/[smeserver]/rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2014-8275.patch
ViewVC logotype

Annotation of /rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2014-8275.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Wed Apr 15 14:21:06 2015 UTC (9 years, 7 months ago) by vip-ire
Branch: MAIN
CVS Tags: openssl-0_9_8e-33_1_el5_sme, HEAD
* Wed Apr 15 2015 Daniel Berteaud <daniel@firewall-services.com 0.9.8e-33.1.sme
- update with ca-bundle.crt from SME 9 [SME: 8909]

1 vip-ire 1.1 diff -up openssl-fips-0.9.8e/crypto/asn1/a_bitstr.c.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/a_bitstr.c
2     --- openssl-fips-0.9.8e/crypto/asn1/a_bitstr.c.cert-fingerprint 2005-07-26 22:55:14.000000000 +0200
3     +++ openssl-fips-0.9.8e/crypto/asn1/a_bitstr.c 2015-04-02 14:09:34.065642198 +0200
4     @@ -136,11 +136,16 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN
5    
6     p= *pp;
7     i= *(p++);
8     + if (i > 7)
9     + {
10     + i=ASN1_R_INVALID_BIT_STRING_BITS_LEFT;
11     + goto err;
12     + }
13     /* We do this to preserve the settings. If we modify
14     * the settings, via the _set_bit function, we will recalculate
15     * on output */
16     ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
17     - ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
18     + ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|i); /* set */
19    
20     if (len-- > 1) /* using one because of the bits left byte */
21     {
22     diff -up openssl-fips-0.9.8e/crypto/asn1/asn1_err.c.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/asn1_err.c
23     --- openssl-fips-0.9.8e/crypto/asn1/asn1_err.c.cert-fingerprint 2015-04-01 12:41:27.000000000 +0200
24     +++ openssl-fips-0.9.8e/crypto/asn1/asn1_err.c 2015-04-02 14:38:16.854073649 +0200
25     @@ -228,6 +228,7 @@ static ERR_STRING_DATA ASN1_str_reasons[
26     {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE) ,"illegal time value"},
27     {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT),"integer not ascii format"},
28     {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"},
29     +{ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT),"invalid bit string bits left"},
30     {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"},
31     {ERR_REASON(ASN1_R_INVALID_DIGIT) ,"invalid digit"},
32     {ERR_REASON(ASN1_R_INVALID_MODIFIER) ,"invalid modifier"},
33     diff -up openssl-fips-0.9.8e/crypto/asn1/asn1.h.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/asn1.h
34     --- openssl-fips-0.9.8e/crypto/asn1/asn1.h.cert-fingerprint 2015-04-01 12:41:27.000000000 +0200
35     +++ openssl-fips-0.9.8e/crypto/asn1/asn1.h 2015-04-02 14:36:44.517001476 +0200
36     @@ -741,6 +741,7 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE,
37    
38     int ASN1_TYPE_get(ASN1_TYPE *a);
39     void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
40     +int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
41    
42     ASN1_OBJECT * ASN1_OBJECT_new(void );
43     void ASN1_OBJECT_free(ASN1_OBJECT *a);
44     @@ -1174,6 +1175,7 @@ void ERR_load_ASN1_strings(void);
45     #define ASN1_R_ILLEGAL_TIME_VALUE 184
46     #define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
47     #define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
48     +#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
49     #define ASN1_R_INVALID_BMPSTRING_LENGTH 129
50     #define ASN1_R_INVALID_DIGIT 130
51     #define ASN1_R_INVALID_MODIFIER 186
52     diff -up openssl-fips-0.9.8e/crypto/asn1/a_type.c.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/a_type.c
53     --- openssl-fips-0.9.8e/crypto/asn1/a_type.c.cert-fingerprint 2005-05-17 18:50:45.000000000 +0200
54     +++ openssl-fips-0.9.8e/crypto/asn1/a_type.c 2015-04-02 14:32:45.960662004 +0200
55     @@ -59,6 +59,7 @@
56     #include <stdio.h>
57     #include "cryptlib.h"
58     #include <openssl/asn1t.h>
59     +#include <openssl/objects.h>
60    
61     int ASN1_TYPE_get(ASN1_TYPE *a)
62     {
63     @@ -82,3 +83,52 @@ void ASN1_TYPE_set(ASN1_TYPE *a, int typ
64    
65     IMPLEMENT_STACK_OF(ASN1_TYPE)
66     IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
67     +
68     +/* Returns 0 if they are equal, != 0 otherwise. */
69     +int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
70     + {
71     + int result = -1;
72     +
73     + if (!a || !b || a->type != b->type) return -1;
74     +
75     + switch (a->type)
76     + {
77     + case V_ASN1_OBJECT:
78     + result = OBJ_cmp(a->value.object, b->value.object);
79     + break;
80     + case V_ASN1_BOOLEAN:
81     + result = a->value.boolean - b->value.boolean;
82     + break;
83     + case V_ASN1_NULL:
84     + result = 0; /* They do not have content. */
85     + break;
86     + case V_ASN1_INTEGER:
87     + case V_ASN1_NEG_INTEGER:
88     + case V_ASN1_ENUMERATED:
89     + case V_ASN1_NEG_ENUMERATED:
90     + case V_ASN1_BIT_STRING:
91     + case V_ASN1_OCTET_STRING:
92     + case V_ASN1_SEQUENCE:
93     + case V_ASN1_SET:
94     + case V_ASN1_NUMERICSTRING:
95     + case V_ASN1_PRINTABLESTRING:
96     + case V_ASN1_T61STRING:
97     + case V_ASN1_VIDEOTEXSTRING:
98     + case V_ASN1_IA5STRING:
99     + case V_ASN1_UTCTIME:
100     + case V_ASN1_GENERALIZEDTIME:
101     + case V_ASN1_GRAPHICSTRING:
102     + case V_ASN1_VISIBLESTRING:
103     + case V_ASN1_GENERALSTRING:
104     + case V_ASN1_UNIVERSALSTRING:
105     + case V_ASN1_BMPSTRING:
106     + case V_ASN1_UTF8STRING:
107     + case V_ASN1_OTHER:
108     + default:
109     + result = ASN1_STRING_cmp((ASN1_STRING *) a->value.ptr,
110     + (ASN1_STRING *) b->value.ptr);
111     + break;
112     + }
113     +
114     + return result;
115     + }
116     diff -up openssl-fips-0.9.8e/crypto/asn1/a_verify.c.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/a_verify.c
117     --- openssl-fips-0.9.8e/crypto/asn1/a_verify.c.cert-fingerprint 2015-04-01 12:41:28.000000000 +0200
118     +++ openssl-fips-0.9.8e/crypto/asn1/a_verify.c 2015-04-02 14:34:50.143434774 +0200
119     @@ -90,6 +90,12 @@ int ASN1_verify(i2d_of_void *i2d, X509_A
120     goto err;
121     }
122    
123     + if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
124     + {
125     + ASN1err(ASN1_F_ASN1_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
126     + goto err;
127     + }
128     +
129     inl=i2d(data,NULL);
130     buf_in=OPENSSL_malloc((unsigned int)inl);
131     if (buf_in == NULL)
132     @@ -139,6 +145,12 @@ int ASN1_item_verify(const ASN1_ITEM *it
133     return -1;
134     }
135    
136     + if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
137     + {
138     + ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
139     + return -1;
140     + }
141     +
142     EVP_MD_CTX_init(&ctx);
143     i=OBJ_obj2nid(a->algorithm);
144     type=EVP_get_digestbyname(OBJ_nid2sn(i));
145     diff -up openssl-fips-0.9.8e/crypto/asn1/x_algor.c.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/x_algor.c
146     --- openssl-fips-0.9.8e/crypto/asn1/x_algor.c.cert-fingerprint 2001-07-27 04:22:23.000000000 +0200
147     +++ openssl-fips-0.9.8e/crypto/asn1/x_algor.c 2015-04-02 14:39:32.561772635 +0200
148     @@ -71,3 +71,14 @@ IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR)
149    
150     IMPLEMENT_STACK_OF(X509_ALGOR)
151     IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
152     +
153     +int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
154     + {
155     + int rv;
156     + rv = OBJ_cmp(a->algorithm, b->algorithm);
157     + if (rv)
158     + return rv;
159     + if (!a->parameter && !b->parameter)
160     + return 0;
161     + return ASN1_TYPE_cmp(a->parameter, b->parameter);
162     + }
163     diff -up openssl-fips-0.9.8e/crypto/dsa/dsa_asn1.c.cert-fingerprint openssl-fips-0.9.8e/crypto/dsa/dsa_asn1.c
164     --- openssl-fips-0.9.8e/crypto/dsa/dsa_asn1.c.cert-fingerprint 2007-04-06 02:30:16.000000000 +0200
165     +++ openssl-fips-0.9.8e/crypto/dsa/dsa_asn1.c 2015-04-02 14:52:06.303693362 +0200
166     @@ -194,6 +194,9 @@ int DSA_verify(int type, const unsigned
167     const unsigned char *sigbuf, int siglen, DSA *dsa)
168     {
169     DSA_SIG *s;
170     + const unsigned char *p = sigbuf;
171     + unsigned char *der = NULL;
172     + int derlen = -1;
173     int ret=-1;
174     #ifdef OPENSSL_FIPS
175     if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
176     @@ -205,9 +208,18 @@ int DSA_verify(int type, const unsigned
177    
178     s = DSA_SIG_new();
179     if (s == NULL) return(ret);
180     - if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
181     + if (d2i_DSA_SIG(&s,&p,siglen) == NULL) goto err;
182     + /* Ensure signature uses DER and doesn't have trailing garbage */
183     + derlen = i2d_DSA_SIG(s, &der);
184     + if (derlen != siglen || memcmp(sigbuf, der, derlen))
185     + goto err;
186     ret=DSA_do_verify(dgst,dgst_len,s,dsa);
187     err:
188     + if (derlen > 0)
189     + {
190     + OPENSSL_cleanse(der, derlen);
191     + OPENSSL_free(der);
192     + }
193     DSA_SIG_free(s);
194     return(ret);
195     }
196     diff -up openssl-fips-0.9.8e/crypto/x509/x_all.c.cert-fingerprint openssl-fips-0.9.8e/crypto/x509/x_all.c
197     --- openssl-fips-0.9.8e/crypto/x509/x_all.c.cert-fingerprint 2005-07-16 13:13:08.000000000 +0200
198     +++ openssl-fips-0.9.8e/crypto/x509/x_all.c 2015-04-02 14:42:00.894101419 +0200
199     @@ -73,6 +73,8 @@
200    
201     int X509_verify(X509 *a, EVP_PKEY *r)
202     {
203     + if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature))
204     + return 0;
205     return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF),a->sig_alg,
206     a->signature,a->cert_info,r));
207     }
208     diff -up openssl-fips-0.9.8e/crypto/x509/x509.h.cert-fingerprint openssl-fips-0.9.8e/crypto/x509/x509.h
209     --- openssl-fips-0.9.8e/crypto/x509/x509.h.cert-fingerprint 2015-04-01 12:41:27.000000000 +0200
210     +++ openssl-fips-0.9.8e/crypto/x509/x509.h 2015-04-02 14:40:57.452677705 +0200
211     @@ -841,6 +841,7 @@ X509_EXTENSION *X509_EXTENSION_dup(X509_
212     X509_CRL *X509_CRL_dup(X509_CRL *crl);
213     X509_REQ *X509_REQ_dup(X509_REQ *req);
214     X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
215     +int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
216     X509_NAME *X509_NAME_dup(X509_NAME *xn);
217     X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
218    

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed