summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorB Stack <bgstack15@gmail.com>2019-09-19 14:06:44 +0000
committerB Stack <bgstack15@gmail.com>2019-09-19 14:06:44 +0000
commit9ad3cbb24f82dacc5bc878770663f121e67fce34 (patch)
treeafccc469f5d0ec7feb2e56060754582fa3221644
parentMerge branch 'freefilesync-bump' into 'master' (diff)
parentpublish the diff (diff)
downloadstackrpms-9ad3cbb24f82dacc5bc878770663f121e67fce34.tar.gz
stackrpms-9ad3cbb24f82dacc5bc878770663f121e67fce34.tar.bz2
stackrpms-9ad3cbb24f82dacc5bc878770663f121e67fce34.zip
Merge branch 'openssl-ffs-bump' into 'master'
Openssl-freefilesync-1.1.1c-6 Closes #10 See merge request bgstack15/stackrpms!90
-rw-r--r--openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch2
-rw-r--r--openssl-freefilesync/openssl-1.1.1-fips.patch39
-rw-r--r--openssl-freefilesync/openssl-1.1.1-upstream-sync.patch487
-rw-r--r--openssl-freefilesync/openssl.spec50
-rw-r--r--openssl-freefilesync/readme-openssl-freefilesync.md15
-rw-r--r--openssl-freefilesync/stackrpms-openssl.spec.diff139
6 files changed, 695 insertions, 37 deletions
diff --git a/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch b/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch
index 2acea98..fc60e33 100644
--- a/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch
+++ b/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch
@@ -76,7 +76,7 @@ diff -up openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1c/cr
#if defined(__linux)
-# include <asm/unistd.h>
+# include <sys/syscall.h>
-+# include </usr/include/linux/random.h>
++# include <sys/random.h>
#endif
#if defined(__FreeBSD__)
# include <sys/types.h>
diff --git a/openssl-freefilesync/openssl-1.1.1-fips.patch b/openssl-freefilesync/openssl-1.1.1-fips.patch
index d59c440..3ff5aa4 100644
--- a/openssl-freefilesync/openssl-1.1.1-fips.patch
+++ b/openssl-freefilesync/openssl-1.1.1-fips.patch
@@ -11673,6 +11673,45 @@ diff -up openssl-1.1.1b/ssl/ssl_lib.c.fips openssl-1.1.1b/ssl/ssl_lib.c
}
if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL)
+diff -up openssl-1.1.1c/ssl/ssl_locl.h.fips openssl-1.1.1c/ssl/ssl_locl.h
+--- openssl-1.1.1c/ssl/ssl_locl.h.fips 2019-06-03 16:44:58.963560101 +0200
++++ openssl-1.1.1c/ssl/ssl_locl.h 2019-06-24 14:43:19.547353076 +0200
+@@ -1507,6 +1507,7 @@ typedef struct tls_group_info_st {
+ # define TLS_CURVE_PRIME 0x0
+ # define TLS_CURVE_CHAR2 0x1
+ # define TLS_CURVE_CUSTOM 0x2
++# define TLS_CURVE_FIPS 0x80
+
+ typedef struct cert_pkey_st CERT_PKEY;
+
+diff -up openssl-1.1.1c/ssl/t1_lib.c.fips openssl-1.1.1c/ssl/t1_lib.c
+--- openssl-1.1.1c/ssl/t1_lib.c.fips 2019-05-28 15:12:21.000000000 +0200
++++ openssl-1.1.1c/ssl/t1_lib.c 2019-06-24 14:49:00.638576235 +0200
+@@ -156,11 +156,11 @@ static const TLS_GROUP_INFO nid_list[] =
+ {NID_secp192k1, 80, TLS_CURVE_PRIME}, /* secp192k1 (18) */
+ {NID_X9_62_prime192v1, 80, TLS_CURVE_PRIME}, /* secp192r1 (19) */
+ {NID_secp224k1, 112, TLS_CURVE_PRIME}, /* secp224k1 (20) */
+- {NID_secp224r1, 112, TLS_CURVE_PRIME}, /* secp224r1 (21) */
++ {NID_secp224r1, 112, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp224r1 (21) */
+ {NID_secp256k1, 128, TLS_CURVE_PRIME}, /* secp256k1 (22) */
+- {NID_X9_62_prime256v1, 128, TLS_CURVE_PRIME}, /* secp256r1 (23) */
+- {NID_secp384r1, 192, TLS_CURVE_PRIME}, /* secp384r1 (24) */
+- {NID_secp521r1, 256, TLS_CURVE_PRIME}, /* secp521r1 (25) */
++ {NID_X9_62_prime256v1, 128, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp256r1 (23) */
++ {NID_secp384r1, 192, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp384r1 (24) */
++ {NID_secp521r1, 256, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp521r1 (25) */
+ {NID_brainpoolP256r1, 128, TLS_CURVE_PRIME}, /* brainpoolP256r1 (26) */
+ {NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */
+ {NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */
+@@ -255,6 +255,8 @@ int tls_curve_allowed(SSL *s, uint16_t c
+ if (cinfo->flags & TLS_CURVE_CHAR2)
+ return 0;
+ # endif
++ if (FIPS_mode() && !(cinfo->flags & TLS_CURVE_FIPS))
++ return 0;
+ ctmp[0] = curve >> 8;
+ ctmp[1] = curve & 0xff;
+ return ssl_security(s, op, cinfo->secbits, cinfo->nid, (void *)ctmp);
diff -up openssl-1.1.1b/test/dsatest.c.fips openssl-1.1.1b/test/dsatest.c
--- openssl-1.1.1b/test/dsatest.c.fips 2019-02-26 15:15:30.000000000 +0100
+++ openssl-1.1.1b/test/dsatest.c 2019-02-28 11:30:06.824745335 +0100
diff --git a/openssl-freefilesync/openssl-1.1.1-upstream-sync.patch b/openssl-freefilesync/openssl-1.1.1-upstream-sync.patch
index 8032c0e..7e03b8d 100644
--- a/openssl-freefilesync/openssl-1.1.1-upstream-sync.patch
+++ b/openssl-freefilesync/openssl-1.1.1-upstream-sync.patch
@@ -24,7 +24,7 @@ diff -up openssl-1.1.1c/crypto/err/err.c.sync openssl-1.1.1c/crypto/err/err.c
# define NUM_SYS_STR_REASONS 127
static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
-@@ -219,26 +219,30 @@ static void build_SYS_str_reasons(void)
+@@ -219,21 +219,23 @@ static void build_SYS_str_reasons(void)
ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
str->error = ERR_PACK(ERR_LIB_SYS, 0, i);
@@ -35,8 +35,7 @@ diff -up openssl-1.1.1c/crypto/err/err.c.sync openssl-1.1.1c/crypto/err/err.c
+ */
+ if (str->string == NULL && cnt < sizeof(strerror_pool)) {
if (openssl_strerror_r(i, cur, sizeof(strerror_pool) - cnt)) {
-- size_t l = strlen(cur);
-+ size_t l = strlen(cur) + 1;
+ size_t l = strlen(cur);
str->string = cur;
cnt += l;
@@ -50,21 +49,10 @@ diff -up openssl-1.1.1c/crypto/err/err.c.sync openssl-1.1.1c/crypto/err/err.c
+ * some (most? all?) messages. Lets trim them off.
*/
- while (ossl_isspace(cur[-1])) {
-- cur--;
-- cnt--;
-+ if (cur > strerror_pool && ossl_isspace(cur[-1])) {
-+ while (cur > strerror_pool && ossl_isspace(cur[-1])) {
-+ cur--;
-+ cnt--;
-+ }
-+ *cur++ = '\0';
-+ cnt++;
++ while (cur > strerror_pool && ossl_isspace(cur[-1])) {
+ cur--;
+ cnt--;
}
-- *cur++ = '\0';
-- cnt++;
- }
- }
- if (str->string == NULL)
diff -up openssl-1.1.1c/crypto/rand/rand_lib.c.sync openssl-1.1.1c/crypto/rand/rand_lib.c
--- openssl-1.1.1c/crypto/rand/rand_lib.c.sync 2019-05-29 17:20:17.175099183 +0200
+++ openssl-1.1.1c/crypto/rand/rand_lib.c 2019-05-30 11:51:20.784850208 +0200
@@ -79,3 +67,468 @@ diff -up openssl-1.1.1c/crypto/rand/rand_lib.c.sync openssl-1.1.1c/crypto/rand/r
pool = rand_pool_new(0, min_len, max_len);
if (pool == NULL)
return 0;
+From 6c2f347c78a530407b5310497080810094427920 Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Wed, 17 Apr 2019 11:09:05 +0100
+Subject: [PATCH 1/2] Defer sending a KeyUpdate until after pending writes are
+ complete
+
+If we receive a KeyUpdate message (update requested) from the peer while
+we are in the middle of a write, we should defer sending the responding
+KeyUpdate message until after the current write is complete. We do this
+by waiting to send the KeyUpdate until the next time we write and there is
+no pending write data.
+
+This does imply a subtle change in behaviour. Firstly the responding
+KeyUpdate message won't be sent straight away as it is now. Secondly if
+the peer sends multiple KeyUpdates without us doing any writing then we
+will only send one response, as opposed to previously where we sent a
+response for each KeyUpdate received.
+
+Fixes #8677
+
+Reviewed-by: Ben Kaduk <kaduk@mit.edu>
+(Merged from https://github.com/openssl/openssl/pull/8773)
+
+(cherry picked from commit feb9e31c40c49de6384dd0413685e9b5a15adc99)
+---
+ ssl/record/rec_layer_s3.c | 7 +++++++
+ ssl/statem/statem_clnt.c | 6 ------
+ ssl/statem/statem_lib.c | 7 ++-----
+ ssl/statem/statem_srvr.c | 6 ------
+ 4 files changed, 9 insertions(+), 17 deletions(-)
+
+diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
+index b2f97ef905..b65137c332 100644
+--- a/ssl/record/rec_layer_s3.c
++++ b/ssl/record/rec_layer_s3.c
+@@ -373,6 +373,13 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len,
+
+ s->rlayer.wnum = 0;
+
++ /*
++ * If we are supposed to be sending a KeyUpdate then go into init unless we
++ * have writes pending - in which case we should finish doing that first.
++ */
++ if (wb->left == 0 && s->key_update != SSL_KEY_UPDATE_NONE)
++ ossl_statem_set_in_init(s, 1);
++
+ /*
+ * When writing early data on the server side we could be "in_init" in
+ * between receiving the EoED and the CF - but we don't want to handle those
+diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
+index 87800cd835..6410414fb6 100644
+--- a/ssl/statem/statem_clnt.c
++++ b/ssl/statem/statem_clnt.c
+@@ -473,12 +473,6 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s)
+ return WRITE_TRAN_CONTINUE;
+
+ case TLS_ST_CR_KEY_UPDATE:
+- if (s->key_update != SSL_KEY_UPDATE_NONE) {
+- st->hand_state = TLS_ST_CW_KEY_UPDATE;
+- return WRITE_TRAN_CONTINUE;
+- }
+- /* Fall through */
+-
+ case TLS_ST_CW_KEY_UPDATE:
+ case TLS_ST_CR_SESSION_TICKET:
+ case TLS_ST_CW_FINISHED:
+diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
+index c0482b0a90..2960dafa52 100644
+--- a/ssl/statem/statem_lib.c
++++ b/ssl/statem/statem_lib.c
+@@ -645,12 +645,9 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt)
+ /*
+ * If we get a request for us to update our sending keys too then, we need
+ * to additionally send a KeyUpdate message. However that message should
+- * not also request an update (otherwise we get into an infinite loop). We
+- * ignore a request for us to update our sending keys too if we already
+- * sent close_notify.
++ * not also request an update (otherwise we get into an infinite loop).
+ */
+- if (updatetype == SSL_KEY_UPDATE_REQUESTED
+- && (s->shutdown & SSL_SENT_SHUTDOWN) == 0)
++ if (updatetype == SSL_KEY_UPDATE_REQUESTED)
+ s->key_update = SSL_KEY_UPDATE_NOT_REQUESTED;
+
+ if (!tls13_update_key(s, 0)) {
+diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
+index d454326a99..04a23320fc 100644
+--- a/ssl/statem/statem_srvr.c
++++ b/ssl/statem/statem_srvr.c
+@@ -502,12 +502,6 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
+ return WRITE_TRAN_CONTINUE;
+
+ case TLS_ST_SR_KEY_UPDATE:
+- if (s->key_update != SSL_KEY_UPDATE_NONE) {
+- st->hand_state = TLS_ST_SW_KEY_UPDATE;
+- return WRITE_TRAN_CONTINUE;
+- }
+- /* Fall through */
+-
+ case TLS_ST_SW_KEY_UPDATE:
+ st->hand_state = TLS_ST_OK;
+ return WRITE_TRAN_CONTINUE;
+--
+2.20.1
+
+From c8feb1039ccc4cd11e6db084df1446bf863bee1e Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Wed, 17 Apr 2019 10:30:53 +0100
+Subject: [PATCH 2/2] Write a test for receiving a KeyUpdate (update requested)
+ while writing
+
+Reviewed-by: Ben Kaduk <kaduk@mit.edu>
+(Merged from https://github.com/openssl/openssl/pull/8773)
+
+(cherry picked from commit a77b4dba237d001073d2d1c5d55c674a196c949f)
+---
+ test/sslapitest.c | 92 +++++++++++++++++++++++++++++++++++++++++++++
+ test/ssltestlib.c | 96 +++++++++++++++++++++++++++++++++++++++++++++++
+ test/ssltestlib.h | 3 ++
+ 3 files changed, 191 insertions(+)
+
+diff --git a/test/sslapitest.c b/test/sslapitest.c
+index 2261fe4a7a..577342644d 100644
+--- a/test/sslapitest.c
++++ b/test/sslapitest.c
+@@ -4290,6 +4290,11 @@ static int test_key_update(void)
+ || !TEST_int_eq(SSL_read(serverssl, buf, sizeof(buf)),
+ strlen(mess)))
+ goto end;
++
++ if (!TEST_int_eq(SSL_write(serverssl, mess, strlen(mess)), strlen(mess))
++ || !TEST_int_eq(SSL_read(clientssl, buf, sizeof(buf)),
++ strlen(mess)))
++ goto end;
+ }
+
+ testresult = 1;
+@@ -4302,6 +4307,91 @@ static int test_key_update(void)
+
+ return testresult;
+ }
++
++/*
++ * Test we can handle a KeyUpdate (update requested) message while write data
++ * is pending.
++ * Test 0: Client sends KeyUpdate while Server is writing
++ * Test 1: Server sends KeyUpdate while Client is writing
++ */
++static int test_key_update_in_write(int tst)
++{
++ SSL_CTX *cctx = NULL, *sctx = NULL;
++ SSL *clientssl = NULL, *serverssl = NULL;
++ int testresult = 0;
++ char buf[20];
++ static char *mess = "A test message";
++ BIO *bretry = BIO_new(bio_s_always_retry());
++ BIO *tmp = NULL;
++ SSL *peerupdate = NULL, *peerwrite = NULL;
++
++ if (!TEST_ptr(bretry)
++ || !TEST_true(create_ssl_ctx_pair(TLS_server_method(),
++ TLS_client_method(),
++ TLS1_3_VERSION,
++ 0,
++ &sctx, &cctx, cert, privkey))
++ || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
++ NULL, NULL))
++ || !TEST_true(create_ssl_connection(serverssl, clientssl,
++ SSL_ERROR_NONE)))
++ goto end;
++
++ peerupdate = tst == 0 ? clientssl : serverssl;
++ peerwrite = tst == 0 ? serverssl : clientssl;
++
++ if (!TEST_true(SSL_key_update(peerupdate, SSL_KEY_UPDATE_REQUESTED))
++ || !TEST_true(SSL_do_handshake(peerupdate)))
++ goto end;
++
++ /* Swap the writing endpoint's write BIO to force a retry */
++ tmp = SSL_get_wbio(peerwrite);
++ if (!TEST_ptr(tmp) || !TEST_true(BIO_up_ref(tmp))) {
++ tmp = NULL;
++ goto end;
++ }
++ SSL_set0_wbio(peerwrite, bretry);
++ bretry = NULL;
++
++ /* Write data that we know will fail with SSL_ERROR_WANT_WRITE */
++ if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), -1)
++ || !TEST_int_eq(SSL_get_error(peerwrite, 0), SSL_ERROR_WANT_WRITE))
++ goto end;
++
++ /* Reinstate the original writing endpoint's write BIO */
++ SSL_set0_wbio(peerwrite, tmp);
++ tmp = NULL;
++
++ /* Now read some data - we will read the key update */
++ if (!TEST_int_eq(SSL_read(peerwrite, buf, sizeof(buf)), -1)
++ || !TEST_int_eq(SSL_get_error(peerwrite, 0), SSL_ERROR_WANT_READ))
++ goto end;
++
++ /*
++ * Complete the write we started previously and read it from the other
++ * endpoint
++ */
++ if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
++ || !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess)))
++ goto end;
++
++ /* Write more data to ensure we send the KeyUpdate message back */
++ if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
++ || !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess)))
++ goto end;
++
++ testresult = 1;
++
++ end:
++ SSL_free(serverssl);
++ SSL_free(clientssl);
++ SSL_CTX_free(sctx);
++ SSL_CTX_free(cctx);
++ BIO_free(bretry);
++ BIO_free(tmp);
++
++ return testresult;
++}
+ #endif /* OPENSSL_NO_TLS1_3 */
+
+ static int test_ssl_clear(int idx)
+@@ -5982,6 +6072,7 @@ int setup_tests(void)
+ #ifndef OPENSSL_NO_TLS1_3
+ ADD_ALL_TESTS(test_export_key_mat_early, 3);
+ ADD_TEST(test_key_update);
++ ADD_ALL_TESTS(test_key_update_in_write, 2);
+ #endif
+ ADD_ALL_TESTS(test_ssl_clear, 2);
+ ADD_ALL_TESTS(test_max_fragment_len_ext, OSSL_NELEM(max_fragment_len_test));
+@@ -6002,4 +6093,5 @@ int setup_tests(void)
+ void cleanup_tests(void)
+ {
+ bio_s_mempacket_test_free();
++ bio_s_always_retry_free();
+ }
+diff --git a/test/ssltestlib.c b/test/ssltestlib.c
+index 05139be750..e1038620ac 100644
+--- a/test/ssltestlib.c
++++ b/test/ssltestlib.c
+@@ -62,9 +62,11 @@ static int tls_dump_puts(BIO *bp, const char *str);
+ /* Choose a sufficiently large type likely to be unused for this custom BIO */
+ #define BIO_TYPE_TLS_DUMP_FILTER (0x80 | BIO_TYPE_FILTER)
+ #define BIO_TYPE_MEMPACKET_TEST 0x81
++#define BIO_TYPE_ALWAYS_RETRY 0x82
+
+ static BIO_METHOD *method_tls_dump = NULL;
+ static BIO_METHOD *meth_mem = NULL;
++static BIO_METHOD *meth_always_retry = NULL;
+
+ /* Note: Not thread safe! */
+ const BIO_METHOD *bio_f_tls_dump_filter(void)
+@@ -612,6 +614,100 @@ static int mempacket_test_puts(BIO *bio, const char *str)
+ return mempacket_test_write(bio, str, strlen(str));
+ }
+
++static int always_retry_new(BIO *bi);
++static int always_retry_free(BIO *a);
++static int always_retry_read(BIO *b, char *out, int outl);
++static int always_retry_write(BIO *b, const char *in, int inl);
++static long always_retry_ctrl(BIO *b, int cmd, long num, void *ptr);
++static int always_retry_gets(BIO *bp, char *buf, int size);
++static int always_retry_puts(BIO *bp, const char *str);
++
++const BIO_METHOD *bio_s_always_retry(void)
++{
++ if (meth_always_retry == NULL) {
++ if (!TEST_ptr(meth_always_retry = BIO_meth_new(BIO_TYPE_ALWAYS_RETRY,
++ "Always Retry"))
++ || !TEST_true(BIO_meth_set_write(meth_always_retry,
++ always_retry_write))
++ || !TEST_true(BIO_meth_set_read(meth_always_retry,
++ always_retry_read))
++ || !TEST_true(BIO_meth_set_puts(meth_always_retry,
++ always_retry_puts))
++ || !TEST_true(BIO_meth_set_gets(meth_always_retry,
++ always_retry_gets))
++ || !TEST_true(BIO_meth_set_ctrl(meth_always_retry,
++ always_retry_ctrl))
++ || !TEST_true(BIO_meth_set_create(meth_always_retry,
++ always_retry_new))
++ || !TEST_true(BIO_meth_set_destroy(meth_always_retry,
++ always_retry_free)))
++ return NULL;
++ }
++ return meth_always_retry;
++}
++
++void bio_s_always_retry_free(void)
++{
++ BIO_meth_free(meth_always_retry);
++}
++
++static int always_retry_new(BIO *bio)
++{
++ BIO_set_init(bio, 1);
++ return 1;
++}
++
++static int always_retry_free(BIO *bio)
++{
++ BIO_set_data(bio, NULL);
++ BIO_set_init(bio, 0);
++ return 1;
++}
++
++static int always_retry_read(BIO *bio, char *out, int outl)
++{
++ BIO_set_retry_read(bio);
++ return -1;
++}
++
++static int always_retry_write(BIO *bio, const char *in, int inl)
++{
++ BIO_set_retry_write(bio);
++ return -1;
++}
++
++static long always_retry_ctrl(BIO *bio, int cmd, long num, void *ptr)
++{
++ long ret = 1;
++
++ switch (cmd) {
++ case BIO_CTRL_FLUSH:
++ BIO_set_retry_write(bio);
++ /* fall through */
++ case BIO_CTRL_EOF:
++ case BIO_CTRL_RESET:
++ case BIO_CTRL_DUP:
++ case BIO_CTRL_PUSH:
++ case BIO_CTRL_POP:
++ default:
++ ret = 0;
++ break;
++ }
++ return ret;
++}
++
++static int always_retry_gets(BIO *bio, char *buf, int size)
++{
++ BIO_set_retry_read(bio);
++ return -1;
++}
++
++static int always_retry_puts(BIO *bio, const char *str)
++{
++ BIO_set_retry_write(bio);
++ return -1;
++}
++
+ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm,
+ int min_proto_version, int max_proto_version,
+ SSL_CTX **sctx, SSL_CTX **cctx, char *certfile,
+diff --git a/test/ssltestlib.h b/test/ssltestlib.h
+index fa19e7d80d..56e323f5bc 100644
+--- a/test/ssltestlib.h
++++ b/test/ssltestlib.h
+@@ -30,6 +30,9 @@ void bio_f_tls_dump_filter_free(void);
+ const BIO_METHOD *bio_s_mempacket_test(void);
+ void bio_s_mempacket_test_free(void);
+
++const BIO_METHOD *bio_s_always_retry(void);
++void bio_s_always_retry_free(void);
++
+ /* Packet types - value 0 is reserved */
+ #define INJECT_PACKET 1
+ #define INJECT_PACKET_IGNORE_REC_SEQ 2
+--
+2.20.1
+
+diff -up openssl-1.1.1c/include/internal/constant_time_locl.h.valgrind openssl-1.1.1c/include/internal/constant_time_locl.h
+--- openssl-1.1.1c/include/internal/constant_time_locl.h.valgrind 2019-05-28 15:12:21.000000000 +0200
++++ openssl-1.1.1c/include/internal/constant_time_locl.h 2019-06-24 15:02:12.796053536 +0200
+@@ -213,18 +213,66 @@ static ossl_inline unsigned char constan
+ return constant_time_eq_8((unsigned)(a), (unsigned)(b));
+ }
+
++/* Returns the value unmodified, but avoids optimizations. */
++static ossl_inline unsigned int value_barrier(unsigned int a)
++{
++#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
++ unsigned int r;
++ __asm__("" : "=r"(r) : "0"(a));
++#else
++ volatile unsigned int r = a;
++#endif
++ return r;
++}
++
++/* Convenience method for uint32_t. */
++static ossl_inline uint32_t value_barrier_32(uint32_t a)
++{
++#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
++ uint32_t r;
++ __asm__("" : "=r"(r) : "0"(a));
++#else
++ volatile uint32_t r = a;
++#endif
++ return r;
++}
++
++/* Convenience method for uint64_t. */
++static ossl_inline uint64_t value_barrier_64(uint64_t a)
++{
++#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
++ uint64_t r;
++ __asm__("" : "=r"(r) : "0"(a));
++#else
++ volatile uint64_t r = a;
++#endif
++ return r;
++}
++
++/* Convenience method for size_t. */
++static ossl_inline size_t value_barrier_s(size_t a)
++{
++#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
++ size_t r;
++ __asm__("" : "=r"(r) : "0"(a));
++#else
++ volatile size_t r = a;
++#endif
++ return r;
++}
++
+ static ossl_inline unsigned int constant_time_select(unsigned int mask,
+ unsigned int a,
+ unsigned int b)
+ {
+- return (mask & a) | (~mask & b);
++ return (value_barrier(mask) & a) | (value_barrier(~mask) & b);
+ }
+
+ static ossl_inline size_t constant_time_select_s(size_t mask,
+ size_t a,
+ size_t b)
+ {
+- return (mask & a) | (~mask & b);
++ return (value_barrier_s(mask) & a) | (value_barrier_s(~mask) & b);
+ }
+
+ static ossl_inline unsigned char constant_time_select_8(unsigned char mask,
+@@ -249,13 +297,13 @@ static ossl_inline int constant_time_sel
+ static ossl_inline uint32_t constant_time_select_32(uint32_t mask, uint32_t a,
+ uint32_t b)
+ {
+- return (mask & a) | (~mask & b);
++ return (value_barrier_32(mask) & a) | (value_barrier_32(~mask) & b);
+ }
+
+ static ossl_inline uint64_t constant_time_select_64(uint64_t mask, uint64_t a,
+ uint64_t b)
+ {
+- return (mask & a) | (~mask & b);
++ return (value_barrier_64(mask) & a) | (value_barrier_64(~mask) & b);
+ }
+
+ /*
diff --git a/openssl-freefilesync/openssl.spec b/openssl-freefilesync/openssl.spec
index f4d8c1f..29cef89 100644
--- a/openssl-freefilesync/openssl.spec
+++ b/openssl-freefilesync/openssl.spec
@@ -11,12 +11,9 @@
# 1.0.0 soversion = 10
# 1.1.0 soversion = 1.1 (same as upstream although presence of some symbols
# depends on build configuration options)
-
-# Additions for openssl-freefilesync
-# https://github.com/aria2/aria2/issues/1249
-# change fips-post-rand.patch where it calls random.h to:
-# +# include </usr/include/linux/random.h>
%define soversion 1.1
+
+# for openssl-freefilesync
%define fullname openssl-freefilesync
%define shortname openssl
@@ -27,9 +24,11 @@
%global _performance_build 1
Summary: Utilities from the general purpose cryptography library with TLS implementation
+# for openssl-freefilesync
Name: %{fullname}
Version: 1.1.1c
-Release: 2.stack%{?dist}
+# for openssl-freefilesync
+Release: 6.stack%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@@ -98,6 +97,7 @@ protocols.
%package libs
Summary: A general purpose cryptography library with TLS implementation
Requires: ca-certificates >= 2008-5
+# for openssl-freefilesync
#Requires: crypto-policies >= 20180730
#Recommends: openssl-pkcs11%{?_isa}
Provides: openssl-fips = %{epoch}:%{version}-%{release}
@@ -138,6 +138,7 @@ package provides Perl scripts for converting certificates and keys
from other formats to the formats used by the OpenSSL toolkit.
%prep
+# for openssl-freefilesync
%setup -q -n %{shortname}-%{version}
# The hobble_openssl is called here redundantly, just to be sure.
@@ -169,6 +170,8 @@ cp %{SOURCE13} test/
%patch46 -p1 -b .seclevel
%patch47 -p1 -b .ts-sha256-default
%patch48 -p1 -b .fips-post-rand
+# for openssl-freefilesync
+sed -i -r -e '/sys\/random\.h/s@sys/random\.h@/usr/include/linux/random.h@;' crypto/rand/rand_unix.c
%patch49 -p1 -b .evp-kdf
%patch50 -p1 -b .ssh-kdf
%patch51 -p1 -b .upstream-sync
@@ -241,6 +244,7 @@ sslarch=linux-generic64
# marked as not requiring an executable stack.
# Also add -DPURIFY to make using valgrind with openssl easier as we do not
# want to depend on the uninitialized memory as a source of entropy anyway.
+# for openssl-freefilesync
RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -DPURIFY $RPM_LD_FLAGS"
export HASHBANGPERL=/usr/bin/perl
@@ -362,6 +366,7 @@ mkdir -m755 $RPM_BUILD_ROOT%{_sysconfdir}/pki/CA/newcerts
# Ensure the config file timestamps are identical across builds to avoid
# mulitlib conflicts and unnecessary renames on upgrade
+# for openssl-freefilesync
touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf%{version}
touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf%{version}
@@ -401,13 +406,23 @@ install -m644 %{SOURCE9} \
LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
export LD_LIBRARY_PATH
+# for openssl-freefilesync
+pushd ${RPM_BUILD_ROOT}%{_mandir}
+for word in $( find . ! -type d -print ) ;
+do
+ mv "${word}" "${word}-111c"
+done
+popd
+mv ${RPM_BUILD_ROOT}%{_bindir}/openssl{,-111c}
+
%files
%{!?_licensedir:%global license %%doc}
%license LICENSE
%doc FAQ NEWS README README.FIPS
%{_bindir}/make-dummy-cert
%{_bindir}/renew-dummy-cert
-%{_bindir}/openssl
+# for openssl-freefilesync
+%{_bindir}/openssl-111c
%{_mandir}/man1*/*
%{_mandir}/man5*/*
%{_mandir}/man7*/*
@@ -424,6 +439,7 @@ export LD_LIBRARY_PATH
%dir %{_sysconfdir}/pki/tls/certs
%dir %{_sysconfdir}/pki/tls/misc
%dir %{_sysconfdir}/pki/tls/private
+# for openssl-freefilesync
%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf%{version}
%config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf%{version}
%attr(0755,root,root) %{_libdir}/libcrypto.so.%{version}
@@ -458,13 +474,29 @@ export LD_LIBRARY_PATH
%dir %{_sysconfdir}/pki/CA/crl
%dir %{_sysconfdir}/pki/CA/newcerts
+# for openssl-freefilesync
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
%changelog
-* Tue Jul 16 2019 B Stack <bgstack15@gmail.com> 1.1.1c-3.stack
-- rebuild for el7
+* Wed Sep 18 2019 B Stack <bgstack15@gmail.com> 1.1.1c-6.stack
+- rebuild for el7 for freefilesync
+
+* Fri Sep 6 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-6
+- upstream fix for status request extension non-compliance (#1737471)
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.1.1c-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Mon Jun 24 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-4
+- do not try to use EC groups disallowed in FIPS mode
+ in TLS
+- fix Valgrind regression with constant-time code
+
+* Mon Jun 3 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-3
+- add upstream patch to defer sending KeyUpdate after
+ pending writes are complete
* Thu May 30 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-2
- fix use of uninitialized memory
diff --git a/openssl-freefilesync/readme-openssl-freefilesync.md b/openssl-freefilesync/readme-openssl-freefilesync.md
index 66b8f85..b095f14 100644
--- a/openssl-freefilesync/readme-openssl-freefilesync.md
+++ b/openssl-freefilesync/readme-openssl-freefilesync.md
@@ -1,17 +1,12 @@
# Purpose of this package
-Package openssl-freefilesync exists to enable the compilation and execution of FreeFileSync on CentOS 7. CentOS 7 does not bundle high-enough versions of openssl in the base repositories, so the bgstack15 copr serves a customized package of a sufficient version of openssl.
+// vim: syntax=markdown
+Package openssl-freefilesync exists to enable the compilation and execution of FreeFileSync on CentOS 7. CentOS 7 does not bundle high-enough versions of openssl in the base repositories, so the bgstack15 copr serves a customized package of a sufficient version of openssl. The city-fan repo does not provide this one, so I have to hack the Fedora package myself.
# How to maintain openssl-freefilesync
Take a [Fedora release](https://mirrors.rit.edu/fedora/fedora/linux/updates/30/Everything/SRPMS/Packages/o/openssl-1.1.1c-2.fc30.src.rpm) of openssl and open it.
rpm2cpio openssl-1.1.1c-2.fc30.src.rpm | cpio -idm
-Make any modifications necessary to get it to compile. This mostly involves reverting any Fedora improvements to rpm specs since CentOS 7 was released, such as `%ldconfig_scriptlets`. Also, make changes to the .cnf file deployments so this package can be installed alongside the regular openssl package in the distro.
-
-# Changelog
-* For openssl-freefilesync-1.1.1c
-# https://github.com/aria2/aria2/issues/1249
-# change fips-post-rand.patch where it calls random.h to:
-
- +# include </usr/include/linux/random.h>
-
+Make any modifications necessary to get it to compile. This changes include:
+* Revert any Fedora improvements to rpm specs since CentOS 7 was released, such as `%ldconfig_scriptlets`
+* Rename cnf and man pages and the main binary so they do not collide with system openssl package
diff --git a/openssl-freefilesync/stackrpms-openssl.spec.diff b/openssl-freefilesync/stackrpms-openssl.spec.diff
new file mode 100644
index 0000000..8a7c9c2
--- /dev/null
+++ b/openssl-freefilesync/stackrpms-openssl.spec.diff
@@ -0,0 +1,139 @@
+--- /usr/src/openssl/1.1.1c-6.fc30/openssl.spec 2019-09-06 11:21:33.000000000 -0400
++++ /usr/src/openssl/1.1.1c-6.stack/openssl.spec 2019-09-19 09:13:41.214594699 -0400
+@@ -13,6 +13,10 @@
+ # depends on build configuration options)
+ %define soversion 1.1
+
++# for openssl-freefilesync
++%define fullname openssl-freefilesync
++%define shortname openssl
++
+ # Arches on which we need to prevent arch conflicts on opensslconf.h, must
+ # also be handled in opensslconf-new.h.
+ %define multilib_arches %{ix86} ia64 %{mips} ppc ppc64 s390 s390x sparcv9 sparc64 x86_64
+@@ -20,9 +24,11 @@
+ %global _performance_build 1
+
+ Summary: Utilities from the general purpose cryptography library with TLS implementation
+-Name: openssl
++# for openssl-freefilesync
++Name: %{fullname}
+ Version: 1.1.1c
+-Release: 6%{?dist}
++# for openssl-freefilesync
++Release: 6.stack%{?dist}
+ Epoch: 1
+ # We have to remove certain patented algorithms from the openssl source
+ # tarball with the hobble-openssl script which is included below.
+@@ -91,8 +97,9 @@
+ %package libs
+ Summary: A general purpose cryptography library with TLS implementation
+ Requires: ca-certificates >= 2008-5
+-Requires: crypto-policies >= 20180730
+-Recommends: openssl-pkcs11%{?_isa}
++# for openssl-freefilesync
++#Requires: crypto-policies >= 20180730
++#Recommends: openssl-pkcs11%{?_isa}
+ Provides: openssl-fips = %{epoch}:%{version}-%{release}
+
+ %description libs
+@@ -131,7 +138,8 @@
+ from other formats to the formats used by the OpenSSL toolkit.
+
+ %prep
+-%setup -q -n %{name}-%{version}
++# for openssl-freefilesync
++%setup -q -n %{shortname}-%{version}
+
+ # The hobble_openssl is called here redundantly, just to be sure.
+ # The tarball has already the sources removed.
+@@ -162,6 +170,8 @@
+ %patch46 -p1 -b .seclevel
+ %patch47 -p1 -b .ts-sha256-default
+ %patch48 -p1 -b .fips-post-rand
++# for openssl-freefilesync
++sed -i -r -e '/sys\/random\.h/s@sys/random\.h@/usr/include/linux/random.h@;' crypto/rand/rand_unix.c
+ %patch49 -p1 -b .evp-kdf
+ %patch50 -p1 -b .ssh-kdf
+ %patch51 -p1 -b .upstream-sync
+@@ -234,7 +244,8 @@
+ # marked as not requiring an executable stack.
+ # Also add -DPURIFY to make using valgrind with openssl easier as we do not
+ # want to depend on the uninitialized memory as a source of entropy anyway.
+-RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -Wa,--generate-missing-build-notes=yes -DPURIFY $RPM_LD_FLAGS"
++# for openssl-freefilesync
++RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -DPURIFY $RPM_LD_FLAGS"
+
+ export HASHBANGPERL=/usr/bin/perl
+
+@@ -355,11 +366,12 @@
+
+ # Ensure the config file timestamps are identical across builds to avoid
+ # mulitlib conflicts and unnecessary renames on upgrade
+-touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf
+-touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf
++# for openssl-freefilesync
++touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf%{version}
++touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf%{version}
+
+-rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf.dist
+-rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf.dist
++rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf{,.dist}
++rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf{,.dist}
+
+ # Determine which arch opensslconf.h is going to try to #include.
+ basearch=%{_arch}
+@@ -394,13 +406,23 @@
+ LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
+ export LD_LIBRARY_PATH
+
++# for openssl-freefilesync
++pushd ${RPM_BUILD_ROOT}%{_mandir}
++for word in $( find . ! -type d -print ) ;
++do
++ mv "${word}" "${word}-111c"
++done
++popd
++mv ${RPM_BUILD_ROOT}%{_bindir}/openssl{,-111c}
++
+ %files
+ %{!?_licensedir:%global license %%doc}
+ %license LICENSE
+ %doc FAQ NEWS README README.FIPS
+ %{_bindir}/make-dummy-cert
+ %{_bindir}/renew-dummy-cert
+-%{_bindir}/openssl
++# for openssl-freefilesync
++%{_bindir}/openssl-111c
+ %{_mandir}/man1*/*
+ %{_mandir}/man5*/*
+ %{_mandir}/man7*/*
+@@ -417,8 +439,9 @@
+ %dir %{_sysconfdir}/pki/tls/certs
+ %dir %{_sysconfdir}/pki/tls/misc
+ %dir %{_sysconfdir}/pki/tls/private
+-%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf
+-%config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf
++# for openssl-freefilesync
++%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf%{version}
++%config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf%{version}
+ %attr(0755,root,root) %{_libdir}/libcrypto.so.%{version}
+ %attr(0755,root,root) %{_libdir}/libcrypto.so.%{soversion}
+ %attr(0755,root,root) %{_libdir}/libssl.so.%{version}
+@@ -451,9 +474,15 @@
+ %dir %{_sysconfdir}/pki/CA/crl
+ %dir %{_sysconfdir}/pki/CA/newcerts
+
+-%ldconfig_scriptlets libs
++# for openssl-freefilesync
++%post libs -p /sbin/ldconfig
++
++%postun libs -p /sbin/ldconfig
+
+ %changelog
++* Wed Sep 18 2019 B Stack <bgstack15@gmail.com> 1.1.1c-6.stack
++- rebuild for el7 for freefilesync
++
+ * Fri Sep 6 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-6
+ - upstream fix for status request extension non-compliance (#1737471)
+
bgstack15