import openssl-1.1.1g-15.el8_3

2021-03-29 15:04:43 -04:00 · 2021-03-29 15:04:43 -04:00 · 2a316f8cc5
commit 2a316f8cc5
parent 1b0b7286c8
3 changed files with 210 additions and 1 deletions
--- a/SOURCES/openssl-1.1.1-CVE-2021-3449.patch
+++ b/SOURCES/openssl-1.1.1-CVE-2021-3449.patch
@ -0,0 +1,140 @@
 diff -up openssl-1.1.1g/ssl/statem/extensions.c.sig-alg-null-dereference openssl-1.1.1g/ssl/statem/extensions.c
 --- openssl-1.1.1g/ssl/statem/extensions.c.sig-alg-null-dereference	2021-03-25 15:04:24.781522476 +0100
 +++ openssl-1.1.1g/ssl/statem/extensions.c	2021-03-25 15:04:24.792522584 +0100
@@ -1136,6 +1136,7 @@ static int init_sig_algs(SSL *s, unsigne
     /* Clear any signature algorithms extension received */
     OPENSSL_free(s->s3->tmp.peer_sigalgs);
     s->s3->tmp.peer_sigalgs = NULL;
 +    s->s3->tmp.peer_sigalgslen = 0;
     return 1;
 }
@@ -1145,6 +1146,7 @@ static int init_sig_algs_cert(SSL *s, un
     /* Clear any signature algorithms extension received */
     OPENSSL_free(s->s3->tmp.peer_cert_sigalgs);
     s->s3->tmp.peer_cert_sigalgs = NULL;
 +    s->s3->tmp.peer_cert_sigalgslen = 0;
     return 1;
 }
 diff -up openssl-1.1.1g/test/recipes/70-test_renegotiation.t.sig-alg-null-dereference openssl-1.1.1g/test/recipes/70-test_renegotiation.t
 --- openssl-1.1.1g/test/recipes/70-test_renegotiation.t.sig-alg-null-dereference	2021-03-25 15:59:52.226408743 +0100
 +++ openssl-1.1.1g/test/recipes/70-test_renegotiation.t	2021-03-25 16:07:25.528618852 +0100
@@ -38,7 +38,7 @@ my $proxy = TLSProxy::Proxy->new(
 $proxy->clientflags("-no_tls1_3");
 $proxy->reneg(1);
 $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
 -plan tests => 3;
 +plan tests => 4;
 ok(TLSProxy::Message->success(), "Basic renegotiation");
 #Test 2: Client does not send the Reneg SCSV. Reneg should fail
@@ -77,6 +77,20 @@ SKIP: {
        "Check ClientHello version is the same");
 }
 +SKIP: {
 +    skip "TLSv1.2 disabled", 1
 +        if disabled("tls1_2");
 +
 +    #Test 4: Test for CVE-2021-3449. client_sig_algs instead of sig_algs in
 +    #        resumption ClientHello
 +    $proxy->clear();
 +    $proxy->filter(\&sigalgs_filter);
 +    $proxy->clientflags("-tls1_2");
 +    $proxy->reneg(1);
 +    $proxy->start();
 +    ok(TLSProxy::Message->fail(), "client_sig_algs instead of sig_algs");
 +}
 +
 sub reneg_filter
 {
     my $proxy = shift;
@@ -95,4 +109,24 @@ sub reneg_filter
             $message->repack();
         }
     }
 +}
 +
 +sub sigalgs_filter
 +{
 +    my $proxy = shift;
 +    my $cnt = 0;
 +
 +    # We're only interested in the second ClientHello message
 +    foreach my $message (@{$proxy->message_list}) {
 +        if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) {
 +            next if ($cnt++ == 0);
 +
 +            my $sigs = pack "C10", 0x00, 0x08,
 +                            # rsa_pkcs_sha{256,384,512,1}
 +                            0x04, 0x01,  0x05, 0x01,  0x06, 0x01,  0x02, 0x01;
 +            $message->set_extension(TLSProxy::Message::EXT_SIG_ALGS_CERT, $sigs);
 +            $message->delete_extension(TLSProxy::Message::EXT_SIG_ALGS);
 +            $message->repack();
 +        }
 +    }
 }
 diff -up openssl-1.1.1g/util/perl/TLSProxy/Message.pm.sig-alg-null-dereference openssl-1.1.1g/util/perl/TLSProxy/Message.pm
 --- openssl-1.1.1g/util/perl/TLSProxy/Message.pm.sig-alg-null-dereference	2021-03-25 15:59:19.648106296 +0100
 +++ openssl-1.1.1g/util/perl/TLSProxy/Message.pm	2021-03-25 16:04:25.623947880 +0100
@@ -1,4 +1,4 @@
 -# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 +# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -448,7 +448,7 @@ sub ciphersuite
 }
 #Update all the underlying records with the modified data from this message
 -#Note: Only supports re-encrypting for TLSv1.3
 +#Note: Only supports TLSv1.3 and ETM encryption.
 sub repack
 {
     my $self = shift;
@@ -490,15 +490,38 @@ sub repack
         # (If a length override is ever needed to construct invalid packets,
         #  use an explicit override field instead.)
         $rec->decrypt_len(length($rec->decrypt_data));
 -        $rec->len($rec->len + length($msgdata) - $old_length);
 -        # Only support re-encryption for TLSv1.3.
 -        if (TLSProxy::Proxy->is_tls13() && $rec->encrypted()) {
 -            #Add content type (1 byte) and 16 tag bytes
 -            $rec->data($rec->decrypt_data
 -                .pack("C", TLSProxy::Record::RT_HANDSHAKE).("\0"x16));
 +		# Only support re-encryption for TLSv1.3 and ETM.
 +        if ($rec->encrypted()) {
 +            if (TLSProxy::Proxy->is_tls13()) {
 +                #Add content type (1 byte) and 16 tag bytes
 +                $rec->data($rec->decrypt_data
 +                    .pack("C", TLSProxy::Record::RT_HANDSHAKE).("\0"x16));
 +            } elsif ($rec->etm()) {
 +                my $data = $rec->decrypt_data;
 +                #Add padding
 +                my $padval = length($data) % 16;
 +                $padval = 15 - $padval;
 +                for (0..$padval) {
 +                    $data .= pack("C", $padval);
 +                }
 +
 +                #Add MAC. Assumed to be 20 bytes
 +                foreach my $macval (0..19) {
 +                    $data .= pack("C", $macval);
 +                }
 +
 +                if ($rec->version() >= TLSProxy::Record::VERS_TLS_1_1) {
 +                    #Explicit IV
 +                    $data = ("\0"x16).$data;
 +                }
 +                $rec->data($data);
 +            } else {
 +                die "Unsupported encryption: No ETM";
 +            }
         } else {
             $rec->data($rec->decrypt_data);
         }
 +        $rec->len(length($rec->data));
         #Update the fragment len in case we changed it above
         ${$self->message_frag_lens}[0] = length($msgdata)
--- a/SOURCES/openssl-1.1.1-CVE-2021-3450.patch
+++ b/SOURCES/openssl-1.1.1-CVE-2021-3450.patch
@ -0,0 +1,55 @@
 diff -up openssl-1.1.1g/crypto/x509/x509_vfy.c.bypass-strict-flag openssl-1.1.1g/crypto/x509/x509_vfy.c
 --- openssl-1.1.1g/crypto/x509/x509_vfy.c.bypass-strict-flag	2021-03-25 15:04:24.786522525 +0100
 +++ openssl-1.1.1g/crypto/x509/x509_vfy.c	2021-03-25 15:14:01.392910477 +0100
@@ -509,15 +509,19 @@ static int check_chain_extensions(X509_S
                 ret = 1;
             break;
         }
 -        if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && num > 1) {
 +        if (ret > 0
 +            && (ctx->param->flags & X509_V_FLAG_X509_STRICT) && num > 1) {
             /* Check for presence of explicit elliptic curve parameters */
             ret = check_curve(x);
 -            if (ret < 0)
 +            if (ret < 0) {
                 ctx->error = X509_V_ERR_UNSPECIFIED;
 -            else if (ret == 0)
 +                ret = 0;
 +            } else if (ret == 0) {
                 ctx->error = X509_V_ERR_EC_KEY_EXPLICIT_PARAMS;
 +            }
         }
 -        if ((x->ex_flags & EXFLAG_CA) == 0
 +        if (ret > 0
 +            && (x->ex_flags & EXFLAG_CA) == 0
             && x->ex_pathlen != -1
             && (ctx->param->flags & X509_V_FLAG_X509_STRICT)) {
             ctx->error = X509_V_ERR_INVALID_EXTENSION;
 diff -up openssl-1.1.1g/test/verify_extra_test.c.bypass-strict-flag openssl-1.1.1g/test/verify_extra_test.c
 --- openssl-1.1.1g/test/verify_extra_test.c.bypass-strict-flag	2020-04-21 14:22:39.000000000 +0200
 +++ openssl-1.1.1g/test/verify_extra_test.c	2021-03-25 15:04:24.793522594 +0100
@@ -125,10 +125,22 @@ static int test_alt_chains_cert_forgery(
     i = X509_verify_cert(sctx);
 -    if (i == 0 && X509_STORE_CTX_get_error(sctx) == X509_V_ERR_INVALID_CA) {
 +    if (i != 0 || X509_STORE_CTX_get_error(sctx) != X509_V_ERR_INVALID_CA)
 +        goto err;
 +
 +    /* repeat with X509_V_FLAG_X509_STRICT */
 +    X509_STORE_CTX_cleanup(sctx);
 +    X509_STORE_set_flags(store, X509_V_FLAG_X509_STRICT);
 +
 +    if (!X509_STORE_CTX_init(sctx, store, x, untrusted))
 +        goto err;
 +
 +    i = X509_verify_cert(sctx);
 +
 +    if (i == 0 && X509_STORE_CTX_get_error(sctx) == X509_V_ERR_INVALID_CA)
         /* This is the result we were expecting: Test passed */
         ret = 1;
 -    }
 +
  err:
     X509_STORE_CTX_free(sctx);
     X509_free(x);
--- a/SPECS/openssl.spec
+++ b/SPECS/openssl.spec
@ -22,7 +22,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.1.1g
-Release: 12%{?dist}
+Release: 15%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@ -79,6 +79,8 @@ Patch55: openssl-1.1.1-arm-update.patch
 Patch56: openssl-1.1.1-s390x-ecc.patch
 Patch57: openssl-1.1.1-explicit-params.patch
 Patch71: openssl-1.1.1-CVE-2020-1971.patch
 Patch72: openssl-1.1.1-CVE-2021-3449.patch
 Patch73: openssl-1.1.1-CVE-2021-3450.patch
 License: OpenSSL and ASL 2.0
 URL: http://www.openssl.org/
@ -197,6 +199,8 @@ cp %{SOURCE13} test/
 %patch70 -p1 -b .rewire-fips-drbg
 %patch57 -p1 -b .explicit-params
 %patch71 -p1 -b .null-dereference
 %patch72 -p1 -b .sig-alg-null-dereference
 %patch73 -p1 -b .bypass-strict-flag
 %build
@ -481,6 +485,16 @@ export LD_LIBRARY_PATH
 %postun libs -p /sbin/ldconfig
 %changelog
 * Thu Mar 25 2021 Sahana Prasad <sahana@redhat.com> 1.1.1g-15
 - version bump
 * Wed Mar  24 2021 Sahana Prasad <sahana@redhat.com> 1.1.1g-14
 - CVE-2021-3450 openssl: CA certificate check
  bypass with X509_V_FLAG_X509_STRICT
 * Wed Mar  24 2021 Sahana Prasad <sahana@redhat.com> 1.1.1g-13
 - Fix CVE-2021-3449 NULL pointer deref in signature_algorithms processing
 * Fri Dec  4 2020 Sahana Prasad <sahana@redhat.com> 1.1.1g-12
 - Fix CVE-2020-1971 ediparty null pointer dereference