000000 +0100 +--- crypto/evp/evp_err.c.orig ++++ crypto/evp/evp_err.c @@ -1,6 +1,6 @@ /* crypto/evp/evp_err.c */ /* ==================================================================== @@ -2302,10 +2293,9 @@ diff -up openssl-1.0.0b/crypto/evp/evp_err.c.aesni openssl-1.0.0b/crypto/evp/evp {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"}, {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"}, {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"}, -diff -up openssl-1.0.0b/crypto/evp/evp.h.aesni openssl-1.0.0b/crypto/evp/evp.h ---- openssl-1.0.0b/crypto/evp/evp.h.aesni 2010-11-16 17:33:22.000000000 +0100 -+++ openssl-1.0.0b/crypto/evp/evp.h 2010-11-16 17:33:23.000000000 +0100 -@@ -1167,6 +1167,7 @@ void ERR_load_EVP_strings(void); +--- crypto/evp/evp.h.orig ++++ crypto/evp/evp.h +@@ -1190,6 +1190,7 @@ void ERR_load_EVP_strings(void); /* Error codes for the EVP functions. */ /* Function codes. */ @@ -2313,9 +2303,8 @@ diff -up openssl-1.0.0b/crypto/evp/evp.h.aesni openssl-1.0.0b/crypto/evp/evp.h #define EVP_F_AES_INIT_KEY 133 #define EVP_F_CAMELLIA_INIT_KEY 159 #define EVP_F_D2I_PKEY 100 -diff -up openssl-1.0.0b/test/test_aesni.aesni openssl-1.0.0b/test/test_aesni ---- openssl-1.0.0b/test/test_aesni.aesni 2010-11-16 17:33:23.000000000 +0100 -+++ openssl-1.0.0b/test/test_aesni 2010-11-16 17:33:23.000000000 +0100 +--- /dev/null ++++ test/test_aesni @@ -0,0 +1,69 @@ +#!/bin/sh + diff --git a/openssl.changes b/openssl.changes index edd4a0b..0a9c1dd 100644 --- a/openssl.changes +++ b/openssl.changes @@ -1,3 +1,19 @@ +------------------------------------------------------------------- +Tue Oct 18 16:43:50 UTC 2011 - crrodriguez@opensuse.org + +- AES-NI: Check the return value of Engine_add() + if the ENGINE_add() call fails: it ends up adding a reference + to a freed up ENGINE which is likely to subsequently contain garbage + This will happen if an ENGINE with the same name is added multiple + times,for example different libraries. [bnc#720601] + +------------------------------------------------------------------- +Sat Oct 8 21:36:58 UTC 2011 - crrodriguez@opensuse.org + +- Build with -DSSL_FORBID_ENULL so servers are not + able to use the NULL encryption ciphers (Those offering no + encryption whatsoever). + ------------------------------------------------------------------- Wed Sep 7 14:29:41 UTC 2011 - crrodriguez@opensuse.org diff --git a/openssl.spec b/openssl.spec index e9e51dc..af31b6a 100644 --- a/openssl.spec +++ b/openssl.spec @@ -185,7 +185,7 @@ Authors: #%patch4 -p1 #%patch5 -p1 #%patch6 -p1 -%patch7 -p1 +%patch7 #%patch8 -p1 %patch10 cp -p %{S:10} . @@ -237,6 +237,7 @@ $RPM_OPT_FLAGS \ -fomit-frame-pointer \ -DTERMIO \ -DPURIFY \ +-DSSL_FORBID_ENULL \ %ifnarch hppa -Wall \ -fstack-protector "