Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/nss.git#4ecb833a82b0039b0eebfcb5dc921e516f47ac2b
This commit is contained in:
DistroBaker 2020-12-12 23:43:09 +00:00
parent 359e1d55d7
commit ea29cec023
7 changed files with 74 additions and 513 deletions

1
.gitignore vendored
View File

@ -56,3 +56,4 @@ TestUser51.cert
/nss-3.57.tar.gz
/nss-3.58.tar.gz
/nspr-4.29.tar.gz
/nss-3.59.tar.gz

View File

@ -0,0 +1,39 @@
diff -up ./lib/pk11wrap/pk11pars.c.policy_revert ./lib/pk11wrap/pk11pars.c
--- ./lib/pk11wrap/pk11pars.c.policy_revert 2020-11-04 10:26:59.085300799 -0800
+++ ./lib/pk11wrap/pk11pars.c 2020-11-04 10:29:52.774239468 -0800
@@ -391,12 +391,6 @@ static const oidValDef signOptList[] = {
/* Signatures */
{ CIPHER_NAME("DSA"), SEC_OID_ANSIX9_DSA_SIGNATURE,
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
- { CIPHER_NAME("RSA-PKCS"), SEC_OID_PKCS1_RSA_ENCRYPTION,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
- { CIPHER_NAME("RSA-PSS"), SEC_OID_PKCS1_RSA_PSS_SIGNATURE,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
- { CIPHER_NAME("ECDSA"), SEC_OID_ANSIX962_EC_PUBLIC_KEY,
- NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
};
typedef struct {
@@ -412,7 +406,7 @@ static const algListsDef algOptLists[] =
{ macOptList, PR_ARRAY_SIZE(macOptList), "MAC", PR_FALSE },
{ cipherOptList, PR_ARRAY_SIZE(cipherOptList), "CIPHER", PR_FALSE },
{ kxOptList, PR_ARRAY_SIZE(kxOptList), "OTHER-KX", PR_FALSE },
- { signOptList, PR_ARRAY_SIZE(signOptList), "OTHER-SIGN", PR_FALSE },
+ { signOptList, PR_ARRAY_SIZE(signOptList), "OTHER-SIGN", PR_TRUE },
};
static const optionFreeDef sslOptList[] = {
diff -up ./tests/ssl/sslpolicy.txt.policy_revert ./tests/ssl/sslpolicy.txt
--- ./tests/ssl/sslpolicy.txt.policy_revert 2020-11-04 10:31:20.837715397 -0800
+++ ./tests/ssl/sslpolicy.txt 2020-11-04 10:33:19.598357223 -0800
@@ -193,7 +193,9 @@
1 noECC SSL3 d disallow=all_allow=hmac-sha1:sha256:rsa-pkcs:rsa:des-ede3-cbc:tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Implicitly Narrow
1 noECC SSL3 d disallow=all_allow=md2/all:md4/all:md5/all:sha1/all:sha256/all:sha384/all:sha512/all:rsa-pkcs/all:rsa-pss/all:ecdsa/all:dsa/all:hmac-sha1/all:hmac-sha224/all:hmac-sha256/all:hmac-sha384/all:hmac-sha512/all:hmac-md5/all:camellia128-cbc/all:camellia192-cbc/all:camellia256-cbc/all:seed-cbc/all:des-ede3-cbc/all:des-40-cbc/all:des-cbc/all:null-cipher/all:rc2/all:rc4/all:idea/all:rsa/all:rsa-export/all:dhe-rsa/all:dhe-dss/all:ecdhe-ecdsa/all:ecdhe-rsa/all:ecdh-ecdsa/all:ecdh-rsa/all:tls-version-min=tls1.0:tls-version-max=tls1.2 Disallow Version Implicitly
0 noECC SSL3 d disallow=dsa Disallow DSA Signatures Explicitly
- 1 noECC SSL3 d disallow=rsa-pkcs Disallow RSA PKCS 1 Signatures Explicitly
+# rsa-pkcs, rsa-pss, and ecdsa policy checking reverted in rhel8 for binary
+# compatibility reasons
+# 1 noECC SSL3 d disallow=rsa-pkcs Disallow RSA PKCS 1 Signatures Explicitly
# test default settings
# NOTE: tstclient will attempt to overide the defaults, so we detect we
# were successful by locking in our settings

View File

@ -1,372 +0,0 @@
# HG changeset patch
# User Robert Relyea <rrelyea@redhat.com>
# Date 1603752651 25200
# Node ID 035110dfa0b9a7f755860020fbbb7296c543d63b
# Parent a79d14b06b4a3ca19c169a4b0c1f28d5e2f25b35# Parent 97f69f7a89a1a31b5acb05a551560e62b65495d4
Bug 1672291 libpkix OCSP failures on SHA1 self-signed root certs when SHA1 signatures are disabled. r=mt
When libpkix is checking an OCSP cert, it can't use the passed in set of trust anchors as a base because only the single root that signed the leaf can sign the OCSP request. As a result it actually checks the signature of the self-signed root when processing an OCSP request. This fails of the root cert signature is invalid for any reason (including it's a sha1 self-signed root cert and we've disabled sha1 signatures (say, by policy)).
Further investigation indicates the difference between our classic code and the current code is the classic code only checks OCSP responses on leaf certs. In the real world, those responses are signed by intermediate certificates (who won't have sha1 signed certificates anymore), so our signature processing works just fine. pkix checks OCSP on the intermediate certificates as well, which are signed by the root cert. In this case the root cert is a chain of 1, and is effectively a leaf. This patch updates the OCSP response code to not check the signatures on the single cert if that cert is a selfsigned root cert. This requires bug 391476 so we still do the other validation checking on the certs (making sure it's trusted as a CA).
Differential Revision: https://phabricator.services.mozilla.com/D94661
diff --git a/lib/certhigh/certvfypkix.c b/lib/certhigh/certvfypkix.c
--- a/lib/certhigh/certvfypkix.c
+++ b/lib/certhigh/certvfypkix.c
@@ -406,17 +406,17 @@ cleanup:
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a Cert Verify Error if the function fails in an unrecoverable way.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
static PKIX_Error *
cert_CreatePkixProcessingParams(
CERTCertificate *cert,
- PRBool checkSig, /* not used yet. See bug 391476 */
+ PRBool checkSig,
PRTime time,
void *wincx,
PRBool useArena,
PRBool disableOCSPRemoteFetching,
PKIX_ProcessingParams **pprocParams,
void **pplContext)
{
PKIX_List *anchors = NULL;
@@ -436,25 +436,22 @@ cert_CreatePkixProcessingParams(
PKIX_NULLCHECK_TWO(cert, pprocParams);
PKIX_CHECK(
PKIX_PL_NssContext_Create(0, useArena, wincx, &plContext),
PKIX_NSSCONTEXTCREATEFAILED);
*pplContext = plContext;
-#ifdef PKIX_NOTDEF
/* Functions should be implemented in patch for 390532 */
PKIX_CHECK(
pkix_pl_NssContext_SetCertSignatureCheck(checkSig,
(PKIX_PL_NssContext *)plContext),
PKIX_NSSCONTEXTSETCERTSIGNCHECKFAILED);
-#endif /* PKIX_NOTDEF */
-
PKIX_CHECK(
PKIX_ProcessingParams_Create(&procParams, plContext),
PKIX_PROCESSINGPARAMSCREATEFAILED);
PKIX_CHECK(
PKIX_ComCertSelParams_Create(&certSelParams, plContext),
PKIX_COMCERTSELPARAMSCREATEFAILED);
diff --git a/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.c b/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.c
--- a/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.c
+++ b/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.c
@@ -49,16 +49,17 @@ PKIX_PL_NssContext_Create(
context->arena = arena;
context->certificateUsage = (SECCertificateUsage)certificateUsage;
context->wincx = wincx;
context->timeoutSeconds = PKIX_DEFAULT_COMM_TIMEOUT_SECONDS;
context->maxResponseLength = PKIX_DEFAULT_MAX_RESPONSE_LENGTH;
context->crlReloadDelay = PKIX_DEFAULT_CRL_RELOAD_DELAY_SECONDS;
context->badDerCrlReloadDelay =
PKIX_DEFAULT_BAD_CRL_RELOAD_DELAY_SECONDS;
+ context->certSignatureCheck = PKIX_TRUE;
context->chainVerifyCallback.isChainValid = NULL;
context->chainVerifyCallback.isChainValidArg = NULL;
*pNssContext = context;
cleanup:
PKIX_RETURN(CONTEXT);
}
@@ -156,16 +157,85 @@ pkix_pl_NssContext_SetCertUsage(
PKIX_NULLCHECK_ONE(nssContext);
nssContext->certificateUsage = certUsage;
PKIX_RETURN(CONTEXT);
}
/*
+ * FUNCTION: pkix_pl_NssContext_GetCertSignatureCheck
+ * DESCRIPTION:
+ *
+ * This function obtains the platform-dependent flag to turn on or off
+ * signature checks.
+ *
+ * PARAMETERS:
+ * "nssContext"
+ * The address of the context object whose wincx parameter is to be
+ * obtained. Must be non-NULL.
+ * "pCheckSig"
+ * The address where the result is stored. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_NssContext_GetCertSignatureCheck(
+ PKIX_PL_NssContext *nssContext,
+ PKIX_Boolean *pCheckSig)
+{
+ void *plContext = NULL;
+
+ PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_GetCertUsage");
+ PKIX_NULLCHECK_TWO(nssContext, pCheckSig);
+
+ *pCheckSig = nssContext->certSignatureCheck;
+
+ PKIX_RETURN(CONTEXT);
+}
+
+/*
+ * FUNCTION: pkix_pl_NssContext_SetCertSignatureCheck
+ * DESCRIPTION:
+ *
+ * This function sets the check signature flag in
+ * the context object pointed to by "nssContext" to the value provided in
+ * "checkSig".
+ *
+ * PARAMETERS:
+ * "checkSig"
+ * Boolean that tells whether or not to check the signatues on certs.
+ * "nssContext"
+ * The address of the context object whose wincx parameter is to be
+ * obtained. Must be non-NULL.
+ * THREAD SAFETY:
+ * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
+ * RETURNS:
+ * Returns NULL if the function succeeds.
+ * Returns a Fatal Error if the function fails in an unrecoverable way.
+ */
+PKIX_Error *
+pkix_pl_NssContext_SetCertSignatureCheck(
+ PKIX_Boolean checkSig,
+ PKIX_PL_NssContext *nssContext)
+{
+ void *plContext = NULL;
+
+ PKIX_ENTER(CONTEXT, "pkix_pl_NssContext_SetCertUsage");
+ PKIX_NULLCHECK_ONE(nssContext);
+
+ nssContext->certSignatureCheck = checkSig;
+
+ PKIX_RETURN(CONTEXT);
+}
+
+/*
* FUNCTION: pkix_pl_NssContext_GetWincx
* DESCRIPTION:
*
* This function obtains the platform-dependent wincx parameter from the
* context object pointed to by "nssContext", storing the result at "pWincx".
*
* PARAMETERS:
* "nssContext"
diff --git a/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.h b/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.h
--- a/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.h
+++ b/lib/libpkix/pkix_pl_nss/module/pkix_pl_nsscontext.h
@@ -22,28 +22,37 @@ struct PKIX_PL_NssContextStruct {
SECCertificateUsage certificateUsage;
PLArenaPool *arena;
void *wincx;
PKIX_UInt32 timeoutSeconds;
PKIX_UInt32 maxResponseLength;
PRTime crlReloadDelay;
PRTime badDerCrlReloadDelay;
CERTChainVerifyCallback chainVerifyCallback;
+ PKIX_Boolean certSignatureCheck;
};
PKIX_Error *
pkix_pl_NssContext_GetCertUsage
(PKIX_PL_NssContext *nssContext, SECCertificateUsage *pCertUsage);
/* XXX move the setter into the public header. */
PKIX_Error *
pkix_pl_NssContext_SetCertUsage
(SECCertificateUsage certUsage, PKIX_PL_NssContext *nssContext);
PKIX_Error *
+pkix_pl_NssContext_GetCertSignatureCheck
+ (PKIX_PL_NssContext *nssContext, PKIX_Boolean *pCheckSig);
+
+PKIX_Error *
+pkix_pl_NssContext_SetCertSignatureCheck
+ (PKIX_Boolean checkSig, PKIX_PL_NssContext *nssContext);
+
+PKIX_Error *
pkix_pl_NssContext_GetWincx(PKIX_PL_NssContext *nssContext, void **pWincx);
/* XXX move the setter into the public header. */
PKIX_Error *
pkix_pl_NssContext_SetWincx(void *wincx, PKIX_PL_NssContext *nssContext);
#ifdef __cplusplus
}
diff --git a/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c b/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
--- a/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
+++ b/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
@@ -2806,24 +2806,33 @@ PKIX_PL_Cert_VerifySignature(
void *plContext)
{
CERTCertificate *nssCert = NULL;
SECKEYPublicKey *nssPubKey = NULL;
CERTSignedData *tbsCert = NULL;
PKIX_PL_Cert *cachedCert = NULL;
PKIX_Error *verifySig = NULL;
PKIX_Error *cachedSig = NULL;
+ PKIX_Error *checkSig = NULL;
SECStatus status;
PKIX_Boolean certEqual = PKIX_FALSE;
PKIX_Boolean certInHash = PKIX_FALSE;
+ PKIX_Boolean checkCertSig = PKIX_TRUE;
void* wincx = NULL;
PKIX_ENTER(CERT, "PKIX_PL_Cert_VerifySignature");
PKIX_NULLCHECK_THREE(cert, cert->nssCert, pubKey);
+ /* if the cert check flag is off, skip the check */
+ checkSig = pkix_pl_NssContext_GetCertSignatureCheck(
+ (PKIX_PL_NssContext *)plContext, &checkCertSig);
+ if ((checkCertSig == PKIX_FALSE) && (checkSig == NULL)) {
+ goto cleanup;
+ }
+
verifySig = PKIX_PL_HashTable_Lookup
(cachedCertSigTable,
(PKIX_PL_Object *) pubKey,
(PKIX_PL_Object **) &cachedCert,
plContext);
if (cachedCert != NULL && verifySig == NULL) {
/* Cached Signature Table lookup succeed */
@@ -2874,16 +2883,17 @@ PKIX_PL_Cert_VerifySignature(
cleanup:
if (nssPubKey){
PKIX_CERT_DEBUG("\t\tCalling SECKEY_DestroyPublicKey).\n");
SECKEY_DestroyPublicKey(nssPubKey);
}
PKIX_DECREF(cachedCert);
+ PKIX_DECREF(checkSig);
PKIX_DECREF(verifySig);
PKIX_DECREF(cachedSig);
PKIX_RETURN(CERT);
}
/*
* FUNCTION: PKIX_PL_Cert_CheckValidity (see comments in pkix_pl_pki.h)
diff --git a/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.c b/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.c
--- a/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.c
+++ b/lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.c
@@ -736,17 +736,19 @@ pkix_pl_OcspResponse_VerifyResponse(
(response->verifyFcn)((PKIX_PL_Object*)response->pkixSignerCert,
NULL, response->producedAtDate,
procParams, pNBIOContext,
state, buildResult,
NULL, lplContext),
PKIX_CERTVERIFYKEYUSAGEFAILED);
rv = SECSuccess;
} else {
- rv = CERT_VerifyCert(response->handle, response->signerCert, PKIX_TRUE,
+ /* checkSig is !isRoot */
+ PRBool checkSig = response->signerCert->isRoot ? PR_FALSE : PR_TRUE;
+ rv = CERT_VerifyCert(response->handle, response->signerCert, checkSig,
certUsage, response->producedAt, NULL, NULL);
if (rv != SECSuccess) {
PKIX_ERROR(PKIX_CERTVERIFYKEYUSAGEFAILED);
}
}
cleanup:
if (rv != SECSuccess) {
diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh
--- a/tests/ssl/ssl.sh
+++ b/tests/ssl/ssl.sh
@@ -931,16 +931,60 @@ ssl_policy_listsuites()
html_msg $RET $RET_EXP "${testname}" \
"produced a returncode of $RET, expected is $RET_EXP"
cp ${P_R_CLIENTDIR}/pkcs11.txt.sav ${P_R_CLIENTDIR}/pkcs11.txt
html "</TABLE><BR>"
}
+ssl_policy_pkix_ocsp()
+{
+ #verbose="-v"
+ html_head "Check that OCSP doesn't break if we disable sha1 $NORM_EXT - server $SERVER_MODE/client $CLIENT_MODE"
+
+ PKIX_SAVE=${NSS_ENABLE_PKIX_VERIFY-"unset"}
+ NSS_ENABLE_PKIX_VERIFY="1"
+ export NSS_ENABLE_PKIX_VERIFY
+
+ testname=""
+
+ if [ ! -f "${P_R_SERVERDIR}/pkcs11.txt" ] ; then
+ html_failed "${SCRIPTNAME}: ${P_R_SERVERDIR} is not initialized"
+ return 1;
+ fi
+
+ echo "Saving pkcs11.txt"
+ cp ${P_R_SERVERDIR}/pkcs11.txt ${P_R_SERVERDIR}/pkcs11.txt.sav
+
+ # Disallow sha1 explicitly. This will test if we are trying to verify the sha1 signature
+ # on the GlobalSign root during OCSP processing
+ setup_policy "disallow=sha1" ${P_R_SERVERDIR}
+ RET_EXP=0
+ echo " vfyserv -o wrong.host.badssl.com -d ${P_R_SERVERDIR} 2>&1 | tee ${P_R_SERVERDIR}/vfy.out"
+ vfyserv -o wrong.host.badssl.com -d ${P_R_SERVERDIR} 2>&1 | tee ${P_R_SERVERDIR}/vfy.out
+ # make sure we have the domain mismatch, not bad signature error
+ echo "grep 12276 ${P_R_SERVERDIR}/vfy.out"
+ grep 12276 ${P_R_SERVERDIR}/vfy.out
+ RET=$?
+ html_msg $RET $RET_EXP "${testname}" \
+ "produced a returncode of $RET, expected is $RET_EXP"
+
+ if [ "${PKIX_SAVE}" = "unset" ]; then
+ unset NSS_ENABLE_PKIX_VERIFY
+ else
+ NSS_ENABLE_PKIX_VERIFY=${PKIX_SAVE}
+ export NSS_ENABLE_PKIX_VERIFY
+ fi
+ cp ${P_R_SERVERDIR}/pkcs11.txt.sav ${P_R_SERVERDIR}/pkcs11.txt
+
+ html "</TABLE><BR>"
+
+}
+
############################## ssl_policy_selfserv #####################
# local shell function to perform SSL Policy tests, using selfserv
########################################################################
ssl_policy_selfserv()
{
#verbose="-v"
html_head "SSL POLICY SELFSERV $NORM_EXT - server $SERVER_MODE/client $CLIENT_MODE"
@@ -1548,16 +1592,17 @@ ssl_run_tests()
{
for SSL_TEST in ${NSS_SSL_TESTS}
do
case "${SSL_TEST}" in
"policy")
if [ "${TEST_MODE}" = "SHARED_DB" ] ; then
ssl_policy_listsuites
ssl_policy_selfserv
+ ssl_policy_pkix_ocsp
ssl_policy
fi
;;
"crl")
ssl_crl_ssl
ssl_crl_cache
;;
"iopr")

View File

@ -1,132 +0,0 @@
# HG changeset patch
# User Daiki Ueno <dueno@redhat.com>
# Date 1603691171 -3600
# Mon Oct 26 06:46:11 2020 +0100
# Node ID b03a4fc5b902498414b02640dcb2717dfef9682f
# Parent 6f79a76958129dc09c353c288f115fd9a51ab7d4
Bug 1672703, always tolerate the first CCS in TLS 1.3, r=mt
Summary:
This flips the meaning of the flag for checking excessive CCS
messages, so it only rejects multiple CCS messages while the first CCS
message is always accepted.
Reviewers: mt
Reviewed By: mt
Bug #: 1672703
Differential Revision: https://phabricator.services.mozilla.com/D94603
diff -r 6f79a7695812 -r b03a4fc5b902 gtests/ssl_gtest/ssl_tls13compat_unittest.cc
--- a/gtests/ssl_gtest/ssl_tls13compat_unittest.cc Fri Oct 23 16:14:36 2020 -0700
+++ b/gtests/ssl_gtest/ssl_tls13compat_unittest.cc Mon Oct 26 06:46:11 2020 +0100
@@ -348,8 +348,8 @@
client_->CheckErrorCode(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT);
}
-// The server rejects a ChangeCipherSpec if the client advertises an
-// empty session ID.
+// The server accepts a ChangeCipherSpec even if the client advertises
+// an empty session ID.
TEST_F(TlsConnectStreamTls13, ChangeCipherSpecAfterClientHelloEmptySid) {
EnsureTlsSetup();
ConfigureVersion(SSL_LIBRARY_VERSION_TLS_1_3);
@@ -358,9 +358,8 @@
client_->Handshake(); // Send ClientHello
client_->SendDirect(DataBuffer(kCannedCcs, sizeof(kCannedCcs))); // Send CCS
- server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
- server_->Handshake(); // Consume ClientHello and CCS
- server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
+ Handshake();
+ CheckConnected();
}
// The server rejects multiple ChangeCipherSpec even if the client
@@ -381,7 +380,7 @@
server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
}
-// The client rejects a ChangeCipherSpec if it advertises an empty
+// The client accepts a ChangeCipherSpec even if it advertises an empty
// session ID.
TEST_F(TlsConnectStreamTls13, ChangeCipherSpecAfterServerHelloEmptySid) {
EnsureTlsSetup();
@@ -398,9 +397,10 @@
// send ServerHello..CertificateVerify
// Send CCS
server_->SendDirect(DataBuffer(kCannedCcs, sizeof(kCannedCcs)));
- client_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
- client_->Handshake(); // Consume ClientHello and CCS
- client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
+
+ // No alert is sent from the client. As Finished is dropped, we
+ // can't use Handshake() and CheckConnected().
+ client_->Handshake();
}
// The client rejects multiple ChangeCipherSpec in a row even if the
diff -r 6f79a7695812 -r b03a4fc5b902 lib/ssl/ssl3con.c
--- a/lib/ssl/ssl3con.c Fri Oct 23 16:14:36 2020 -0700
+++ b/lib/ssl/ssl3con.c Mon Oct 26 06:46:11 2020 +0100
@@ -6645,11 +6645,7 @@
/* TLS 1.3: We sent a session ID. The server's should match. */
if (!IS_DTLS(ss) && (sentRealSid || sentFakeSid)) {
- if (sidMatch) {
- ss->ssl3.hs.allowCcs = PR_TRUE;
- return PR_TRUE;
- }
- return PR_FALSE;
+ return sidMatch;
}
/* TLS 1.3 (no SID)/DTLS 1.3: The server shouldn't send a session ID. */
@@ -8696,7 +8692,6 @@
errCode = PORT_GetError();
goto alert_loser;
}
- ss->ssl3.hs.allowCcs = PR_TRUE;
}
/* TLS 1.3 requires that compression include only null. */
@@ -13066,15 +13061,14 @@
ss->ssl3.hs.ws != idle_handshake &&
cText->buf->len == 1 &&
cText->buf->buf[0] == change_cipher_spec_choice) {
- if (ss->ssl3.hs.allowCcs) {
- /* Ignore the first CCS. */
- ss->ssl3.hs.allowCcs = PR_FALSE;
+ if (!ss->ssl3.hs.rejectCcs) {
+ /* Allow only the first CCS. */
+ ss->ssl3.hs.rejectCcs = PR_TRUE;
return SECSuccess;
- }
-
- /* Compatibility mode is not negotiated. */
- alert = unexpected_message;
- PORT_SetError(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
+ } else {
+ alert = unexpected_message;
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
+ }
}
if ((IS_DTLS(ss) && !dtls13_AeadLimitReached(spec)) ||
diff -r 6f79a7695812 -r b03a4fc5b902 lib/ssl/sslimpl.h
--- a/lib/ssl/sslimpl.h Fri Oct 23 16:14:36 2020 -0700
+++ b/lib/ssl/sslimpl.h Mon Oct 26 06:46:11 2020 +0100
@@ -710,10 +710,7 @@
* or received. */
PRBool receivedCcs; /* A server received ChangeCipherSpec
* before the handshake started. */
- PRBool allowCcs; /* A server allows ChangeCipherSpec
- * as the middlebox compatibility mode
- * is explicitly indicarted by
- * legacy_session_id in TLS 1.3 ClientHello. */
+ PRBool rejectCcs; /* Excessive ChangeCipherSpecs are rejected. */
PRBool clientCertRequested; /* True if CertificateRequest received. */
PRBool endOfFlight; /* Processed a full flight (DTLS 1.3). */
ssl3KEADef kea_def_mutable; /* Used to hold the writable kea_def

View File

@ -0,0 +1,18 @@
diff -up ./lib/softoken/sdb.c.orig ./lib/softoken/sdb.c
--- ./lib/softoken/sdb.c.orig 2020-12-11 22:49:26.961726193 -0500
+++ ./lib/softoken/sdb.c 2020-12-11 23:01:30.739122494 -0500
@@ -690,8 +690,14 @@ sdb_openDB(const char *name, sqlite3 **s
openFlags = SQLITE_OPEN_READONLY;
} else {
openFlags = SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE;
+ /* btrfs and sqlite seem to incorrectly open readwrite.
+ * when the file is readonly explicitly reject that issue here */
+ if ((_NSSUTIL_Access(name, PR_ACCESS_EXISTS) == PR_SUCCESS) && (_NSSUTIL_Access(name, PR_ACCESS_WRITE_OK) != PR_SUCCESS)) {
+ return SQLITE_READONLY;
+ }
}
+
/* Requires SQLite 3.5.0 or newer. */
sqlerr = sqlite3_open_v2(name, sqlDB, openFlags, NULL);
if (sqlerr != SQLITE_OK) {

View File

@ -2,8 +2,8 @@
# NOTE: To avoid NVR clashes of nspr* packages:
# - reset %%{nspr_release} to 1, when updating %%{nspr_version}
# - increment %%{nspr_version}, when updating the NSS part only
%global nspr_release 8
%global nss_version 3.58.0
%global nspr_release 9
%global nss_version 3.59.0
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
%global saved_files_dir %{_libdir}/nss/saved
%global dracutlibdir %{_prefix}/lib/dracut
@ -53,7 +53,7 @@ rpm.define(string.format("nss_release_tag NSS_%s_RTM",
Summary: Network Security Services
Name: nss
Version: %{nss_version}
Release: 8%{?dist}
Release: 2%{?dist}
License: MPLv2.0
URL: http://www.mozilla.org/projects/security/pki/nss/
Requires: nspr >= %{nspr_version}
@ -72,7 +72,6 @@ BuildRequires: gawk
BuildRequires: psmisc
BuildRequires: perl-interpreter
BuildRequires: gcc-c++
BuildRequires: quilt
Source0: https://ftp.mozilla.org/pub/security/nss/releases/%{nss_release_tag}/src/%{name}-%{nss_archive_version}.tar.gz
Source1: nss-util.pc.in
@ -117,16 +116,16 @@ Patch2: nss-539183.patch
# Once the buildroot aha been bootstrapped the patch may be removed
# but it doesn't hurt to keep it.
Patch4: iquote.patch
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1672703
Patch5: nss-ccs.patch
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1672291
Patch6: nss-3.58-pkix-ocsp-fix.patch
Patch12: nss-signtool-format.patch
%if 0%{?fedora} < 34
%if 0%{?rhel} < 9
Patch20: nss-gcm-param-default-pkcs11v2.patch
%endif
%endif
# can drop this patch when the underlying btrfs/sqlite issue is solved
Patch30: nss-fedora-btrf-sql-hack.patch
# can drop this patch once crypto-policies has been updated
Patch31: nss-3.53.1-revert_rhel8_unsafe_policy_change.patch
Patch100: nspr-config-pc.patch
Patch101: nspr-gcc-atomics.patch
@ -1048,6 +1047,14 @@ update-crypto-policies &> /dev/null || :
%changelog
* Fri Dec 11 2020 Bob Relyea <rrelyea@redhat.com> - 3.59.0-2
- Work around btrfs/sqlite bug
- Disable new policy entries until crypto-polices has been updated
* Thu Dec 10 2020 Daiki Ueno <dueno@redhat.com> - 3.59.0-1
- Update to NSS 3.59
- Remove unused quilt BR
* Sat Nov 7 2020 Daiki Ueno <dueno@redhat.com> - 3.58.0-8
- Replace %%{version} references in %%build with %%{nss_version}, suggested by Dmitry Butskoy in bz#1895447

View File

@ -4,4 +4,4 @@ SHA512 (blank-key3.db) = 01f7314e9fc8a7c9aa997652624cfcde213d18a6b3bb31840c1a60b
SHA512 (blank-key4.db) = 8fedae93af7163da23fe9492ea8e785a44c291604fa98e58438448efb69c85d3253fc22b926d5c3209c62e58a86038fd4d78a1c4c068bc00600a7f3e5382ebe7
SHA512 (blank-secmod.db) = 06a2dbd861839ef6315093459328b500d3832333a34b30e6fac4a2503af337f014a4d319f0f93322409e719142904ce8bc08252ae9a4f37f30d4c3312e900310
SHA512 (nspr-4.29.tar.gz) = ba5ac275fe0beb69d7a7674c9ee9e4429bd5761daed285edd975ccc829af30d062bf4a0f5e44361e3bd191f21b1905f96ab146d53b55324020f13ecb3c05609b
SHA512 (nss-3.58.tar.gz) = 03d2ab1517ac07620ea3f02dcf680cf019e0129006ff2559b2d0a047036340c20b98c9679b17a594e5502aa30e158caf309f046901b9ec7c7adeeaa13ec50b80
SHA512 (nss-3.59.tar.gz) = 8963e846f2ff7222457ae59f042672cf4e44f7752807226f46c215a772fd1cbd65d0ce634da4afb698eabd4eb1c1e78146cc2a089339ada11da03d259c609a38