d7587a26b6
fix segfault when /dev/urandom is not available (#809586)
227 lines
7.8 KiB
Diff
227 lines
7.8 KiB
Diff
diff -up openssl-1.0.1/apps/s_client.c.backport openssl-1.0.1/apps/s_client.c
|
|
--- openssl-1.0.1/apps/s_client.c.backport 2012-03-14 21:15:04.736897459 +0100
|
|
+++ openssl-1.0.1/apps/s_client.c 2012-04-05 19:48:40.469998965 +0200
|
|
@@ -622,13 +622,7 @@ int MAIN(int argc, char **argv)
|
|
SRP_ARG srp_arg = {NULL,NULL,0,0,0,1024};
|
|
#endif
|
|
|
|
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
|
|
meth=SSLv23_client_method();
|
|
-#elif !defined(OPENSSL_NO_SSL3)
|
|
- meth=SSLv3_client_method();
|
|
-#elif !defined(OPENSSL_NO_SSL2)
|
|
- meth=SSLv2_client_method();
|
|
-#endif
|
|
|
|
apps_startup();
|
|
c_Pause=0;
|
|
diff -up openssl-1.0.1/apps/s_server.c.backport openssl-1.0.1/apps/s_server.c
|
|
--- openssl-1.0.1/apps/s_server.c.backport 2012-03-14 21:15:04.690896516 +0100
|
|
+++ openssl-1.0.1/apps/s_server.c 2012-04-05 19:48:40.474999072 +0200
|
|
@@ -969,17 +969,7 @@ int MAIN(int argc, char *argv[])
|
|
char *srpuserseed = NULL;
|
|
char *srp_verifier_file = NULL;
|
|
#endif
|
|
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
|
|
meth=SSLv23_server_method();
|
|
-#elif !defined(OPENSSL_NO_SSL3)
|
|
- meth=SSLv3_server_method();
|
|
-#elif !defined(OPENSSL_NO_SSL2)
|
|
- meth=SSLv2_server_method();
|
|
-#elif !defined(OPENSSL_NO_TLS1)
|
|
- meth=TLSv1_server_method();
|
|
-#else
|
|
- /* #error no SSL version enabled */
|
|
-#endif
|
|
|
|
local_argc=argc;
|
|
local_argv=argv;
|
|
diff -up openssl-1.0.1/crypto/aes/asm/aes-armv4.pl.backport openssl-1.0.1/crypto/aes/asm/aes-armv4.pl
|
|
--- openssl-1.0.1/crypto/aes/asm/aes-armv4.pl.backport 2012-03-14 21:15:04.777898297 +0100
|
|
+++ openssl-1.0.1/crypto/aes/asm/aes-armv4.pl 2012-04-05 19:51:35.555528155 +0200
|
|
@@ -408,6 +408,7 @@ _armv4_AES_encrypt:
|
|
.type private_AES_set_encrypt_key,%function
|
|
.align 5
|
|
private_AES_set_encrypt_key:
|
|
+_armv4_AES_set_encrypt_key:
|
|
sub r3,pc,#8 @ AES_set_encrypt_key
|
|
teq r0,#0
|
|
moveq r0,#-1
|
|
@@ -425,7 +426,7 @@ private_AES_set_encrypt_key:
|
|
bne .Labrt
|
|
|
|
.Lok: stmdb sp!,{r4-r12,lr}
|
|
- sub $tbl,r3,#private_AES_set_encrypt_key-AES_Te-1024 @ Te4
|
|
+ sub $tbl,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4
|
|
|
|
mov $rounds,r0 @ inp
|
|
mov lr,r1 @ bits
|
|
@@ -685,7 +686,7 @@ private_AES_set_encrypt_key:
|
|
.align 5
|
|
private_AES_set_decrypt_key:
|
|
str lr,[sp,#-4]! @ push lr
|
|
- bl private_AES_set_encrypt_key
|
|
+ bl _armv4_AES_set_encrypt_key
|
|
teq r0,#0
|
|
ldrne lr,[sp],#4 @ pop lr
|
|
bne .Labrt
|
|
diff -up openssl-1.0.1/crypto/aes/asm/aes-s390x.pl.backport openssl-1.0.1/crypto/aes/asm/aes-s390x.pl
|
|
--- openssl-1.0.1/crypto/aes/asm/aes-s390x.pl.backport 2012-03-14 21:15:04.782898400 +0100
|
|
+++ openssl-1.0.1/crypto/aes/asm/aes-s390x.pl 2012-04-05 19:50:41.290593267 +0200
|
|
@@ -783,6 +783,7 @@ $code.=<<___;
|
|
.type private_AES_set_encrypt_key,\@function
|
|
.align 16
|
|
private_AES_set_encrypt_key:
|
|
+_s390x_AES_set_encrypt_key:
|
|
lghi $t0,0
|
|
cl${g}r $inp,$t0
|
|
je .Lminus1
|
|
@@ -1068,7 +1069,7 @@ $code.=<<___;
|
|
private_AES_set_decrypt_key:
|
|
st${g} $key,4*$SIZE_T($sp) # I rely on AES_set_encrypt_key to
|
|
st${g} $ra,14*$SIZE_T($sp) # save non-volatile registers!
|
|
- bras $ra,AES_set_encrypt_key
|
|
+ bras $ra,_s390x_AES_set_encrypt_key
|
|
l${g} $key,4*$SIZE_T($sp)
|
|
l${g} $ra,14*$SIZE_T($sp)
|
|
ltgr %r2,%r2
|
|
diff -up openssl-1.0.1/crypto/aes/asm/vpaes-x86_64.pl.backport openssl-1.0.1/crypto/aes/asm/vpaes-x86_64.pl
|
|
--- openssl-1.0.1/crypto/aes/asm/vpaes-x86_64.pl.backport 2012-03-14 21:15:04.777898297 +0100
|
|
+++ openssl-1.0.1/crypto/aes/asm/vpaes-x86_64.pl 2012-04-05 19:48:22.036603157 +0200
|
|
@@ -263,7 +263,7 @@ _vpaes_decrypt_core:
|
|
pshufb %xmm2, %xmm4 # 4 = sbou
|
|
pxor %xmm0, %xmm4 # 4 = sb1u + k
|
|
movdqa 0x70(%r10), %xmm0 # 0 : sbot
|
|
- movdqa .Lk_sr-.Lk_dsbd(%r11), %xmm2
|
|
+ movdqa -0x160(%r11), %xmm2 # .Lk_sr-.Lk_dsbd=-0x160
|
|
pshufb %xmm3, %xmm0 # 0 = sb1t
|
|
pxor %xmm4, %xmm0 # 0 = A
|
|
pshufb %xmm2, %xmm0
|
|
@@ -869,6 +869,8 @@ ${PREFIX}_cbc_encrypt:
|
|
___
|
|
($len,$key)=($key,$len);
|
|
$code.=<<___;
|
|
+ sub \$16,$len
|
|
+ jc .Lcbc_abort
|
|
___
|
|
$code.=<<___ if ($win64);
|
|
lea -0xb8(%rsp),%rsp
|
|
@@ -887,7 +889,6 @@ ___
|
|
$code.=<<___;
|
|
movdqu ($ivp),%xmm6 # load IV
|
|
sub $inp,$out
|
|
- sub \$16,$len
|
|
call _vpaes_preheat
|
|
cmp \$0,${enc}d
|
|
je .Lcbc_dec_loop
|
|
@@ -932,6 +933,7 @@ $code.=<<___ if ($win64);
|
|
.Lcbc_epilogue:
|
|
___
|
|
$code.=<<___;
|
|
+.Lcbc_abort:
|
|
ret
|
|
.size ${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt
|
|
___
|
|
diff -up openssl-1.0.1/crypto/aes/asm/vpaes-x86.pl.backport openssl-1.0.1/crypto/aes/asm/vpaes-x86.pl
|
|
--- openssl-1.0.1/crypto/aes/asm/vpaes-x86.pl.backport 2012-03-14 21:15:04.775898257 +0100
|
|
+++ openssl-1.0.1/crypto/aes/asm/vpaes-x86.pl 2012-04-05 19:48:22.036603157 +0200
|
|
@@ -843,6 +843,8 @@ $k_dsbo=0x2c0; # decryption sbox final
|
|
&mov ($out,&wparam(1)); # out
|
|
&mov ($round,&wparam(2)); # len
|
|
&mov ($key,&wparam(3)); # key
|
|
+ &sub ($round,16);
|
|
+ &jc (&label("cbc_abort"));
|
|
&lea ($base,&DWP(-56,"esp"));
|
|
&mov ($const,&wparam(4)); # ivp
|
|
&and ($base,-16);
|
|
@@ -853,7 +855,6 @@ $k_dsbo=0x2c0; # decryption sbox final
|
|
&mov (&DWP(48,"esp"),$base);
|
|
|
|
&mov (&DWP(0,"esp"),$out); # save out
|
|
- &sub ($round,16);
|
|
&mov (&DWP(4,"esp"),$key) # save key
|
|
&mov (&DWP(8,"esp"),$const); # save ivp
|
|
&mov ($out,$round); # $out works as $len
|
|
@@ -896,6 +897,7 @@ $k_dsbo=0x2c0; # decryption sbox final
|
|
&mov ($base,&DWP(8,"esp")); # restore ivp
|
|
&mov ("esp",&DWP(48,"esp"));
|
|
&movdqu (&QWP(0,$base),"xmm1"); # write IV
|
|
+&set_label("cbc_abort");
|
|
&function_end("${PREFIX}_cbc_encrypt");
|
|
|
|
&asm_finish();
|
|
diff -up openssl-1.0.1/crypto/evp/p5_crpt.c.backport openssl-1.0.1/crypto/evp/p5_crpt.c
|
|
--- openssl-1.0.1/crypto/evp/p5_crpt.c.backport 2011-06-03 22:52:57.000000000 +0200
|
|
+++ openssl-1.0.1/crypto/evp/p5_crpt.c 2012-04-05 19:49:01.512450795 +0200
|
|
@@ -138,5 +138,6 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *c
|
|
OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
|
|
rv = 1;
|
|
err:
|
|
+ EVP_MD_CTX_cleanup(&ctx);
|
|
return rv;
|
|
}
|
|
diff -up openssl-1.0.1/crypto/pkcs7/pk7_doit.c.backport openssl-1.0.1/crypto/pkcs7/pk7_doit.c
|
|
--- openssl-1.0.1/crypto/pkcs7/pk7_doit.c.backport 2012-03-12 17:27:50.000000000 +0100
|
|
+++ openssl-1.0.1/crypto/pkcs7/pk7_doit.c 2012-04-05 19:49:40.591289911 +0200
|
|
@@ -430,6 +430,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
|
|
STACK_OF(X509_ALGOR) *md_sk=NULL;
|
|
STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
|
|
PKCS7_RECIP_INFO *ri=NULL;
|
|
+ unsigned char *ek = NULL, *tkey = NULL;
|
|
+ int eklen = 0, tkeylen = 0;
|
|
|
|
i=OBJ_obj2nid(p7->type);
|
|
p7->state=PKCS7_S_HEADER;
|
|
@@ -507,8 +509,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
|
|
int max;
|
|
X509_OBJECT ret;
|
|
#endif
|
|
- unsigned char *ek = NULL, *tkey = NULL;
|
|
- int eklen, tkeylen;
|
|
|
|
if ((etmp=BIO_new(BIO_f_cipher())) == NULL)
|
|
{
|
|
@@ -609,11 +609,13 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
|
|
{
|
|
OPENSSL_cleanse(ek,eklen);
|
|
OPENSSL_free(ek);
|
|
+ ek = NULL;
|
|
}
|
|
if (tkey)
|
|
{
|
|
OPENSSL_cleanse(tkey,tkeylen);
|
|
OPENSSL_free(tkey);
|
|
+ tkey = NULL;
|
|
}
|
|
|
|
if (out == NULL)
|
|
@@ -656,6 +658,16 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
|
|
if (0)
|
|
{
|
|
err:
|
|
+ if (ek)
|
|
+ {
|
|
+ OPENSSL_cleanse(ek,eklen);
|
|
+ OPENSSL_free(ek);
|
|
+ }
|
|
+ if (tkey)
|
|
+ {
|
|
+ OPENSSL_cleanse(tkey,tkeylen);
|
|
+ OPENSSL_free(tkey);
|
|
+ }
|
|
if (out != NULL) BIO_free_all(out);
|
|
if (btmp != NULL) BIO_free_all(btmp);
|
|
if (etmp != NULL) BIO_free_all(etmp);
|
|
diff -up openssl-1.0.1/ssl/d1_srvr.c.backport openssl-1.0.1/ssl/d1_srvr.c
|
|
--- openssl-1.0.1/ssl/d1_srvr.c.backport 2012-03-06 14:24:16.000000000 +0100
|
|
+++ openssl-1.0.1/ssl/d1_srvr.c 2012-04-05 19:47:36.812632091 +0200
|
|
@@ -920,7 +920,7 @@ int dtls1_send_server_hello(SSL *s)
|
|
p=s->s3->server_random;
|
|
Time=(unsigned long)time(NULL); /* Time */
|
|
l2n(Time,p);
|
|
- RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
|
|
+ RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4);
|
|
/* Do the message type and length last */
|
|
d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);
|
|
|