Skip to content

Commit

Permalink
deps: upgrade openssl sources to 1.0.2n
Browse files Browse the repository at this point in the history
This replaces all sources of openssl-1.0.2n.tar.gz into
deps/openssl/openssl

PR-URL: #17526
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
  • Loading branch information
shigeki authored and MylesBorins committed Dec 7, 2017
1 parent b05ef97 commit 9fdd3bd
Show file tree
Hide file tree
Showing 118 changed files with 592 additions and 38,647 deletions.
45 changes: 45 additions & 0 deletions deps/openssl/openssl/CHANGES
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,51 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.

Changes between 1.0.2m and 1.0.2n [7 Dec 2017]

*) Read/write after SSL object in error state

OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state"
mechanism. The intent was that if a fatal error occurred during a handshake
then OpenSSL would move into the error state and would immediately fail if
you attempted to continue the handshake. This works as designed for the
explicit handshake functions (SSL_do_handshake(), SSL_accept() and
SSL_connect()), however due to a bug it does not work correctly if
SSL_read() or SSL_write() is called directly. In that scenario, if the
handshake fails then a fatal error will be returned in the initial function
call. If SSL_read()/SSL_write() is subsequently called by the application
for the same SSL object then it will succeed and the data is passed without
being decrypted/encrypted directly from the SSL/TLS record layer.

In order to exploit this issue an application bug would have to be present
that resulted in a call to SSL_read()/SSL_write() being issued after having
already received a fatal error.

This issue was reported to OpenSSL by David Benjamin (Google).
(CVE-2017-3737)
[Matt Caswell]

*) rsaz_1024_mul_avx2 overflow bug on x86_64

There is an overflow bug in the AVX2 Montgomery multiplication procedure
used in exponentiation with 1024-bit moduli. No EC algorithms are affected.
Analysis suggests that attacks against RSA and DSA as a result of this
defect would be very difficult to perform and are not believed likely.
Attacks against DH1024 are considered just feasible, because most of the
work necessary to deduce information about a private key may be performed
offline. The amount of resources required for such an attack would be
significant. However, for an attack on TLS to be meaningful, the server
would have to share the DH1024 private key among multiple clients, which is
no longer an option since CVE-2016-0701.

This only affects processors that support the AVX2 but not ADX extensions
like Intel Haswell (4th generation).

This issue was reported to OpenSSL by David Benjamin (Google). The issue
was originally found via the OSS-Fuzz project.
(CVE-2017-3738)
[Andy Polyakov]

Changes between 1.0.2l and 1.0.2m [2 Nov 2017]

*) bn_sqrx8x_internal carry bug on x86_64
Expand Down
4 changes: 2 additions & 2 deletions deps/openssl/openssl/Configure
Original file line number Diff line number Diff line change
Expand Up @@ -592,9 +592,9 @@ my %table=(
"debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
# x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
# 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
"VC-WIN32","cl:-W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
# Unified CE target
"debug-VC-WIN32","cl:-W3 -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
"debug-VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",

# Borland C++ 4.5
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
## Makefile for OpenSSL
##

VERSION=1.0.2m
VERSION=1.0.2n
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/Makefile.bak
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
## Makefile for OpenSSL
##

VERSION=1.0.2m
VERSION=1.0.2n
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
Expand Down
5 changes: 5 additions & 0 deletions deps/openssl/openssl/NEWS
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,11 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.

Major changes between OpenSSL 1.0.2m and OpenSSL 1.0.2n [7 Dec 2017]

o Read/write after SSL object in error state (CVE-2017-3737)
o rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)

Major changes between OpenSSL 1.0.2l and OpenSSL 1.0.2m [2 Nov 2017]

o bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/README
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@

OpenSSL 1.0.2m 2 Nov 2017
OpenSSL 1.0.2n 7 Dec 2017

Copyright (c) 1998-2015 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Expand Down
11 changes: 1 addition & 10 deletions deps/openssl/openssl/apps/app_rand.c
Original file line number Diff line number Diff line change
Expand Up @@ -124,16 +124,7 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
char buffer[200];

#ifdef OPENSSL_SYS_WINDOWS
/*
* allocate 2 to dont_warn not to use RAND_screen() via
* -no_rand_screen option in s_client
*/
if (dont_warn != 2) {
BIO_printf(bio_e, "Loading 'screen' into random state -");
BIO_flush(bio_e);
RAND_screen();
BIO_printf(bio_e, " done\n");
}
RAND_screen();
#endif

if (file == NULL)
Expand Down
8 changes: 6 additions & 2 deletions deps/openssl/openssl/apps/apps.c
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,10 @@
#ifdef _WIN32
static int WIN32_rename(const char *from, const char *to);
# define rename(from,to) WIN32_rename((from),(to))
# ifdef fileno
# undef fileno
# endif
# define fileno(a) (int)_fileno(a)
#endif

typedef struct {
Expand Down Expand Up @@ -2788,13 +2792,13 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
OPENSSL_free(out);
return NULL;
}
out[start] = i - start;
out[start] = (unsigned char)(i - start);
start = i + 1;
} else
out[i + 1] = in[i];
}

*outlen = len + 1;
*outlen = (unsigned char)(len + 1);
return out;
}
#endif /* ndef OPENSSL_NO_TLSEXT */
Expand Down
3 changes: 3 additions & 0 deletions deps/openssl/openssl/apps/dsa.c
Original file line number Diff line number Diff line change
Expand Up @@ -327,6 +327,9 @@ int MAIN(int argc, char **argv)
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
if (pk == NULL)
goto end;

EVP_PKEY_set1_DSA(pk, dsa);
if (outformat == FORMAT_PVK)
i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
Expand Down
40 changes: 13 additions & 27 deletions deps/openssl/openssl/apps/s_client.c
Original file line number Diff line number Diff line change
Expand Up @@ -180,13 +180,6 @@ typedef unsigned int u_int;
# include <fcntl.h>
#endif

/* Use Windows API with STD_INPUT_HANDLE when checking for input?
Don't look at OPENSSL_SYS_MSDOS for this, since it is always defined if
OPENSSL_SYS_WINDOWS is defined */
#if defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_WINCE) && defined(STD_INPUT_HANDLE)
#define OPENSSL_USE_STD_INPUT_HANDLE
#endif

#undef PROG
#define PROG s_client_main

Expand Down Expand Up @@ -236,7 +229,6 @@ static BIO *bio_c_msg = NULL;
static int c_quiet = 0;
static int c_ign_eof = 0;
static int c_brief = 0;
static int c_no_rand_screen = 0;

#ifndef OPENSSL_NO_PSK
/* Default PSK identity and key */
Expand Down Expand Up @@ -452,10 +444,6 @@ static void sc_usage(void)
" -keymatexport label - Export keying material using label\n");
BIO_printf(bio_err,
" -keymatexportlen len - Export len bytes of keying material (default 20)\n");
#ifdef OPENSSL_SYS_WINDOWS
BIO_printf(bio_err,
" -no_rand_screen - Do not use RAND_screen() to initialize random state\n");
#endif
}

#ifndef OPENSSL_NO_TLSEXT
Expand Down Expand Up @@ -642,10 +630,11 @@ static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
unsigned char ext_buf[4 + 65536];

/* Reconstruct the type/len fields prior to extension data */
ext_buf[0] = ext_type >> 8;
ext_buf[1] = ext_type & 0xFF;
ext_buf[2] = inlen >> 8;
ext_buf[3] = inlen & 0xFF;
inlen &= 0xffff; /* for formal memcpy correctness */
ext_buf[0] = (unsigned char)(ext_type >> 8);
ext_buf[1] = (unsigned char)(ext_type);
ext_buf[2] = (unsigned char)(inlen >> 8);
ext_buf[3] = (unsigned char)(inlen);
memcpy(ext_buf + 4, in, inlen);

BIO_snprintf(pem_name, sizeof(pem_name), "SERVERINFO FOR EXTENSION %d",
Expand Down Expand Up @@ -1148,10 +1137,6 @@ int MAIN(int argc, char **argv)
keymatexportlen = atoi(*(++argv));
if (keymatexportlen == 0)
goto bad;
#ifdef OPENSSL_SYS_WINDOWS
} else if (strcmp(*argv, "-no_rand_screen") == 0) {
c_no_rand_screen = 1;
#endif
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badop = 1;
Expand Down Expand Up @@ -1268,7 +1253,7 @@ int MAIN(int argc, char **argv)
if (!load_excert(&exc, bio_err))
goto end;

if (!app_RAND_load_file(NULL, bio_err, ++c_no_rand_screen) && inrand == NULL
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status()) {
BIO_printf(bio_err,
"warning, not much extra random data, consider using the -rand option\n");
Expand Down Expand Up @@ -1808,16 +1793,17 @@ int MAIN(int argc, char **argv)
tv.tv_usec = 0;
i = select(width, (void *)&readfds, (void *)&writefds,
NULL, &tv);
#if defined(OPENSSL_USE_STD_INPUT_HANDLE)
# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
if (!i && (!_kbhit() || !read_tty))
continue;
# else
if (!i && (!((_kbhit())
|| (WAIT_OBJECT_0 ==
WaitForSingleObject(GetStdHandle
(STD_INPUT_HANDLE),
0)))
|| !read_tty))
continue;
#else
if(!i && (!_kbhit() || !read_tty) ) continue;
# endif
} else
i = select(width, (void *)&readfds, (void *)&writefds,
Expand Down Expand Up @@ -2019,12 +2005,12 @@ int MAIN(int argc, char **argv)
}
}
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
#if defined(OPENSSL_USE_STD_INPUT_HANDLE)
# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
else if (_kbhit())
# else
else if ((_kbhit())
|| (WAIT_OBJECT_0 ==
WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
#else
else if (_kbhit())
# endif
#elif defined (OPENSSL_SYS_NETWARE)
else if (_kbhit())
Expand Down
4 changes: 2 additions & 2 deletions deps/openssl/openssl/apps/speed.c
Original file line number Diff line number Diff line change
Expand Up @@ -2829,8 +2829,8 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher)

RAND_bytes(out, 16);
len += 16;
aad[11] = len >> 8;
aad[12] = len;
aad[11] = (unsigned char)(len >> 8);
aad[12] = (unsigned char)(len);
pad = EVP_CIPHER_CTX_ctrl(&ctx,
EVP_CTRL_AEAD_TLS1_AAD,
EVP_AEAD_TLS1_AAD_LEN, aad);
Expand Down
6 changes: 3 additions & 3 deletions deps/openssl/openssl/crypto/aes/asm/aes-armv4.pl
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,7 @@
#if __ARM_ARCH__<7
sub r3,pc,#8 @ AES_encrypt
#else
adr r3,AES_encrypt
adr r3,.
#endif
stmdb sp!,{r1,r4-r12,lr}
mov $rounds,r0 @ inp
Expand Down Expand Up @@ -430,7 +430,7 @@
#if __ARM_ARCH__<7
sub r3,pc,#8 @ AES_set_encrypt_key
#else
adr r3,private_AES_set_encrypt_key
adr r3,.
#endif
teq r0,#0
#if __ARM_ARCH__>=7
Expand Down Expand Up @@ -952,7 +952,7 @@
#if __ARM_ARCH__<7
sub r3,pc,#8 @ AES_decrypt
#else
adr r3,AES_decrypt
adr r3,.
#endif
stmdb sp!,{r1,r4-r12,lr}
mov $rounds,r0 @ inp
Expand Down
6 changes: 3 additions & 3 deletions deps/openssl/openssl/crypto/aes/asm/bsaes-armv7.pl
Original file line number Diff line number Diff line change
Expand Up @@ -724,7 +724,7 @@ sub bitslice {
.type _bsaes_decrypt8,%function
.align 4
_bsaes_decrypt8:
adr $const,_bsaes_decrypt8
adr $const,.
vldmia $key!, {@XMM[9]} @ round 0 key
add $const,$const,#.LM0ISR-_bsaes_decrypt8
Expand Down Expand Up @@ -819,7 +819,7 @@ sub bitslice {
.type _bsaes_encrypt8,%function
.align 4
_bsaes_encrypt8:
adr $const,_bsaes_encrypt8
adr $const,.
vldmia $key!, {@XMM[9]} @ round 0 key
sub $const,$const,#_bsaes_encrypt8-.LM0SR
Expand Down Expand Up @@ -923,7 +923,7 @@ sub bitslice_key {
.type _bsaes_key_convert,%function
.align 4
_bsaes_key_convert:
adr $const,_bsaes_key_convert
adr $const,.
vld1.8 {@XMM[7]}, [$inp]! @ load round 0 key
sub $const,$const,#_bsaes_key_convert-.LM0
vld1.8 {@XMM[15]}, [$inp]! @ load round 1 key
Expand Down
3 changes: 3 additions & 0 deletions deps/openssl/openssl/crypto/asn1/a_i2d_fp.c
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,9 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
int i, j = 0, n, ret = 1;

n = i2d(x, NULL);
if (n <= 0)
return 0;

b = (char *)OPENSSL_malloc(n);
if (b == NULL) {
ASN1err(ASN1_F_ASN1_I2D_BIO, ERR_R_MALLOC_FAILURE);
Expand Down
4 changes: 2 additions & 2 deletions deps/openssl/openssl/crypto/bio/b_print.c
Original file line number Diff line number Diff line change
Expand Up @@ -385,7 +385,7 @@ _dopr(char **sbuffer,
if (cflags == DP_C_SHORT) {
short int *num;
num = va_arg(args, short int *);
*num = currlen;
*num = (short int)currlen;
} else if (cflags == DP_C_LONG) { /* XXX */
long int *num;
num = va_arg(args, long int *);
Expand Down Expand Up @@ -502,7 +502,7 @@ fmtint(char **sbuffer,
if (!(flags & DP_F_UNSIGNED)) {
if (value < 0) {
signvalue = '-';
uvalue = -(unsigned LLONG)value;
uvalue = 0 - (unsigned LLONG)value;
} else if (flags & DP_F_PLUS)
signvalue = '+';
else if (flags & DP_F_SPACE)
Expand Down
Loading

0 comments on commit 9fdd3bd

Please sign in to comment.