From bffe20438c4a0d0e16e93abe87499fe2df6a8d62 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Mr=C3=A1z?= <tmraz@fedoraproject.org>
Date: Fri, 12 Feb 2010 17:20:50 +0000
Subject: [PATCH] - gracefully handle zero length in assembler implementations
 of     OPENSSL_cleanse (#564029) - do not fail in s_server if client hostname
 not resolvable (#561260)

---
 openssl-1.0.0-beta5-cleanse.patch             | 109 ++++++++++++++++++
 ...tch => openssl-1.0.0-beta5-ipv6-apps.patch | 105 ++++++++---------
 openssl.spec                                  |  11 +-
 3 files changed, 167 insertions(+), 58 deletions(-)
 create mode 100644 openssl-1.0.0-beta5-cleanse.patch
 rename openssl-1.0.0-beta3-ipv6-apps.patch => openssl-1.0.0-beta5-ipv6-apps.patch (86%)

diff --git a/openssl-1.0.0-beta5-cleanse.patch b/openssl-1.0.0-beta5-cleanse.patch
new file mode 100644
index 0000000..92f7446
--- /dev/null
+++ b/openssl-1.0.0-beta5-cleanse.patch
@@ -0,0 +1,109 @@
+Gracefully handle zero length in assembler implementations of OPENSSL_cleanse.
+diff -up openssl-1.0.0-beta5/crypto/ia64cpuid.S.cleanse openssl-1.0.0-beta5/crypto/ia64cpuid.S
+--- openssl-1.0.0-beta5/crypto/ia64cpuid.S.cleanse	2007-07-27 20:03:27.000000000 +0200
++++ openssl-1.0.0-beta5/crypto/ia64cpuid.S	2010-02-12 18:13:52.000000000 +0100
+@@ -130,9 +130,11 @@ OPENSSL_wipe_cpu:
+ .global	OPENSSL_cleanse#
+ .proc	OPENSSL_cleanse#
+ OPENSSL_cleanse:
++{ .mib;	cmp.eq		p6,p0=0,r33	    // len==0
+ #if defined(_HPUX_SOURCE) && !defined(_LP64)
+-{ .mmi;	addp4		r32=0,r32	};;
++	addp4		r32=0,r32
+ #endif
++(p6)	br.ret.spnt	b0		};;
+ { .mib;	and		r2=7,r32
+ 	cmp.leu		p6,p0=15,r33	    // len>=15
+ (p6)	br.cond.dptk	.Lot		};;
+diff -up openssl-1.0.0-beta5/crypto/perlasm/ppc-xlate.pl.cleanse openssl-1.0.0-beta5/crypto/perlasm/ppc-xlate.pl
+--- openssl-1.0.0-beta5/crypto/perlasm/ppc-xlate.pl.cleanse	2008-01-13 23:01:29.000000000 +0100
++++ openssl-1.0.0-beta5/crypto/perlasm/ppc-xlate.pl	2010-02-12 18:13:52.000000000 +0100
+@@ -101,6 +101,13 @@ my $bnelr = sub {
+ 	"	.long	".sprintf "0x%x",19<<26|$bo<<21|2<<16|16<<1 :
+ 	"	bclr	$bo,2";
+ };
++my $beqlr = sub {
++    my $f = shift;
++    my $bo = $f=~/-/ ? 12+2 : 12;	# optional "not to be taken" hint
++    ($flavour =~ /linux/) ?		# GNU as doesn't allow most recent hints
++	"	.long	".sprintf "0x%X",19<<26|$bo<<21|2<<16|16<<1 :
++	"	bclr	$bo,2";
++};
+ # GNU assembler can't handle extrdi rA,rS,16,48, or when sum of last two
+ # arguments is 64, with "operand out of range" error.
+ my $extrdi = sub {
+diff -up openssl-1.0.0-beta5/crypto/ppccpuid.pl.cleanse openssl-1.0.0-beta5/crypto/ppccpuid.pl
+--- openssl-1.0.0-beta5/crypto/ppccpuid.pl.cleanse	2008-09-12 16:45:53.000000000 +0200
++++ openssl-1.0.0-beta5/crypto/ppccpuid.pl	2010-02-12 18:13:52.000000000 +0100
+@@ -67,6 +67,8 @@ Loop:	lwarx	r5,0,r3
+ 	$CMPLI	r4,7
+ 	li	r0,0
+ 	bge	Lot
++	$CMPLI	r4,0
++	beqlr-
+ Little:	mtctr	r4
+ 	stb	r0,0(r3)
+ 	addi	r3,r3,1
+diff -up openssl-1.0.0-beta5/crypto/sparccpuid.S.cleanse openssl-1.0.0-beta5/crypto/sparccpuid.S
+--- openssl-1.0.0-beta5/crypto/sparccpuid.S.cleanse	2007-05-19 19:26:48.000000000 +0200
++++ openssl-1.0.0-beta5/crypto/sparccpuid.S	2010-02-12 18:13:52.000000000 +0100
+@@ -242,6 +242,10 @@ OPENSSL_cleanse:
+ #else
+ 	bgu	.Lot
+ #endif
++	cmp	%o1,0
++	bne	.Little
++	nop
++	retl
+ 	nop
+ 
+ .Little:
+diff -up openssl-1.0.0-beta5/crypto/s390xcpuid.S.cleanse openssl-1.0.0-beta5/crypto/s390xcpuid.S
+--- openssl-1.0.0-beta5/crypto/s390xcpuid.S.cleanse	2010-01-19 22:40:56.000000000 +0100
++++ openssl-1.0.0-beta5/crypto/s390xcpuid.S	2010-02-12 18:13:52.000000000 +0100
+@@ -62,6 +62,8 @@ OPENSSL_cleanse:
+ 	lghi	%r0,0
+ 	clgr	%r3,%r4
+ 	jh	.Lot
++	clgr	%r3,%r0
++	bcr	8,%r14
+ .Little:
+ 	stc	%r0,0(%r2)
+ 	la	%r2,1(%r2)
+diff -up openssl-1.0.0-beta5/crypto/x86cpuid.pl.cleanse openssl-1.0.0-beta5/crypto/x86cpuid.pl
+--- openssl-1.0.0-beta5/crypto/x86cpuid.pl.cleanse	2009-05-14 20:25:29.000000000 +0200
++++ openssl-1.0.0-beta5/crypto/x86cpuid.pl	2010-02-12 18:13:52.000000000 +0100
+@@ -279,11 +279,14 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA3
+ 	&xor	("eax","eax");
+ 	&cmp	("ecx",7);
+ 	&jae	(&label("lot"));
++	&cmp	("ecx",0);
++	&je	(&label("ret"));
+ &set_label("little");
+ 	&mov	(&BP(0,"edx"),"al");
+ 	&sub	("ecx",1);
+ 	&lea	("edx",&DWP(1,"edx"));
+ 	&jnz	(&label("little"));
++&set_label("ret");
+ 	&ret	();
+ 
+ &set_label("lot",16);
+diff -up openssl-1.0.0-beta5/crypto/x86_64cpuid.pl.cleanse openssl-1.0.0-beta5/crypto/x86_64cpuid.pl
+--- openssl-1.0.0-beta5/crypto/x86_64cpuid.pl.cleanse	2009-05-14 20:25:29.000000000 +0200
++++ openssl-1.0.0-beta5/crypto/x86_64cpuid.pl	2010-02-12 18:13:52.000000000 +0100
+@@ -145,12 +145,14 @@ OPENSSL_cleanse:
+ 	xor	%rax,%rax
+ 	cmp	\$15,$arg2
+ 	jae	.Lot
++	cmp	\$0,$arg2
++	je	.Lret
+ .Little:
+ 	mov	%al,($arg1)
+ 	sub	\$1,$arg2
+ 	lea	1($arg1),$arg1
+ 	jnz	.Little
+-	ret
++.Lret:	ret
+ .align	16
+ .Lot:
+ 	test	\$7,$arg1
diff --git a/openssl-1.0.0-beta3-ipv6-apps.patch b/openssl-1.0.0-beta5-ipv6-apps.patch
similarity index 86%
rename from openssl-1.0.0-beta3-ipv6-apps.patch
rename to openssl-1.0.0-beta5-ipv6-apps.patch
index 690bc98..4304c01 100644
--- a/openssl-1.0.0-beta3-ipv6-apps.patch
+++ b/openssl-1.0.0-beta5-ipv6-apps.patch
@@ -1,6 +1,6 @@
-diff -up openssl-1.0.0-beta3/apps/s_apps.h.ipv6-apps openssl-1.0.0-beta3/apps/s_apps.h
---- openssl-1.0.0-beta3/apps/s_apps.h.ipv6-apps	2009-08-05 21:29:58.000000000 +0200
-+++ openssl-1.0.0-beta3/apps/s_apps.h	2009-08-05 21:29:58.000000000 +0200
+diff -up openssl-1.0.0-beta5/apps/s_apps.h.ipv6-apps openssl-1.0.0-beta5/apps/s_apps.h
+--- openssl-1.0.0-beta5/apps/s_apps.h.ipv6-apps	2010-02-03 09:43:49.000000000 +0100
++++ openssl-1.0.0-beta5/apps/s_apps.h	2010-02-03 09:43:49.000000000 +0100
 @@ -148,7 +148,7 @@ typedef fd_mask fd_set;
  #define PORT_STR        "4433"
  #define PROTOCOL        "tcp"
@@ -23,10 +23,10 @@ diff -up openssl-1.0.0-beta3/apps/s_apps.h.ipv6-apps openssl-1.0.0-beta3/apps/s_
  
  long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
  				   int argi, long argl, long ret);
-diff -up openssl-1.0.0-beta3/apps/s_client.c.ipv6-apps openssl-1.0.0-beta3/apps/s_client.c
---- openssl-1.0.0-beta3/apps/s_client.c.ipv6-apps	2009-08-05 21:29:58.000000000 +0200
-+++ openssl-1.0.0-beta3/apps/s_client.c	2009-08-05 22:33:44.000000000 +0200
-@@ -388,7 +388,7 @@ int MAIN(int argc, char **argv)
+diff -up openssl-1.0.0-beta5/apps/s_client.c.ipv6-apps openssl-1.0.0-beta5/apps/s_client.c
+--- openssl-1.0.0-beta5/apps/s_client.c.ipv6-apps	2010-02-03 09:43:49.000000000 +0100
++++ openssl-1.0.0-beta5/apps/s_client.c	2010-02-03 09:43:49.000000000 +0100
+@@ -389,7 +389,7 @@ int MAIN(int argc, char **argv)
  	int cbuf_len,cbuf_off;
  	int sbuf_len,sbuf_off;
  	fd_set readfds,writefds;
@@ -35,7 +35,7 @@ diff -up openssl-1.0.0-beta3/apps/s_client.c.ipv6-apps openssl-1.0.0-beta3/apps/
  	int full_log=1;
  	char *host=SSL_HOST_NAME;
  	char *cert_file=NULL,*key_file=NULL;
-@@ -486,13 +486,12 @@ int MAIN(int argc, char **argv)
+@@ -488,13 +488,12 @@ int MAIN(int argc, char **argv)
  		else if	(strcmp(*argv,"-port") == 0)
  			{
  			if (--argc < 1) goto bad;
@@ -51,7 +51,7 @@ diff -up openssl-1.0.0-beta3/apps/s_client.c.ipv6-apps openssl-1.0.0-beta3/apps/
  				goto bad;
  			}
  		else if	(strcmp(*argv,"-verify") == 0)
-@@ -956,7 +955,7 @@ bad:
+@@ -967,7 +966,7 @@ bad:
  
  re_start:
  
@@ -60,10 +60,10 @@ diff -up openssl-1.0.0-beta3/apps/s_client.c.ipv6-apps openssl-1.0.0-beta3/apps/
  		{
  		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
  		SHUTDOWN(s);
-diff -up openssl-1.0.0-beta3/apps/s_server.c.ipv6-apps openssl-1.0.0-beta3/apps/s_server.c
---- openssl-1.0.0-beta3/apps/s_server.c.ipv6-apps	2009-08-05 21:29:58.000000000 +0200
-+++ openssl-1.0.0-beta3/apps/s_server.c	2009-08-05 21:29:58.000000000 +0200
-@@ -837,7 +837,7 @@ int MAIN(int argc, char *argv[])
+diff -up openssl-1.0.0-beta5/apps/s_server.c.ipv6-apps openssl-1.0.0-beta5/apps/s_server.c
+--- openssl-1.0.0-beta5/apps/s_server.c.ipv6-apps	2010-02-03 09:43:49.000000000 +0100
++++ openssl-1.0.0-beta5/apps/s_server.c	2010-02-03 09:43:49.000000000 +0100
+@@ -838,7 +838,7 @@ int MAIN(int argc, char *argv[])
  	{
  	X509_VERIFY_PARAM *vpm = NULL;
  	int badarg = 0;
@@ -72,7 +72,7 @@ diff -up openssl-1.0.0-beta3/apps/s_server.c.ipv6-apps openssl-1.0.0-beta3/apps/
  	char *CApath=NULL,*CAfile=NULL;
  	unsigned char *context = NULL;
  	char *dhfile = NULL;
-@@ -907,8 +907,7 @@ int MAIN(int argc, char *argv[])
+@@ -909,8 +909,7 @@ int MAIN(int argc, char *argv[])
  			 (strcmp(*argv,"-accept") == 0))
  			{
  			if (--argc < 1) goto bad;
@@ -82,7 +82,7 @@ diff -up openssl-1.0.0-beta3/apps/s_server.c.ipv6-apps openssl-1.0.0-beta3/apps/
  			}
  		else if	(strcmp(*argv,"-verify") == 0)
  			{
-@@ -1685,9 +1684,9 @@ bad:
+@@ -1700,9 +1699,9 @@ bad:
  	BIO_printf(bio_s_out,"ACCEPT\n");
  	(void)BIO_flush(bio_s_out);
  	if (www)
@@ -94,10 +94,10 @@ diff -up openssl-1.0.0-beta3/apps/s_server.c.ipv6-apps openssl-1.0.0-beta3/apps/
  	print_stats(bio_s_out,ctx);
  	ret=0;
  end:
-diff -up openssl-1.0.0-beta3/apps/s_socket.c.ipv6-apps openssl-1.0.0-beta3/apps/s_socket.c
---- openssl-1.0.0-beta3/apps/s_socket.c.ipv6-apps	2008-11-12 04:57:47.000000000 +0100
-+++ openssl-1.0.0-beta3/apps/s_socket.c	2009-08-05 21:29:58.000000000 +0200
-@@ -96,9 +96,7 @@ static struct hostent *GetHostByName(cha
+diff -up openssl-1.0.0-beta5/apps/s_socket.c.ipv6-apps openssl-1.0.0-beta5/apps/s_socket.c
+--- openssl-1.0.0-beta5/apps/s_socket.c.ipv6-apps	2009-08-26 13:21:50.000000000 +0200
++++ openssl-1.0.0-beta5/apps/s_socket.c	2010-02-03 10:00:30.000000000 +0100
+@@ -102,9 +102,7 @@ static struct hostent *GetHostByName(cha
  static void ssl_sock_cleanup(void);
  #endif
  static int ssl_sock_init(void);
@@ -108,7 +108,7 @@ diff -up openssl-1.0.0-beta3/apps/s_socket.c.ipv6-apps openssl-1.0.0-beta3/apps/
  static int do_accept(int acc_sock, int *sock, char **host);
  static int host_ip(char *str, unsigned char ip[4]);
  
-@@ -228,58 +226,70 @@ static int ssl_sock_init(void)
+@@ -234,58 +232,70 @@ static int ssl_sock_init(void)
  	return(1);
  	}
  
@@ -217,7 +217,7 @@ diff -up openssl-1.0.0-beta3/apps/s_socket.c.ipv6-apps openssl-1.0.0-beta3/apps/
  	{
  	int sock;
  	char *name = NULL;
-@@ -317,33 +327,38 @@ int do_server(int port, int type, int *r
+@@ -323,33 +333,38 @@ int do_server(int port, int type, int *r
  		}
  	}
  
@@ -277,7 +277,7 @@ diff -up openssl-1.0.0-beta3/apps/s_socket.c.ipv6-apps openssl-1.0.0-beta3/apps/
  #if defined SOL_SOCKET && defined SO_REUSEADDR
  		{
  		int j = 1;
-@@ -351,36 +366,39 @@ static int init_server_long(int *sock, i
+@@ -357,36 +372,39 @@ static int init_server_long(int *sock, i
  			   (void *) &j, sizeof j);
  		}
  #endif
@@ -337,11 +337,10 @@ diff -up openssl-1.0.0-beta3/apps/s_socket.c.ipv6-apps openssl-1.0.0-beta3/apps/
  	int len;
  /*	struct linger ling; */
  
-@@ -425,137 +443,62 @@ redoit:
- 	if (i < 0) { perror("keepalive"); return(0); }
+@@ -432,136 +450,58 @@ redoit:
  */
  
--	if (host == NULL) goto end;
+ 	if (host == NULL) goto end;
 -#ifndef BIT_FIELD_LIMITS
 -	/* I should use WSAAsyncGetHostByName() under windows */
 -	h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
@@ -351,50 +350,44 @@ diff -up openssl-1.0.0-beta3/apps/s_socket.c.ipv6-apps openssl-1.0.0-beta3/apps/
 -		sizeof(struct in_addr),AF_INET);
 -#endif
 -	if (h1 == NULL)
-+	if (host == NULL)
- 		{
--		BIO_printf(bio_err,"bad gethostbyaddr\n");
--		*host=NULL;
--		/* return(0); */
--		}
--	else
--		{
--		if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
--			{
--			perror("OPENSSL_malloc");
-+		*sock=ret;
- 			return(0);
- 			}
--		BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
- 
--		h2=GetHostByName(*host);
--		if (h2 == NULL)
++
 +	if (getnameinfo((struct sockaddr *)&from, sizeof(from),
 +		buffer, sizeof(buffer),
 +		NULL, 0, 0))
- 			{
--			BIO_printf(bio_err,"gethostbyname failure\n");
+ 		{
+-		BIO_printf(bio_err,"bad gethostbyaddr\n");
 +		BIO_printf(bio_err,"getnameinfo failed\n");
-+		*host=NULL;
+ 		*host=NULL;
+ 		/* return(0); */
+ 		}
+ 	else
+ 		{
+-		if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
++		if ((*host=(char *)OPENSSL_malloc(strlen(buffer)+1)) == NULL)
+ 			{
+ 			perror("OPENSSL_malloc");
  			return(0);
  			}
+-		BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
+-
+-		h2=GetHostByName(*host);
+-		if (h2 == NULL)
+-			{
+-			BIO_printf(bio_err,"gethostbyname failure\n");
+-			return(0);
+-			}
 -		i=0;
 -		if (h2->h_addrtype != AF_INET)
-+	else
- 			{
+-			{
 -			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
-+		if ((*host=(char *)OPENSSL_malloc(strlen(buffer)+1)) == NULL)
-+			{
-+			perror("OPENSSL_malloc");
- 			return(0);
- 			}
--		}
--end:
+-			return(0);
+-			}
 +		strcpy(*host, buffer);
+ 		}
+ end:
  	*sock=ret;
  	return(1);
  	}
-+	}
  
 -int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
 -	     short *port_ptr)
diff --git a/openssl.spec b/openssl.spec
index 7ccec34..d6eb67b 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -23,7 +23,7 @@
 Summary: A general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.0
-Release: 0.20.%{beta}%{?dist}
+Release: 0.21.%{beta}%{?dist}
 # We remove certain patented algorithms from the openssl source tarball
 # with the hobble-openssl script which is included below.
 Source: openssl-%{version}-%{beta}-usa.tar.bz2
@@ -50,7 +50,7 @@ Patch33: openssl-1.0.0-beta4-ca-dir.patch
 Patch34: openssl-0.9.6-x509.patch
 Patch35: openssl-0.9.8j-version-add-engines.patch
 Patch38: openssl-1.0.0-beta5-cipher-change.patch
-Patch39: openssl-1.0.0-beta3-ipv6-apps.patch
+Patch39: openssl-1.0.0-beta5-ipv6-apps.patch
 Patch40: openssl-1.0.0-beta5-fips.patch
 Patch41: openssl-1.0.0-beta3-fipscheck.patch
 Patch43: openssl-1.0.0-beta3-fipsmode.patch
@@ -62,6 +62,7 @@ Patch50: openssl-1.0.0-beta4-dtls1-abi.patch
 Patch51: openssl-1.0.0-beta5-version.patch
 Patch52: openssl-1.0.0-beta4-aesni.patch
 # Backported fixes including security fixes
+Patch53: openssl-1.0.0-beta5-cleanse.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -140,6 +141,7 @@ from other formats to the formats used by the OpenSSL toolkit.
 %patch50 -p1 -b .dtls1-abi
 %patch51 -p1 -b .version
 %patch52 -p1 -b .aesni
+%patch53 -p1 -b .cleanse
 
 # Modify the various perl scripts to reference perl in the right location.
 perl util/perlpath.pl `dirname %{__perl}`
@@ -385,6 +387,11 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 %postun -p /sbin/ldconfig
 
 %changelog
+* Fri Feb 12 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.21.beta5
+- gracefully handle zero length in assembler implementations of
+  OPENSSL_cleanse (#564029)
+- do not fail in s_server if client hostname not resolvable (#561260)
+
 * Wed Jan 20 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.20.beta5
 - new upstream release