diff options
| author | delphij <delphij@FreeBSD.org> | 2015-03-20 07:12:02 +0000 |
|---|---|---|
| committer | delphij <delphij@FreeBSD.org> | 2015-03-20 07:12:02 +0000 |
| commit | 9387a8381eea4528c3960e3b758afa203bdac77f (patch) | |
| tree | af1ae9a96e27bd4bf51e323f8832fdb2ed0a96c2 | |
| parent | ed1c957e81c43faf4f46da5c96ce67bcea64f598 (diff) | |
| download | FreeBSD-src-9387a8381eea4528c3960e3b758afa203bdac77f.zip FreeBSD-src-9387a8381eea4528c3960e3b758afa203bdac77f.tar.gz | |
Fix issues with original SA-15:06.openssl commit:
- Revert a portion of ASN1 change per suggested by OpenBSD
and OpenSSL developers. The change was removed from the
formal OpenSSL release and does not solve security issue.
- Properly fix CVE-2015-0209 and CVE-2015-0288.
Approved by: so
| -rw-r--r-- | UPDATING | 3 | ||||
| -rw-r--r-- | crypto/openssl/crypto/asn1/tasn_dec.c | 18 | ||||
| -rw-r--r-- | crypto/openssl/crypto/ec/ec_asn1.c | 6 | ||||
| -rw-r--r-- | crypto/openssl/crypto/x509/x509_req.c | 2 | ||||
| -rw-r--r-- | sys/conf/newvers.sh | 2 |
5 files changed, 15 insertions, 16 deletions
@@ -16,6 +16,9 @@ from older versions of FreeBSD, try WITHOUT_CLANG to bootstrap to the tip of stable/10, and then rebuild without this option. The bootstrap process from older version of current is a bit fragile. +20150320: p8 + Fix patch for SA-15:06.openssl. + 20150319: p7 FreeBSD-SA-15:06.openssl Fix multiple vulnerabilities in OpenSSL. [SA-15:06] diff --git a/crypto/openssl/crypto/asn1/tasn_dec.c b/crypto/openssl/crypto/asn1/tasn_dec.c index 33249ab..613970d 100644 --- a/crypto/openssl/crypto/asn1/tasn_dec.c +++ b/crypto/openssl/crypto/asn1/tasn_dec.c @@ -127,22 +127,16 @@ unsigned long ASN1_tag2bit(int tag) ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it) -{ + { ASN1_TLC c; ASN1_VALUE *ptmpval = NULL; + if (!pval) + pval = &ptmpval; asn1_tlc_clear_nc(&c); - if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE) - ptmpval = *pval; - if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) { - if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) { - if (*pval) - ASN1_item_free(*pval, it); - *pval = ptmpval; - } - return ptmpval; - } + if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) + return *pval; return NULL; -} + } int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt) diff --git a/crypto/openssl/crypto/ec/ec_asn1.c b/crypto/openssl/crypto/ec/ec_asn1.c index 52d31c2..68240ec 100644 --- a/crypto/openssl/crypto/ec/ec_asn1.c +++ b/crypto/openssl/crypto/ec/ec_asn1.c @@ -1142,8 +1142,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) ERR_R_MALLOC_FAILURE); goto err; } - if (a) - *a = ret; } else ret = *a; @@ -1225,11 +1223,13 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) ret->enc_flag |= EC_PKEY_NO_PUBKEY; } + if (a) + *a = ret; ok = 1; err: if (!ok) { - if (ret) + if (ret && (a == NULL || *a != ret)) EC_KEY_free(ret); ret = NULL; } diff --git a/crypto/openssl/crypto/x509/x509_req.c b/crypto/openssl/crypto/x509/x509_req.c index 48183dc..3799b29 100644 --- a/crypto/openssl/crypto/x509/x509_req.c +++ b/crypto/openssl/crypto/x509/x509_req.c @@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) goto err; pktmp = X509_get_pubkey(x); + if (pktmp == NULL) + goto err; i=X509_REQ_set_pubkey(ret,pktmp); EVP_PKEY_free(pktmp); if (!i) goto err; diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index d4b4eac..cecfecd 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="10.1" -BRANCH="RELEASE-p7" +BRANCH="RELEASE-p8" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi |
