diff options
author | Robert Yang <liezhi.yang@windriver.com> | 2016-05-11 00:43:28 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-05-11 12:36:54 +0100 |
commit | bca156013af0a98cb18d8156626b9acc8f9883e3 (patch) | |
tree | 741ab3727370148d6918fbb55633427ff26d4bee /meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch | |
parent | 88e0032f13f635c868c426e963db4d8a6fc42e9d (diff) | |
download | openembedded-core-bca156013af0a98cb18d8156626b9acc8f9883e3.tar.gz |
openssl: 1.0.2d -> 1.0.2h (mainly for CVEs)
* CVEs:
- CVE-2016-0705
- CVE-2016-0798
- CVE-2016-0797
- CVE-2016-0799
- CVE-2016-0702
- CVE-2016-0703
- CVE-2016-0704
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
* The LICENSE's checksum is changed because of date changes (2011 ->
2016), the contents are the same.
* Remove backport patches
- 0001-Add-test-for-CVE-2015-3194.patch
- CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch
- CVE-2015-3194-1-Add-PSS-parameter-check.patch
- CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
- CVE-2015-3197.patch
- CVE-2016-0701_1.patch
- CVE-2016-0701_2.patch
- CVE-2016-0800.patch
- CVE-2016-0800_2.patch
- CVE-2016-0800_3.patch
* Update crypto_use_bigint_in_x86-64_perl.patch
* Add version-script.patch and update block_diginotar.patch (From master branch)
* Update openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
(From Armin)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch | 156 |
1 files changed, 0 insertions, 156 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch deleted file mode 100644 index 05caf0a99e..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch +++ /dev/null @@ -1,156 +0,0 @@ -From c5b831f21d0d29d1e517d139d9d101763f60c9a2 Mon Sep 17 00:00:00 2001 -From: Matt Caswell <matt@openssl.org> -Date: Thu, 17 Dec 2015 02:57:20 +0000 -Subject: [PATCH] Always generate DH keys for ephemeral DH cipher suites - -Modified version of the commit ffaef3f15 in the master branch by Stephen -Henson. This makes the SSL_OP_SINGLE_DH_USE option a no-op and always -generates a new DH key for every handshake regardless. - -CVE-2016-0701 (fix part 2 or 2) - -Issue reported by Antonio Sanso - -Reviewed-by: Viktor Dukhovni <viktor@openssl.org> - -Upstream-Status: Backport - -https://github.com/openssl/openssl/commit/c5b831f21d0d29d1e517d139d9d101763f60c9a2 - -CVE: CVE-2016-0701 #2 -Signed-of-by: Armin Kuster <akuster@mvisa.com> - ---- - doc/ssl/SSL_CTX_set_tmp_dh_callback.pod | 29 +++++------------------------ - ssl/s3_lib.c | 14 -------------- - ssl/s3_srvr.c | 17 +++-------------- - ssl/ssl.h | 2 +- - 4 files changed, 9 insertions(+), 53 deletions(-) - -Index: openssl-1.0.2d/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod -=================================================================== ---- openssl-1.0.2d.orig/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod -+++ openssl-1.0.2d/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod -@@ -48,25 +48,8 @@ even if he gets hold of the normal (cert - only used for signing. - - In order to perform a DH key exchange the server must use a DH group --(DH parameters) and generate a DH key. --The server will always generate a new DH key during the negotiation --if either the DH parameters are supplied via callback or the --SSL_OP_SINGLE_DH_USE option of SSL_CTX_set_options(3) is set (or both). --It will immediately create a DH key if DH parameters are supplied via --SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set. --In this case, --it may happen that a key is generated on initialization without later --being needed, while on the other hand the computer time during the --negotiation is being saved. -- --If "strong" primes were used to generate the DH parameters, it is not strictly --necessary to generate a new key for each handshake but it does improve forward --secrecy. If it is not assured that "strong" primes were used, --SSL_OP_SINGLE_DH_USE must be used in order to prevent small subgroup --attacks. Always using SSL_OP_SINGLE_DH_USE has an impact on the --computer time needed during negotiation, but it is not very large, so --application authors/users should consider always enabling this option. --The option is required to implement perfect forward secrecy (PFS). -+(DH parameters) and generate a DH key. The server will always generate -+a new DH key during the negotiation. - - As generating DH parameters is extremely time consuming, an application - should not generate the parameters on the fly but supply the parameters. -@@ -93,10 +76,9 @@ can supply the DH parameters via a callb - Previous versions of the callback used B<is_export> and B<keylength> - parameters to control parameter generation for export and non-export - cipher suites. Modern servers that do not support export ciphersuites --are advised to either use SSL_CTX_set_tmp_dh() in combination with --SSL_OP_SINGLE_DH_USE, or alternatively, use the callback but ignore --B<keylength> and B<is_export> and simply supply at least 2048-bit --parameters in the callback. -+are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use -+the callback but ignore B<keylength> and B<is_export> and simply -+supply at least 2048-bit parameters in the callback. - - =head1 EXAMPLES - -@@ -128,7 +110,6 @@ partly left out.) - if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) { - /* Error. */ - } -- SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE); - ... - - =head1 RETURN VALUES -Index: openssl-1.0.2d/ssl/s3_lib.c -=================================================================== ---- openssl-1.0.2d.orig/ssl/s3_lib.c -+++ openssl-1.0.2d/ssl/s3_lib.c -@@ -3206,13 +3206,6 @@ long ssl3_ctrl(SSL *s, int cmd, long lar - SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); - return (ret); - } -- if (!(s->options & SSL_OP_SINGLE_DH_USE)) { -- if (!DH_generate_key(dh)) { -- DH_free(dh); -- SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); -- return (ret); -- } -- } - if (s->cert->dh_tmp != NULL) - DH_free(s->cert->dh_tmp); - s->cert->dh_tmp = dh; -@@ -3710,13 +3703,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); - return 0; - } -- if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) { -- if (!DH_generate_key(new)) { -- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); -- DH_free(new); -- return 0; -- } -- } - if (cert->dh_tmp != NULL) - DH_free(cert->dh_tmp); - cert->dh_tmp = new; -Index: openssl-1.0.2d/ssl/s3_srvr.c -=================================================================== ---- openssl-1.0.2d.orig/ssl/s3_srvr.c -+++ openssl-1.0.2d/ssl/s3_srvr.c -@@ -1684,20 +1684,9 @@ int ssl3_send_server_key_exchange(SSL *s - } - - s->s3->tmp.dh = dh; -- if ((dhp->pub_key == NULL || -- dhp->priv_key == NULL || -- (s->options & SSL_OP_SINGLE_DH_USE))) { -- if (!DH_generate_key(dh)) { -- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); -- goto err; -- } -- } else { -- dh->pub_key = BN_dup(dhp->pub_key); -- dh->priv_key = BN_dup(dhp->priv_key); -- if ((dh->pub_key == NULL) || (dh->priv_key == NULL)) { -- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); -- goto err; -- } -+ if (!DH_generate_key(dh)) { -+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); -+ goto err; - } - r[0] = dh->p; - r[1] = dh->g; -Index: openssl-1.0.2d/ssl/ssl.h -=================================================================== ---- openssl-1.0.2d.orig/ssl/ssl.h -+++ openssl-1.0.2d/ssl/ssl.h -@@ -625,7 +625,7 @@ struct ssl_session_st { - # define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L - /* If set, always create a new key when using tmp_ecdh parameters */ - # define SSL_OP_SINGLE_ECDH_USE 0x00080000L --/* If set, always create a new key when using tmp_dh parameters */ -+/* Does nothing: retained for compatibility */ - # define SSL_OP_SINGLE_DH_USE 0x00100000L - /* Does nothing: retained for compatibiity */ - # define SSL_OP_EPHEMERAL_RSA 0x0 |