Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack.

Resolves: RHEL-32148
Resolves: RHEL-36792
Resolves: RHEL-38514
Resolves: RHEL-39111
This commit is contained in:
Dmitry Belyavskiy 2024-06-05 15:05:20 +02:00
parent bd9060b13c
commit ed09ce6530
8 changed files with 41 additions and 281 deletions

1
.gitignore vendored
View File

@ -56,3 +56,4 @@ openssl-1.0.0a-usa.tar.bz2
/openssl-3.0.7-hobbled.tar.gz
/openssl-3.0.7.tar.gz
/openssl-3.2.1.tar.gz
/openssl-3.2.2.tar.gz

View File

@ -383,8 +383,8 @@ index 18d9f3d204..71780d8caa 100644
--- a/test/recipes/90-test_sslapi.t
+++ b/test/recipes/90-test_sslapi.t
@@ -17,7 +17,7 @@ setup("test_sslapi");
use lib srctop_dir('Configurations');
use lib bldtop_dir('.');
setup("test_sslapi");
}
-my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
+my $no_fips = 1; #disabled('fips') || ($ENV{NO_FIPS} // 0);

View File

@ -120,7 +120,7 @@ index dfa7786bde..f01e40ff5a 100644
switch (ctx->mode) {
case EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND:
default:
@@ -332,15 +342,78 @@ static int kdf_hkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
@@ -318,22 +318,85 @@ static int kdf_hkdf_get_ctx_params(void
{
KDF_HKDF *ctx = (KDF_HKDF *)vctx;
OSSL_PARAM *p;
@ -129,13 +129,20 @@ index dfa7786bde..f01e40ff5a 100644
if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL) {
size_t sz = kdf_hkdf_size(ctx);
- if (sz == 0)
+ any_valid = 1;
+
+ if (sz == 0 || !OSSL_PARAM_set_size_t(p, sz))
+ return 0;
+ }
+
if (sz == 0)
return 0;
return OSSL_PARAM_set_size_t(p, sz);
}
if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_INFO)) != NULL) {
+ any_valid = 1;
if (ctx->info == NULL || ctx->info_len == 0) {
p->return_size = 0;
return 1;
}
return OSSL_PARAM_set_octet_string(p, ctx->info, ctx->info_len);
}
- return -2;
+#ifdef FIPS_MODULE
+ if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR))
+ != NULL) {
@ -189,10 +196,8 @@ index dfa7786bde..f01e40ff5a 100644
+ }
+ }
+ if (!OSSL_PARAM_set_int(p, fips_indicator))
return 0;
- return OSSL_PARAM_set_size_t(p, sz);
}
- return -2;
+ return 0;
+ }
+#endif /* defined(FIPS_MODULE) */
+
+ if (!any_valid)
@ -203,9 +208,9 @@ index dfa7786bde..f01e40ff5a 100644
static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(ossl_unused void *ctx,
@@ -348,6 +421,9 @@ static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(ossl_unused void *ctx,
{
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
OSSL_PARAM_octet_string(OSSL_KDF_PARAM_INFO, NULL, 0),
+#ifdef FIPS_MODULE
+ OSSL_PARAM_int(OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR, NULL),
+#endif /* defined(FIPS_MODULE) */

View File

@ -111,7 +111,7 @@ index 056aae3863..fe680449c5 100644
+ }
if (garg->gidcnt == garg->gidmax) {
uint16_t *tmp =
OPENSSL_realloc(garg->gid_arr, garg->gidmax + GROUPLIST_INCREMENT);
OPENSSL_realloc(garg->gid_arr,
@@ -1070,13 +1076,14 @@ static int gid_cb(const char *elem, int len, void *arg)
gid = tls1_group_name2id(garg->ctx, etmp);
@ -161,18 +161,18 @@ index 056aae3863..fe680449c5 100644
return 0;
if (len > (int)(sizeof(etmp) - 1))
@@ -2931,8 +2950,10 @@ static int sig_cb(const char *elem, int len, void *arg)
break;
break;
}
}
- if (i == OSSL_NELEM(sigalg_lookup_tbl))
- return 0;
+ if (i == OSSL_NELEM(sigalg_lookup_tbl)) {
+ /* Ignore unknown algorithms if ignore_unknown */
+ return ignore_unknown;
+ }
}
- if (i == OSSL_NELEM(sigalg_lookup_tbl))
- return 0;
+ if (i == OSSL_NELEM(sigalg_lookup_tbl)) {
+ /* Ignore unknown algorithms if ignore_unknown */
+ return ignore_unknown;
+ }
} else {
*p = 0;
p++;
@@ -2940,8 +2961,10 @@ static int sig_cb(const char *elem, int len, void *arg)
return 0;
get_sigorhash(&sig_alg, &hash_alg, etmp);
@ -209,7 +209,7 @@ index 056aae3863..fe680449c5 100644
}
return 1;
@@ -2973,6 +2998,11 @@ int tls1_set_sigalgs_list(CERT *c, const char *str, int client)
sig.sigalgcnt = 0;
}
if (!CONF_parse_list(str, ':', 1, sig_cb, &sig))
return 0;
+ if (sig.sigalgcnt == 0) {

View File

@ -1,80 +0,0 @@
From 105217c7d58c726f4e646177e0aaefb6115aad3e Mon Sep 17 00:00:00 2001
From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Tue, 27 Feb 2024 15:22:58 +0100
Subject: [PATCH 48/49] 0118-no-crl-memleak.patch
Patch-name: 0118-no-crl-memleak.patch
Patch-id: 118
Patch-status: |
# https://github.com/openssl/openssl/issues/23770
---
crypto/x509/by_file.c | 2 ++
test/recipes/60-test_x509_load_cert_file.t | 3 ++-
test/x509_load_cert_file_test.c | 8 +++++++-
3 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 5073c137a2..85923804ac 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -198,6 +198,8 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
goto err;
}
count++;
+ X509_CRL_free(x);
+ x = NULL;
}
} else if (type == X509_FILETYPE_ASN1) {
x = d2i_X509_CRL_bio(in, NULL);
diff --git a/test/recipes/60-test_x509_load_cert_file.t b/test/recipes/60-test_x509_load_cert_file.t
index 75aeac362c..e329d7675c 100644
--- a/test/recipes/60-test_x509_load_cert_file.t
+++ b/test/recipes/60-test_x509_load_cert_file.t
@@ -12,4 +12,5 @@ setup("test_load_cert_file");
plan tests => 1;
-ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem")])));
+ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem"),
+ srctop_file("test", "certs", "cyrillic_crl.pem")])));
diff --git a/test/x509_load_cert_file_test.c b/test/x509_load_cert_file_test.c
index 4a736071ae..c07d329915 100644
--- a/test/x509_load_cert_file_test.c
+++ b/test/x509_load_cert_file_test.c
@@ -12,6 +12,7 @@
#include "testutil.h"
static const char *chain;
+static const char *crl;
static int test_load_cert_file(void)
{
@@ -27,12 +28,15 @@ static int test_load_cert_file(void)
&& TEST_int_eq(sk_X509_num(certs), 4))
ret = 1;
+ if (crl != NULL && !TEST_true(X509_load_crl_file(lookup, crl, X509_FILETYPE_PEM)))
+ ret = 0;
+
OSSL_STACK_OF_X509_free(certs);
X509_STORE_free(store);
return ret;
}
-OPT_TEST_DECLARE_USAGE("cert.pem...\n")
+OPT_TEST_DECLARE_USAGE("cert.pem [crl.pem]\n")
int setup_tests(void)
{
@@ -45,6 +49,8 @@ int setup_tests(void)
if (chain == NULL)
return 0;
+ crl = test_get_argument(1);
+
ADD_TEST(test_load_cert_file);
return 1;
}
--
2.44.0

View File

@ -1,170 +0,0 @@
From f5b48604779362c91a22080b6905413fbba28b74 Mon Sep 17 00:00:00 2001
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
Date: Fri, 8 Mar 2024 11:18:12 +0100
Subject: [PATCH 49/49] 0119-provider-sigalgs-in-signaturealgorithms-conf.patch
Patch-name: 0119-provider-sigalgs-in-signaturealgorithms-conf.patch
Patch-id: 119
Patch-status: |
# https://github.com/openssl/openssl/issues/22779
---
ssl/s3_lib.c | 8 ++++----
ssl/ssl_lib.c | 2 +-
ssl/ssl_local.h | 2 +-
ssl/t1_lib.c | 45 ++++++++++++++++++++++++++++++++++-----------
4 files changed, 40 insertions(+), 17 deletions(-)
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index e8ec98c221..48a1aa0e61 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3685,13 +3685,13 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
return tls1_set_sigalgs(sc->cert, parg, larg, 0);
case SSL_CTRL_SET_SIGALGS_LIST:
- return tls1_set_sigalgs_list(sc->cert, parg, 0);
+ return tls1_set_sigalgs_list(s->ctx, sc->cert, parg, 0);
case SSL_CTRL_SET_CLIENT_SIGALGS:
return tls1_set_sigalgs(sc->cert, parg, larg, 1);
case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
- return tls1_set_sigalgs_list(sc->cert, parg, 1);
+ return tls1_set_sigalgs_list(s->ctx, sc->cert, parg, 1);
case SSL_CTRL_GET_CLIENT_CERT_TYPES:
{
@@ -3968,13 +3968,13 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
case SSL_CTRL_SET_SIGALGS_LIST:
- return tls1_set_sigalgs_list(ctx->cert, parg, 0);
+ return tls1_set_sigalgs_list(ctx, ctx->cert, parg, 0);
case SSL_CTRL_SET_CLIENT_SIGALGS:
return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
- return tls1_set_sigalgs_list(ctx->cert, parg, 1);
+ return tls1_set_sigalgs_list(ctx, ctx->cert, parg, 1);
case SSL_CTRL_SET_CLIENT_CERT_TYPES:
return ssl3_set_req_cert_type(ctx->cert, parg, larg);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1329841aaf..4d95ab71cd 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3078,7 +3078,7 @@ long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
return tls1_set_groups_list(ctx, NULL, NULL, parg);
case SSL_CTRL_SET_SIGALGS_LIST:
case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
- return tls1_set_sigalgs_list(NULL, parg, 0);
+ return tls1_set_sigalgs_list(ctx, NULL, parg, 0);
default:
return 0;
}
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 0d3acfbe66..a73b2c4770 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -2796,7 +2796,7 @@ __owur int tls_use_ticket(SSL_CONNECTION *s);
void ssl_set_sig_mask(uint32_t *pmask_a, SSL_CONNECTION *s, int op);
-__owur int tls1_set_sigalgs_list(CERT *c, const char *str, int client);
+__owur int tls1_set_sigalgs_list(SSL_CTX *ctx, CERT *c, const char *str, int client);
__owur int tls1_set_raw_sigalgs(CERT *c, const uint16_t *psigs, size_t salglen,
int client);
__owur int tls1_set_sigalgs(CERT *c, const int *salg, size_t salglen,
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index fe680449c5..87f2ae7000 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -716,6 +716,7 @@ int ssl_load_sigalgs(SSL_CTX *ctx)
/* now populate ctx->ssl_cert_info */
if (ctx->sigalg_list_len > 0) {
+ OPENSSL_free(ctx->ssl_cert_info);
ctx->ssl_cert_info = OPENSSL_zalloc(sizeof(lu) * ctx->sigalg_list_len);
if (ctx->ssl_cert_info == NULL)
return 0;
@@ -2889,6 +2890,7 @@ typedef struct {
size_t sigalgcnt;
/* TLSEXT_SIGALG_XXX values */
uint16_t sigalgs[TLS_MAX_SIGALGCNT];
+ SSL_CTX *ctx;
} sig_cb_st;
static void get_sigorhash(int *psig, int *phash, const char *str)
@@ -2913,7 +2915,8 @@ static void get_sigorhash(int *psig, int *phash, const char *str)
static int sig_cb(const char *elem, int len, void *arg)
{
sig_cb_st *sarg = arg;
- size_t i;
+ size_t i = 0;
+ int load_success = 0;
const SIGALG_LOOKUP *s;
char etmp[TLS_MAX_SIGSTRING_LEN], *p;
int sig_alg = NID_undef, hash_alg = NID_undef;
@@ -2943,17 +2946,36 @@ static int sig_cb(const char *elem, int len, void *arg)
* in the table.
*/
if (p == NULL) {
- for (i = 0, s = sigalg_lookup_tbl; i < OSSL_NELEM(sigalg_lookup_tbl);
- i++, s++) {
- if (s->name != NULL && strcmp(etmp, s->name) == 0) {
- sarg->sigalgs[sarg->sigalgcnt++] = s->sigalg;
- break;
- }
+ /* Load provider sigalgs */
+ if (sarg->ctx) {
+ load_success = ssl_load_sigalgs(sarg->ctx);
}
- if (i == OSSL_NELEM(sigalg_lookup_tbl)) {
- /* Ignore unknown algorithms if ignore_unknown */
- return ignore_unknown;
+ if (load_success) {
+ /* Check if a provider supports the sigalg */
+ for (i = 0; i < sarg->ctx->sigalg_list_len; i++) {
+ if (sarg->ctx->sigalg_list[i].sigalg_name != NULL
+ && strcmp(etmp,
+ sarg->ctx->sigalg_list[i].sigalg_name) == 0) {
+ sarg->sigalgs[sarg->sigalgcnt++] =
+ sarg->ctx->sigalg_list[i].code_point;
+ break;
+ }
+ }
}
+ /* Check the built-in sigalgs */
+ if (!sarg->ctx || !load_success || i == sarg->ctx->sigalg_list_len) {
+ for (i = 0, s = sigalg_lookup_tbl;
+ i < OSSL_NELEM(sigalg_lookup_tbl); i++, s++) {
+ if (s->name != NULL && strcmp(etmp, s->name) == 0) {
+ sarg->sigalgs[sarg->sigalgcnt++] = s->sigalg;
+ break;
+ }
+ }
+ if (i == OSSL_NELEM(sigalg_lookup_tbl)) {
+ /* Ignore unknown algorithms if ignore_unknown */
+ return ignore_unknown;
+ }
+ }
} else {
*p = 0;
p++;
@@ -2992,10 +3014,11 @@ static int sig_cb(const char *elem, int len, void *arg)
* Set supported signature algorithms based on a colon separated list of the
* form sig+hash e.g. RSA+SHA512:DSA+SHA512
*/
-int tls1_set_sigalgs_list(CERT *c, const char *str, int client)
+int tls1_set_sigalgs_list(SSL_CTX *ctx, CERT *c, const char *str, int client)
{
sig_cb_st sig;
sig.sigalgcnt = 0;
+ sig.ctx = ctx;
if (!CONF_parse_list(str, ':', 1, sig_cb, &sig))
return 0;
if (sig.sigalgcnt == 0) {
--
2.44.0

View File

@ -28,8 +28,8 @@ print(string.sub(hash, 0, 16))
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 3.2.1
Release: 2%{?dist}
Version: 3.2.2
Release: 1%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@ -152,10 +152,6 @@ Patch115: 0115-skip-quic-pairwise.patch
Patch116: 0116-version-aliasing.patch
# https://github.com/openssl/openssl/issues/23050
Patch117: 0117-ignore-unknown-sigalgorithms-groups.patch
# https://github.com/openssl/openssl/issues/23770
Patch118: 0118-no-crl-memleak.patch
# https://github.com/openssl/openssl/issues/22779
Patch119: 0119-provider-sigalgs-in-signaturealgorithms-conf.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2160797
Patch121: 0121-FIPS-cms-defaults.patch
@ -500,6 +496,14 @@ ln -s /etc/crypto-policies/back-ends/openssl_fips.config $RPM_BUILD_ROOT%{_sysco
%ldconfig_scriptlets libs
%changelog
* Wed Jun 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-1
- Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741,
and Minerva attack.
Resolves: RHEL-32148
Resolves: RHEL-36792
Resolves: RHEL-38514
Resolves: RHEL-39111
* Thu May 23 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.1-2
- Update RNG changing for FIPS purpose
Resolves: RHEL-35380

View File

@ -1 +1 @@
SHA512 (openssl-3.2.1.tar.gz) = 29ea75964f78ef5bbe5783ed60d32917408ae4cb7d4aecdbbf2280bfdbc260c7cbabbc03bd179fc994fbee85cebc7213eeb5bfcde5c22db5e83edf2cebe7113f
SHA512 (openssl-3.2.2.tar.gz) = ebc945065f62a8a2ea4e2f136a2afaea4d38a03bb07a148f7fb73c34a64475a4069de122ebee11a66e421dbd58756ad7ab2d3f905dc90acee72d62757d8c0a2d