Update to NSS 3.38
This commit is contained in:
parent
3b822a7262
commit
2b3aa61f20
1
.gitignore
vendored
1
.gitignore
vendored
@ -28,3 +28,4 @@ TestUser51.cert
|
|||||||
/nss-3.36.1.tar.gz
|
/nss-3.36.1.tar.gz
|
||||||
/nss-3.37.1.tar.gz
|
/nss-3.37.1.tar.gz
|
||||||
/nss-3.37.3.tar.gz
|
/nss-3.37.3.tar.gz
|
||||||
|
/nss-3.38.0.tar.gz
|
||||||
|
@ -1,152 +0,0 @@
|
|||||||
# HG changeset patch
|
|
||||||
# User Martin Thomson <martin.thomson@gmail.com>
|
|
||||||
# Date 1523260140 -36000
|
|
||||||
# Mon Apr 09 17:49:00 2018 +1000
|
|
||||||
# Node ID 350b7210e90758de454feb4339379ef7f6b9b470
|
|
||||||
# Parent 5db9e969c74a2a02c4b1d918792827014d1a9d5e
|
|
||||||
Bug 1452549 - Discard application data that arrives before DTLS handshake completes, r=ekr
|
|
||||||
|
|
||||||
diff --git a/gtests/ssl_gtest/ssl_drop_unittest.cc b/gtests/ssl_gtest/ssl_drop_unittest.cc
|
|
||||||
--- a/gtests/ssl_gtest/ssl_drop_unittest.cc
|
|
||||||
+++ b/gtests/ssl_gtest/ssl_drop_unittest.cc
|
|
||||||
@@ -884,6 +884,45 @@ TEST_P(TlsConnectDatagram12Plus, MissAWi
|
|
||||||
SendReceive();
|
|
||||||
}
|
|
||||||
|
|
||||||
+// This filter replaces the first record it sees with junk application data.
|
|
||||||
+class TlsReplaceFirstRecordWithJunk : public TlsRecordFilter {
|
|
||||||
+ public:
|
|
||||||
+ TlsReplaceFirstRecordWithJunk(const std::shared_ptr<TlsAgent>& a)
|
|
||||||
+ : TlsRecordFilter(a), replaced_(false) {}
|
|
||||||
+
|
|
||||||
+ protected:
|
|
||||||
+ PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
|
|
||||||
+ const DataBuffer& record, size_t* offset,
|
|
||||||
+ DataBuffer* output) override {
|
|
||||||
+ if (replaced_) {
|
|
||||||
+ return KEEP;
|
|
||||||
+ }
|
|
||||||
+ replaced_ = true;
|
|
||||||
+ TlsRecordHeader out_header(header.variant(), header.version(),
|
|
||||||
+ kTlsApplicationDataType,
|
|
||||||
+ header.sequence_number());
|
|
||||||
+
|
|
||||||
+ static const uint8_t junk[] = {1, 2, 3, 4};
|
|
||||||
+ *offset = out_header.Write(output, *offset, DataBuffer(junk, sizeof(junk)));
|
|
||||||
+ return CHANGE;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ private:
|
|
||||||
+ bool replaced_;
|
|
||||||
+};
|
|
||||||
+
|
|
||||||
+// DTLS needs to discard application_data that it receives prior to handshake
|
|
||||||
+// completion, not generate an error.
|
|
||||||
+TEST_P(TlsConnectDatagram, ReplaceFirstServerRecordWithApplicationData) {
|
|
||||||
+ MakeTlsFilter<TlsReplaceFirstRecordWithJunk>(server_);
|
|
||||||
+ Connect();
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+TEST_P(TlsConnectDatagram, ReplaceFirstClientRecordWithApplicationData) {
|
|
||||||
+ MakeTlsFilter<TlsReplaceFirstRecordWithJunk>(client_);
|
|
||||||
+ Connect();
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
INSTANTIATE_TEST_CASE_P(Datagram12Plus, TlsConnectDatagram12Plus,
|
|
||||||
TlsConnectTestBase::kTlsV12Plus);
|
|
||||||
INSTANTIATE_TEST_CASE_P(DatagramPre13, TlsConnectDatagramPre13,
|
|
||||||
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
|
|
||||||
--- a/lib/ssl/ssl3con.c
|
|
||||||
+++ b/lib/ssl/ssl3con.c
|
|
||||||
@@ -12216,23 +12216,33 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
-#ifdef UNSAFE_FUZZER_MODE
|
|
||||||
+ /* Most record types aside from protected TLS 1.3 records carry the content
|
|
||||||
+ * type in the first octet. TLS 1.3 will override this value later. */
|
|
||||||
rType = cText->hdr[0];
|
|
||||||
- rv = Null_Cipher(NULL, plaintext->buf, (int *)&plaintext->len,
|
|
||||||
- plaintext->space, cText->buf->buf, cText->buf->len);
|
|
||||||
+ /* Encrypted application data records could arrive before the handshake
|
|
||||||
+ * completes in DTLS 1.3. These can look like valid TLS 1.2 application_data
|
|
||||||
+ * records in epoch 0, which is never valid. Pretend they didn't decrypt. */
|
|
||||||
+ if (spec->epoch == 0 && rType == content_application_data) {
|
|
||||||
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA);
|
|
||||||
+ alert = unexpected_message;
|
|
||||||
+ rv = SECFailure;
|
|
||||||
+ } else {
|
|
||||||
+#ifdef UNSAFE_FUZZER_MODE
|
|
||||||
+ rv = Null_Cipher(NULL, plaintext->buf, (int *)&plaintext->len,
|
|
||||||
+ plaintext->space, cText->buf->buf, cText->buf->len);
|
|
||||||
#else
|
|
||||||
- /* IMPORTANT: Unprotect functions MUST NOT send alerts
|
|
||||||
- * because we still hold the spec read lock. Instead, if they
|
|
||||||
- * return SECFailure, they set *alert to the alert to be sent. */
|
|
||||||
- if (spec->version < SSL_LIBRARY_VERSION_TLS_1_3 ||
|
|
||||||
- spec->cipherDef->calg == ssl_calg_null) {
|
|
||||||
- /* Unencrypted TLS 1.3 records use the pre-TLS 1.3 format. */
|
|
||||||
- rType = cText->hdr[0];
|
|
||||||
- rv = ssl3_UnprotectRecord(ss, spec, cText, plaintext, &alert);
|
|
||||||
- } else {
|
|
||||||
- rv = tls13_UnprotectRecord(ss, spec, cText, plaintext, &rType, &alert);
|
|
||||||
- }
|
|
||||||
+ /* IMPORTANT: Unprotect functions MUST NOT send alerts
|
|
||||||
+ * because we still hold the spec read lock. Instead, if they
|
|
||||||
+ * return SECFailure, they set *alert to the alert to be sent. */
|
|
||||||
+ if (spec->version < SSL_LIBRARY_VERSION_TLS_1_3 ||
|
|
||||||
+ spec->epoch == 0) {
|
|
||||||
+ rv = ssl3_UnprotectRecord(ss, spec, cText, plaintext, &alert);
|
|
||||||
+ } else {
|
|
||||||
+ rv = tls13_UnprotectRecord(ss, spec, cText, plaintext, &rType,
|
|
||||||
+ &alert);
|
|
||||||
+ }
|
|
||||||
#endif
|
|
||||||
+ }
|
|
||||||
|
|
||||||
if (rv != SECSuccess) {
|
|
||||||
ssl_ReleaseSpecReadLock(ss); /***************************/
|
|
||||||
@@ -12242,10 +12252,10 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
|
|
||||||
/* Ensure that we don't process this data again. */
|
|
||||||
plaintext->len = 0;
|
|
||||||
|
|
||||||
- /* Ignore a CCS if the alternative handshake is negotiated. Note that
|
|
||||||
- * this will fail if the server fails to negotiate the alternative
|
|
||||||
- * handshake type in a 0-RTT session that is resumed from a session that
|
|
||||||
- * did negotiate it. We don't care about that corner case right now. */
|
|
||||||
+ /* Ignore a CCS if compatibility mode is negotiated. Note that this
|
|
||||||
+ * will fail if the server fails to negotiate compatibility mode in a
|
|
||||||
+ * 0-RTT session that is resumed from a session that did negotiate it.
|
|
||||||
+ * We don't care about that corner case right now. */
|
|
||||||
if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
|
|
||||||
cText->hdr[0] == content_change_cipher_spec &&
|
|
||||||
ss->ssl3.hs.ws != idle_handshake &&
|
|
||||||
@@ -12254,19 +12264,20 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
|
|
||||||
/* Ignore the CCS. */
|
|
||||||
return SECSuccess;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
if (IS_DTLS(ss) ||
|
|
||||||
(ss->sec.isServer &&
|
|
||||||
ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_trial)) {
|
|
||||||
/* Silently drop the packet */
|
|
||||||
return SECSuccess;
|
|
||||||
- } else {
|
|
||||||
- int errCode = PORT_GetError();
|
|
||||||
- SSL3_SendAlert(ss, alert_fatal, alert);
|
|
||||||
- /* Reset the error code in case SSL3_SendAlert called
|
|
||||||
- * PORT_SetError(). */
|
|
||||||
- PORT_SetError(errCode);
|
|
||||||
- return SECFailure;
|
|
||||||
- }
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ int errCode = PORT_GetError();
|
|
||||||
+ SSL3_SendAlert(ss, alert_fatal, alert);
|
|
||||||
+ /* Reset the error code in case SSL3_SendAlert called
|
|
||||||
+ * PORT_SetError(). */
|
|
||||||
+ PORT_SetError(errCode);
|
|
||||||
+ return SECFailure;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* SECSuccess */
|
|
79
nss-load-policy-file.patch
Normal file
79
nss-load-policy-file.patch
Normal file
@ -0,0 +1,79 @@
|
|||||||
|
# HG changeset patch
|
||||||
|
# User David Woodhouse <David.Woodhouse@intel.com>
|
||||||
|
# Date 1529655250 -7200
|
||||||
|
# Fri Jun 22 10:14:10 2018 +0200
|
||||||
|
# Node ID d99e54ca9b6df33025ee9a196b8b942428bbff91
|
||||||
|
# Parent 1a13c19d7fab53fd62786e05d6546a4abf66e48d
|
||||||
|
Bug 1296263 - Fix loading of PKCS#11 modules from system policy file, r=rrelyea
|
||||||
|
|
||||||
|
We currently load the policy file after calling
|
||||||
|
STAN_LoadDefaultNSS3TrustDomain(), which causes problems because any
|
||||||
|
tokens in the newly-added modules don't get initialised.
|
||||||
|
|
||||||
|
Move it up by a few lines and fix up the indentation while we're at it.
|
||||||
|
|
||||||
|
diff --git a/lib/nss/nssinit.c b/lib/nss/nssinit.c
|
||||||
|
--- a/lib/nss/nssinit.c
|
||||||
|
+++ b/lib/nss/nssinit.c
|
||||||
|
@@ -702,6 +702,30 @@ nss_Init(const char *configdir, const ch
|
||||||
|
if (SECOID_Init() != SECSuccess) {
|
||||||
|
goto loser;
|
||||||
|
}
|
||||||
|
+#ifdef POLICY_FILE
|
||||||
|
+ /* Load the system crypto policy file if it exists,
|
||||||
|
+ * unless the NSS_IGNORE_SYSTEM_POLICY environment
|
||||||
|
+ * variable has been set to 1. */
|
||||||
|
+ ignoreVar = PR_GetEnvSecure("NSS_IGNORE_SYSTEM_POLICY");
|
||||||
|
+ if (ignoreVar == NULL || strncmp(ignoreVar, "1", sizeof("1")) != 0) {
|
||||||
|
+ if (PR_Access(POLICY_PATH "/" POLICY_FILE, PR_ACCESS_READ_OK) == PR_SUCCESS) {
|
||||||
|
+ SECMODModule *module = SECMOD_LoadModule(
|
||||||
|
+ "name=\"Policy File\" "
|
||||||
|
+ "parameters=\"configdir='sql:" POLICY_PATH "' "
|
||||||
|
+ "secmod='" POLICY_FILE "' "
|
||||||
|
+ "flags=readOnly,noCertDB,forceSecmodChoice,forceOpen\" "
|
||||||
|
+ "NSS=\"flags=internal,moduleDB,skipFirst,moduleDBOnly,critical\"",
|
||||||
|
+ parent, PR_TRUE);
|
||||||
|
+ if (module) {
|
||||||
|
+ PRBool isLoaded = module->loaded;
|
||||||
|
+ SECMOD_DestroyModule(module);
|
||||||
|
+ if (!isLoaded) {
|
||||||
|
+ goto loser;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
if (STAN_LoadDefaultNSS3TrustDomain() != PR_SUCCESS) {
|
||||||
|
goto loser;
|
||||||
|
}
|
||||||
|
@@ -730,30 +754,6 @@ nss_Init(const char *configdir, const ch
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
-#ifdef POLICY_FILE
|
||||||
|
- /* Load the system crypto policy file if it exists,
|
||||||
|
- * unless the NSS_IGNORE_SYSTEM_POLICY environment
|
||||||
|
- * variable has been set to 1. */
|
||||||
|
- ignoreVar = PR_GetEnvSecure("NSS_IGNORE_SYSTEM_POLICY");
|
||||||
|
- if (ignoreVar == NULL || strncmp(ignoreVar, "1", sizeof("1")) != 0) {
|
||||||
|
- if (PR_Access(POLICY_PATH "/" POLICY_FILE, PR_ACCESS_READ_OK) == PR_SUCCESS) {
|
||||||
|
- SECMODModule *module = SECMOD_LoadModule(
|
||||||
|
- "name=\"Policy File\" "
|
||||||
|
- "parameters=\"configdir='sql:" POLICY_PATH "' "
|
||||||
|
- "secmod='" POLICY_FILE "' "
|
||||||
|
- "flags=readOnly,noCertDB,forceSecmodChoice,forceOpen\" "
|
||||||
|
- "NSS=\"flags=internal,moduleDB,skipFirst,moduleDBOnly,critical\"",
|
||||||
|
- parent, PR_TRUE);
|
||||||
|
- if (module) {
|
||||||
|
- PRBool isLoaded = module->loaded;
|
||||||
|
- SECMOD_DestroyModule(module);
|
||||||
|
- if (!isLoaded) {
|
||||||
|
- goto loser;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-#endif
|
||||||
|
pk11sdr_Init();
|
||||||
|
cert_CreateSubjectKeyIDHashTable();
|
||||||
|
|
@ -1,33 +0,0 @@
|
|||||||
|
|
||||||
# HG changeset patch
|
|
||||||
# User Robert Relyea <rrelyea@redhat.com>
|
|
||||||
# Date 1525268789 -7200
|
|
||||||
# Node ID 2f1ee2b8f7a65ecae1a84c02dcf0167ce3b57ab4
|
|
||||||
# Parent 5a210945d2486d6443556ec578b22c05949e1049
|
|
||||||
Bug 1458518, Nicknames of existing certificates in NSS SQL DB should remain unchanged on repeated import attempts, r=kaie
|
|
||||||
|
|
||||||
diff --git a/lib/dev/devtoken.c b/lib/dev/devtoken.c
|
|
||||||
--- a/lib/dev/devtoken.c
|
|
||||||
+++ b/lib/dev/devtoken.c
|
|
||||||
@@ -523,17 +523,19 @@ nssToken_ImportCertificate(
|
|
||||||
}
|
|
||||||
/* according to PKCS#11, label, ID, issuer, and serial number
|
|
||||||
* may change after the object has been created. For PKIX, the
|
|
||||||
* last two attributes can't change, so for now we'll only worry
|
|
||||||
* about the first two.
|
|
||||||
*/
|
|
||||||
NSS_CK_TEMPLATE_START(cert_tmpl, attr, ctsize);
|
|
||||||
NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id);
|
|
||||||
- NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname);
|
|
||||||
+ if (!rvObject->label && nickname) {
|
|
||||||
+ NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname);
|
|
||||||
+ }
|
|
||||||
NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize);
|
|
||||||
/* reset the mutable attributes on the token */
|
|
||||||
nssCKObject_SetAttributes(rvObject->handle,
|
|
||||||
cert_tmpl, ctsize,
|
|
||||||
session, slot);
|
|
||||||
if (!rvObject->label && nickname) {
|
|
||||||
rvObject->label = nssUTF8_Duplicate(nickname, NULL);
|
|
||||||
}
|
|
||||||
|
|
19
nss.spec
19
nss.spec
@ -1,15 +1,15 @@
|
|||||||
%global nspr_version 4.19.0
|
%global nspr_version 4.19.0
|
||||||
%global nss_util_version 3.37.3
|
%global nss_util_version 3.38.0
|
||||||
%global nss_softokn_version 3.37.3
|
%global nss_softokn_version 3.38.0
|
||||||
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||||
%global allTools "certutil cmsutil crlutil derdump modutil pk12util signtool signver ssltap vfychain vfyserv"
|
%global allTools "certutil cmsutil crlutil derdump modutil pk12util signtool signver ssltap vfychain vfyserv"
|
||||||
|
|
||||||
Summary: Network Security Services
|
Summary: Network Security Services
|
||||||
Name: nss
|
Name: nss
|
||||||
Version: 3.37.3
|
Version: 3.38.0
|
||||||
# for Rawhide, please always use release >= 2
|
# for Rawhide, please always use release >= 2
|
||||||
# for Fedora release branches, please use release < 2 (1.0, 1.1, ...)
|
# for Fedora release branches, please use release < 2 (1.0, 1.1, ...)
|
||||||
Release: 3%{?dist}
|
Release: 2%{?dist}
|
||||||
License: MPLv2.0
|
License: MPLv2.0
|
||||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -75,11 +75,8 @@ Patch50: iquote.patch
|
|||||||
Patch58: rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
|
Patch58: rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
|
||||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1279520
|
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1279520
|
||||||
Patch59: nss-check-policy-file.patch
|
Patch59: nss-check-policy-file.patch
|
||||||
|
Patch60: nss-load-policy-file.patch
|
||||||
Patch62: nss-skip-util-gtest.patch
|
Patch62: nss-skip-util-gtest.patch
|
||||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1458518
|
|
||||||
Patch63: nss-moz1458518.patch
|
|
||||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1452549
|
|
||||||
Patch64: nss-dtls-discard-app-data-before-handshake.patch
|
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Network Security Services (NSS) is a set of libraries designed to
|
Network Security Services (NSS) is a set of libraries designed to
|
||||||
@ -161,9 +158,8 @@ low level services.
|
|||||||
%patch58 -p0 -b .1185708_3des
|
%patch58 -p0 -b .1185708_3des
|
||||||
pushd nss
|
pushd nss
|
||||||
%patch59 -p1 -b .check_policy_file
|
%patch59 -p1 -b .check_policy_file
|
||||||
|
%patch60 -p1 -b .load_policy_file
|
||||||
%patch62 -p1 -b .skip_util_gtest
|
%patch62 -p1 -b .skip_util_gtest
|
||||||
%patch63 -p1 -b .moz1458518
|
|
||||||
%patch64 -p1 -b .dtls-discard-app-data
|
|
||||||
popd
|
popd
|
||||||
|
|
||||||
#########################################################
|
#########################################################
|
||||||
@ -737,6 +733,9 @@ done
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jul 2 2018 Daiki Ueno <dueno@redhat.com> - 3.38.0-2
|
||||||
|
- Update to NSS 3.38
|
||||||
|
|
||||||
* Wed Jun 6 2018 Daiki Ueno <dueno@redhat.com> - 3.37.3-3
|
* Wed Jun 6 2018 Daiki Ueno <dueno@redhat.com> - 3.37.3-3
|
||||||
- Backport fix for handling DTLS application_data before handshake
|
- Backport fix for handling DTLS application_data before handshake
|
||||||
|
|
||||||
|
2
sources
2
sources
@ -3,4 +3,4 @@ SHA512 (blank-cert9.db) = 2f8eab4c0612210ee47db8a3a80c1b58a0b43849551af78c7da403
|
|||||||
SHA512 (blank-key3.db) = 01f7314e9fc8a7c9aa997652624cfcde213d18a6b3bb31840c1a60bbd662e56b5bc3221d13874abb42ce78163b225a6dfce2e1326cf6dd29366ad9c28ba5a71c
|
SHA512 (blank-key3.db) = 01f7314e9fc8a7c9aa997652624cfcde213d18a6b3bb31840c1a60bbd662e56b5bc3221d13874abb42ce78163b225a6dfce2e1326cf6dd29366ad9c28ba5a71c
|
||||||
SHA512 (blank-key4.db) = 8fedae93af7163da23fe9492ea8e785a44c291604fa98e58438448efb69c85d3253fc22b926d5c3209c62e58a86038fd4d78a1c4c068bc00600a7f3e5382ebe7
|
SHA512 (blank-key4.db) = 8fedae93af7163da23fe9492ea8e785a44c291604fa98e58438448efb69c85d3253fc22b926d5c3209c62e58a86038fd4d78a1c4c068bc00600a7f3e5382ebe7
|
||||||
SHA512 (blank-secmod.db) = 06a2dbd861839ef6315093459328b500d3832333a34b30e6fac4a2503af337f014a4d319f0f93322409e719142904ce8bc08252ae9a4f37f30d4c3312e900310
|
SHA512 (blank-secmod.db) = 06a2dbd861839ef6315093459328b500d3832333a34b30e6fac4a2503af337f014a4d319f0f93322409e719142904ce8bc08252ae9a4f37f30d4c3312e900310
|
||||||
SHA512 (nss-3.37.3.tar.gz) = 11b21818f9fcff11d0e7f4c066ae9fbce0052a30a6b30df9a20022792039b5348554834a472e1b1195e467b9902067f9719678d5ca32efb4e60f1df161feed6f
|
SHA512 (nss-3.38.0.tar.gz) = eb63f1c44adbbd97dc766e8545c72303f3cb18f1bfb2af67c33cdb1a1a9a1cc432a64afbafabd7a5bb3f08cb36db74ed81e5cfa1fc4bd35ae76e183f3205afed
|
||||||
|
Loading…
Reference in New Issue
Block a user