testing/openssl
SHA256
3
0
Fork 0
forked from pool/openssl
Code Pull Requests Activity

Accepting request 131690 from Base:System

Browse Source 
- Open Internal file descriptors with O_CLOEXEC, leaving
  those open across fork()..execve() makes a perfect
  vector for a side-channel attack... (forwarded request 131190 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/131690
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=81
This commit is contained in:
Ismail Dönmez 2012-08-26 12:22:07 +00:00 committed by Git OBS Bridge
parent e5e7ad330f
commit df44f45fc9
3 changed files with 178 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

167
openssl-ocloexec.patch Normal file
View File

@ -0,0 +1,167 @@
--- crypto/bio/b_sock.c.orig
+++ crypto/bio/b_sock.c
@@ -735,7 +735,7 @@ int BIO_get_accept_socket(char *host, in
}
again:
- s=socket(server.sa.sa_family,SOCK_STREAM,SOCKET_PROTOCOL);
+ s=socket(server.sa.sa_family,SOCK_STREAM|SOCK_CLOEXEC,SOCKET_PROTOCOL);
if (s == INVALID_SOCKET)
{
SYSerr(SYS_F_SOCKET,get_last_socket_error());
@@ -784,7 +784,7 @@ again:
}
else goto err;
}
- cs=socket(client.sa.sa_family,SOCK_STREAM,SOCKET_PROTOCOL);
+ cs=socket(client.sa.sa_family,SOCK_STREAM|SOCK_CLOEXEC,SOCKET_PROTOCOL);
if (cs != INVALID_SOCKET)
{
int ii;
--- crypto/bio/bss_conn.c.orig
+++ crypto/bio/bss_conn.c
@@ -209,7 +209,7 @@ static int conn_state(BIO *b, BIO_CONNEC
c->them.sin_addr.s_addr=htonl(l);
c->state=BIO_CONN_S_CREATE_SOCKET;
- ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+ ret=socket(AF_INET,SOCK_STREAM|SOCK_CLOEXEC,SOCKET_PROTOCOL);
if (ret == INVALID_SOCKET)
{
SYSerr(SYS_F_SOCKET,get_last_socket_error());
--- crypto/bio/bss_dgram.c.orig
+++ crypto/bio/bss_dgram.c
@@ -999,7 +999,7 @@ static int dgram_sctp_read(BIO *b, char
msg.msg_control = cmsgbuf;
msg.msg_controllen = 512;
msg.msg_flags = 0;
- n = recvmsg(b->num, &msg, 0);
+ n = recvmsg(b->num, &msg, MSG_CMSG_CLOEXEC);
if (msg.msg_controllen > 0)
{
@@ -1560,7 +1560,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
msg.msg_controllen = 0;
msg.msg_flags = 0;
- n = recvmsg(b->num, &msg, MSG_PEEK);
+ n = recvmsg(b->num, &msg, MSG_PEEK| MSG_CMSG_CLOEXEC);
if (n <= 0)
{
if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK))
@@ -1583,7 +1583,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
msg.msg_controllen = 0;
msg.msg_flags = 0;
- n = recvmsg(b->num, &msg, 0);
+ n = recvmsg(b->num, &msg, MSG_CMSG_CLOEXEC);
if (n <= 0)
{
if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK))
@@ -1644,7 +1644,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b)
fcntl(b->num, F_SETFL, O_NONBLOCK);
}
- n = recvmsg(b->num, &msg, MSG_PEEK);
+ n = recvmsg(b->num, &msg, MSG_PEEK | MSG_CMSG_CLOEXEC);
if (is_dry)
{
@@ -1688,7 +1688,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b)
sockflags = fcntl(b->num, F_GETFL, 0);
fcntl(b->num, F_SETFL, O_NONBLOCK);
- n = recvmsg(b->num, &msg, MSG_PEEK);
+ n = recvmsg(b->num, &msg, MSG_PEEK | MSG_CMSG_CLOEXEC);
fcntl(b->num, F_SETFL, sockflags);
/* if notification, process and try again */
@@ -1709,7 +1709,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b)
msg.msg_control = NULL;
msg.msg_controllen = 0;
msg.msg_flags = 0;
- n = recvmsg(b->num, &msg, 0);
+ n = recvmsg(b->num, &msg, MSG_CMSG_CLOEXEC);
if (data->handle_notifications != NULL)
data->handle_notifications(b, data->notification_context, (void*) &snp);
--- crypto/bio/bss_file.c.orig
+++ crypto/bio/bss_file.c
@@ -120,6 +120,10 @@ BIO *BIO_new_file(const char *filename,
{
BIO *ret;
FILE *file=NULL;
+ size_t modelen = strlen (mode);
+ char newmode[modelen + 2];
+
+ memcpy (mempcpy (newmode, mode, modelen), "e", 2);
#if defined(_WIN32) && defined(CP_UTF8)
int sz, len_0 = (int)strlen(filename)+1;
@@ -162,7 +166,7 @@ BIO *BIO_new_file(const char *filename,
file = fopen(filename,mode);
}
#else
- file=fopen(filename,mode);
+ file=fopen(filename,newmode);
#endif
if (file == NULL)
{
@@ -275,7 +279,7 @@ static long MS_CALLBACK file_ctrl(BIO *b
long ret=1;
FILE *fp=(FILE *)b->ptr;
FILE **fpp;
- char p[4];
+ char p[5];
switch (cmd)
{
@@ -392,6 +396,8 @@ static long MS_CALLBACK file_ctrl(BIO *b
else
strcat(p,"t");
#endif
+ strcat(p, "e");
+
fp=fopen(ptr,p);
if (fp == NULL)
{
--- crypto/rand/rand_unix.c.orig
+++ crypto/rand/rand_unix.c
@@ -262,7 +262,7 @@ int RAND_poll(void)
for (i = 0; (i < sizeof(randomfiles)/sizeof(randomfiles[0])) &&
(n < ENTROPY_NEEDED); i++)
{
- if ((fd = open(randomfiles[i], O_RDONLY
+ if ((fd = open(randomfiles[i], O_RDONLY | O_CLOEXEC
#ifdef O_NONBLOCK
|O_NONBLOCK
#endif
--- crypto/rand/randfile.c.orig
+++ crypto/rand/randfile.c
@@ -134,7 +134,7 @@ int RAND_load_file(const char *file, lon
#ifdef OPENSSL_SYS_VMS
in=vms_fopen(file,"rb",VMS_OPEN_ATTRS);
#else
- in=fopen(file,"rb");
+ in=fopen(file,"rbe");
#endif
if (in == NULL) goto err;
#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO)
@@ -207,7 +207,7 @@ int RAND_write_file(const char *file)
#endif
/* chmod(..., 0600) is too late to protect the file,
* permissions should be restrictive from the start */
- int fd = open(file, O_WRONLY|O_CREAT|O_BINARY, 0600);
+ int fd = open(file, O_WRONLY|O_CREAT|O_BINARY|O_CLOEXEC, 0600);
if (fd != -1)
out = fdopen(fd, "wb");
}
@@ -238,7 +238,7 @@ int RAND_write_file(const char *file)
out = vms_fopen(file,"wb",VMS_OPEN_ATTRS);
#else
if (out == NULL)
- out = fopen(file,"wb");
+ out = fopen(file,"wbe");
#endif
if (out == NULL) goto err;

7
openssl.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Sun Aug 19 23:38:32 UTC 2012 - crrodriguez@opensuse.org
- Open Internal file descriptors with O_CLOEXEC, leaving
those open across fork()..execve() makes a perfect
vector for a side-channel attack...
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Aug 7 17:17:34 UTC 2012 - dmueller@suse.com Tue Aug 7 17:17:34 UTC 2012 - dmueller@suse.com

8
openssl.spec
View File

@ -46,6 +46,7 @@ Source10: README.SuSE
Patch0: merge_from_0.9.8k.patch Patch0: merge_from_0.9.8k.patch
Patch1: openssl-1.0.0-c_rehash-compat.diff Patch1: openssl-1.0.0-c_rehash-compat.diff
Patch2: bug610223.patch Patch2: bug610223.patch
Patch3: openssl-ocloexec.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description %description
@ -174,6 +175,7 @@ Authors:
%patch0 -p1 %patch0 -p1
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch3
cp -p %{S:10} . cp -p %{S:10} .
echo "adding/overwriting some entries in the 'table' hash in Configure" echo "adding/overwriting some entries in the 'table' hash in Configure"
# $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags # $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags
@ -366,11 +368,9 @@ ln -sf /%{_lib}/libcrypto.so.%{num_version} ./libcrypto.so
%clean %clean
if ! test -f /.buildenv; then rm -rf $RPM_BUILD_ROOT; fi if ! test -f /.buildenv; then rm -rf $RPM_BUILD_ROOT; fi
%post -n libopenssl1_0_0 %post -n libopenssl1_0_0 -p /sbin/ldconfig
/sbin/ldconfig
%postun -n libopenssl1_0_0 %postun -n libopenssl1_0_0 -p /sbin/ldconfig
/sbin/ldconfig
%files -n libopenssl1_0_0 %files -n libopenssl1_0_0
%defattr(-, root, root) %defattr(-, root, root)