diff options
-rw-r--r-- | openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch | 2 | ||||
-rw-r--r-- | openssl-freefilesync/openssl-1.1.1-fips.patch | 39 | ||||
-rw-r--r-- | openssl-freefilesync/openssl-1.1.1-upstream-sync.patch | 487 | ||||
-rw-r--r-- | openssl-freefilesync/openssl.spec | 50 | ||||
-rw-r--r-- | openssl-freefilesync/readme-openssl-freefilesync.md | 15 | ||||
-rw-r--r-- | openssl-freefilesync/stackrpms-openssl.spec.diff | 139 |
6 files changed, 695 insertions, 37 deletions
diff --git a/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch b/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch index 2acea98..fc60e33 100644 --- a/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch +++ b/openssl-freefilesync/openssl-1.1.1-fips-post-rand.patch @@ -76,7 +76,7 @@ diff -up openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1c/cr #if defined(__linux) -# include <asm/unistd.h> +# include <sys/syscall.h> -+# include </usr/include/linux/random.h> ++# include <sys/random.h> #endif #if defined(__FreeBSD__) # include <sys/types.h> diff --git a/openssl-freefilesync/openssl-1.1.1-fips.patch b/openssl-freefilesync/openssl-1.1.1-fips.patch index d59c440..3ff5aa4 100644 --- a/openssl-freefilesync/openssl-1.1.1-fips.patch +++ b/openssl-freefilesync/openssl-1.1.1-fips.patch @@ -11673,6 +11673,45 @@ diff -up openssl-1.1.1b/ssl/ssl_lib.c.fips openssl-1.1.1b/ssl/ssl_lib.c } if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL) +diff -up openssl-1.1.1c/ssl/ssl_locl.h.fips openssl-1.1.1c/ssl/ssl_locl.h +--- openssl-1.1.1c/ssl/ssl_locl.h.fips 2019-06-03 16:44:58.963560101 +0200 ++++ openssl-1.1.1c/ssl/ssl_locl.h 2019-06-24 14:43:19.547353076 +0200 +@@ -1507,6 +1507,7 @@ typedef struct tls_group_info_st { + # define TLS_CURVE_PRIME 0x0 + # define TLS_CURVE_CHAR2 0x1 + # define TLS_CURVE_CUSTOM 0x2 ++# define TLS_CURVE_FIPS 0x80 + + typedef struct cert_pkey_st CERT_PKEY; + +diff -up openssl-1.1.1c/ssl/t1_lib.c.fips openssl-1.1.1c/ssl/t1_lib.c +--- openssl-1.1.1c/ssl/t1_lib.c.fips 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/ssl/t1_lib.c 2019-06-24 14:49:00.638576235 +0200 +@@ -156,11 +156,11 @@ static const TLS_GROUP_INFO nid_list[] = + {NID_secp192k1, 80, TLS_CURVE_PRIME}, /* secp192k1 (18) */ + {NID_X9_62_prime192v1, 80, TLS_CURVE_PRIME}, /* secp192r1 (19) */ + {NID_secp224k1, 112, TLS_CURVE_PRIME}, /* secp224k1 (20) */ +- {NID_secp224r1, 112, TLS_CURVE_PRIME}, /* secp224r1 (21) */ ++ {NID_secp224r1, 112, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp224r1 (21) */ + {NID_secp256k1, 128, TLS_CURVE_PRIME}, /* secp256k1 (22) */ +- {NID_X9_62_prime256v1, 128, TLS_CURVE_PRIME}, /* secp256r1 (23) */ +- {NID_secp384r1, 192, TLS_CURVE_PRIME}, /* secp384r1 (24) */ +- {NID_secp521r1, 256, TLS_CURVE_PRIME}, /* secp521r1 (25) */ ++ {NID_X9_62_prime256v1, 128, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp256r1 (23) */ ++ {NID_secp384r1, 192, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp384r1 (24) */ ++ {NID_secp521r1, 256, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp521r1 (25) */ + {NID_brainpoolP256r1, 128, TLS_CURVE_PRIME}, /* brainpoolP256r1 (26) */ + {NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */ + {NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */ +@@ -255,6 +255,8 @@ int tls_curve_allowed(SSL *s, uint16_t c + if (cinfo->flags & TLS_CURVE_CHAR2) + return 0; + # endif ++ if (FIPS_mode() && !(cinfo->flags & TLS_CURVE_FIPS)) ++ return 0; + ctmp[0] = curve >> 8; + ctmp[1] = curve & 0xff; + return ssl_security(s, op, cinfo->secbits, cinfo->nid, (void *)ctmp); diff -up openssl-1.1.1b/test/dsatest.c.fips openssl-1.1.1b/test/dsatest.c --- openssl-1.1.1b/test/dsatest.c.fips 2019-02-26 15:15:30.000000000 +0100 +++ openssl-1.1.1b/test/dsatest.c 2019-02-28 11:30:06.824745335 +0100 diff --git a/openssl-freefilesync/openssl-1.1.1-upstream-sync.patch b/openssl-freefilesync/openssl-1.1.1-upstream-sync.patch index 8032c0e..7e03b8d 100644 --- a/openssl-freefilesync/openssl-1.1.1-upstream-sync.patch +++ b/openssl-freefilesync/openssl-1.1.1-upstream-sync.patch @@ -24,7 +24,7 @@ diff -up openssl-1.1.1c/crypto/err/err.c.sync openssl-1.1.1c/crypto/err/err.c # define NUM_SYS_STR_REASONS 127 static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; -@@ -219,26 +219,30 @@ static void build_SYS_str_reasons(void) +@@ -219,21 +219,23 @@ static void build_SYS_str_reasons(void) ERR_STRING_DATA *str = &SYS_str_reasons[i - 1]; str->error = ERR_PACK(ERR_LIB_SYS, 0, i); @@ -35,8 +35,7 @@ diff -up openssl-1.1.1c/crypto/err/err.c.sync openssl-1.1.1c/crypto/err/err.c + */ + if (str->string == NULL && cnt < sizeof(strerror_pool)) { if (openssl_strerror_r(i, cur, sizeof(strerror_pool) - cnt)) { -- size_t l = strlen(cur); -+ size_t l = strlen(cur) + 1; + size_t l = strlen(cur); str->string = cur; cnt += l; @@ -50,21 +49,10 @@ diff -up openssl-1.1.1c/crypto/err/err.c.sync openssl-1.1.1c/crypto/err/err.c + * some (most? all?) messages. Lets trim them off. */ - while (ossl_isspace(cur[-1])) { -- cur--; -- cnt--; -+ if (cur > strerror_pool && ossl_isspace(cur[-1])) { -+ while (cur > strerror_pool && ossl_isspace(cur[-1])) { -+ cur--; -+ cnt--; -+ } -+ *cur++ = '\0'; -+ cnt++; ++ while (cur > strerror_pool && ossl_isspace(cur[-1])) { + cur--; + cnt--; } -- *cur++ = '\0'; -- cnt++; - } - } - if (str->string == NULL) diff -up openssl-1.1.1c/crypto/rand/rand_lib.c.sync openssl-1.1.1c/crypto/rand/rand_lib.c --- openssl-1.1.1c/crypto/rand/rand_lib.c.sync 2019-05-29 17:20:17.175099183 +0200 +++ openssl-1.1.1c/crypto/rand/rand_lib.c 2019-05-30 11:51:20.784850208 +0200 @@ -79,3 +67,468 @@ diff -up openssl-1.1.1c/crypto/rand/rand_lib.c.sync openssl-1.1.1c/crypto/rand/r pool = rand_pool_new(0, min_len, max_len); if (pool == NULL) return 0; +From 6c2f347c78a530407b5310497080810094427920 Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Wed, 17 Apr 2019 11:09:05 +0100 +Subject: [PATCH 1/2] Defer sending a KeyUpdate until after pending writes are + complete + +If we receive a KeyUpdate message (update requested) from the peer while +we are in the middle of a write, we should defer sending the responding +KeyUpdate message until after the current write is complete. We do this +by waiting to send the KeyUpdate until the next time we write and there is +no pending write data. + +This does imply a subtle change in behaviour. Firstly the responding +KeyUpdate message won't be sent straight away as it is now. Secondly if +the peer sends multiple KeyUpdates without us doing any writing then we +will only send one response, as opposed to previously where we sent a +response for each KeyUpdate received. + +Fixes #8677 + +Reviewed-by: Ben Kaduk <kaduk@mit.edu> +(Merged from https://github.com/openssl/openssl/pull/8773) + +(cherry picked from commit feb9e31c40c49de6384dd0413685e9b5a15adc99) +--- + ssl/record/rec_layer_s3.c | 7 +++++++ + ssl/statem/statem_clnt.c | 6 ------ + ssl/statem/statem_lib.c | 7 ++----- + ssl/statem/statem_srvr.c | 6 ------ + 4 files changed, 9 insertions(+), 17 deletions(-) + +diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c +index b2f97ef905..b65137c332 100644 +--- a/ssl/record/rec_layer_s3.c ++++ b/ssl/record/rec_layer_s3.c +@@ -373,6 +373,13 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len, + + s->rlayer.wnum = 0; + ++ /* ++ * If we are supposed to be sending a KeyUpdate then go into init unless we ++ * have writes pending - in which case we should finish doing that first. ++ */ ++ if (wb->left == 0 && s->key_update != SSL_KEY_UPDATE_NONE) ++ ossl_statem_set_in_init(s, 1); ++ + /* + * When writing early data on the server side we could be "in_init" in + * between receiving the EoED and the CF - but we don't want to handle those +diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c +index 87800cd835..6410414fb6 100644 +--- a/ssl/statem/statem_clnt.c ++++ b/ssl/statem/statem_clnt.c +@@ -473,12 +473,6 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s) + return WRITE_TRAN_CONTINUE; + + case TLS_ST_CR_KEY_UPDATE: +- if (s->key_update != SSL_KEY_UPDATE_NONE) { +- st->hand_state = TLS_ST_CW_KEY_UPDATE; +- return WRITE_TRAN_CONTINUE; +- } +- /* Fall through */ +- + case TLS_ST_CW_KEY_UPDATE: + case TLS_ST_CR_SESSION_TICKET: + case TLS_ST_CW_FINISHED: +diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c +index c0482b0a90..2960dafa52 100644 +--- a/ssl/statem/statem_lib.c ++++ b/ssl/statem/statem_lib.c +@@ -645,12 +645,9 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt) + /* + * If we get a request for us to update our sending keys too then, we need + * to additionally send a KeyUpdate message. However that message should +- * not also request an update (otherwise we get into an infinite loop). We +- * ignore a request for us to update our sending keys too if we already +- * sent close_notify. ++ * not also request an update (otherwise we get into an infinite loop). + */ +- if (updatetype == SSL_KEY_UPDATE_REQUESTED +- && (s->shutdown & SSL_SENT_SHUTDOWN) == 0) ++ if (updatetype == SSL_KEY_UPDATE_REQUESTED) + s->key_update = SSL_KEY_UPDATE_NOT_REQUESTED; + + if (!tls13_update_key(s, 0)) { +diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c +index d454326a99..04a23320fc 100644 +--- a/ssl/statem/statem_srvr.c ++++ b/ssl/statem/statem_srvr.c +@@ -502,12 +502,6 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s) + return WRITE_TRAN_CONTINUE; + + case TLS_ST_SR_KEY_UPDATE: +- if (s->key_update != SSL_KEY_UPDATE_NONE) { +- st->hand_state = TLS_ST_SW_KEY_UPDATE; +- return WRITE_TRAN_CONTINUE; +- } +- /* Fall through */ +- + case TLS_ST_SW_KEY_UPDATE: + st->hand_state = TLS_ST_OK; + return WRITE_TRAN_CONTINUE; +-- +2.20.1 + +From c8feb1039ccc4cd11e6db084df1446bf863bee1e Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Wed, 17 Apr 2019 10:30:53 +0100 +Subject: [PATCH 2/2] Write a test for receiving a KeyUpdate (update requested) + while writing + +Reviewed-by: Ben Kaduk <kaduk@mit.edu> +(Merged from https://github.com/openssl/openssl/pull/8773) + +(cherry picked from commit a77b4dba237d001073d2d1c5d55c674a196c949f) +--- + test/sslapitest.c | 92 +++++++++++++++++++++++++++++++++++++++++++++ + test/ssltestlib.c | 96 +++++++++++++++++++++++++++++++++++++++++++++++ + test/ssltestlib.h | 3 ++ + 3 files changed, 191 insertions(+) + +diff --git a/test/sslapitest.c b/test/sslapitest.c +index 2261fe4a7a..577342644d 100644 +--- a/test/sslapitest.c ++++ b/test/sslapitest.c +@@ -4290,6 +4290,11 @@ static int test_key_update(void) + || !TEST_int_eq(SSL_read(serverssl, buf, sizeof(buf)), + strlen(mess))) + goto end; ++ ++ if (!TEST_int_eq(SSL_write(serverssl, mess, strlen(mess)), strlen(mess)) ++ || !TEST_int_eq(SSL_read(clientssl, buf, sizeof(buf)), ++ strlen(mess))) ++ goto end; + } + + testresult = 1; +@@ -4302,6 +4307,91 @@ static int test_key_update(void) + + return testresult; + } ++ ++/* ++ * Test we can handle a KeyUpdate (update requested) message while write data ++ * is pending. ++ * Test 0: Client sends KeyUpdate while Server is writing ++ * Test 1: Server sends KeyUpdate while Client is writing ++ */ ++static int test_key_update_in_write(int tst) ++{ ++ SSL_CTX *cctx = NULL, *sctx = NULL; ++ SSL *clientssl = NULL, *serverssl = NULL; ++ int testresult = 0; ++ char buf[20]; ++ static char *mess = "A test message"; ++ BIO *bretry = BIO_new(bio_s_always_retry()); ++ BIO *tmp = NULL; ++ SSL *peerupdate = NULL, *peerwrite = NULL; ++ ++ if (!TEST_ptr(bretry) ++ || !TEST_true(create_ssl_ctx_pair(TLS_server_method(), ++ TLS_client_method(), ++ TLS1_3_VERSION, ++ 0, ++ &sctx, &cctx, cert, privkey)) ++ || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, ++ NULL, NULL)) ++ || !TEST_true(create_ssl_connection(serverssl, clientssl, ++ SSL_ERROR_NONE))) ++ goto end; ++ ++ peerupdate = tst == 0 ? clientssl : serverssl; ++ peerwrite = tst == 0 ? serverssl : clientssl; ++ ++ if (!TEST_true(SSL_key_update(peerupdate, SSL_KEY_UPDATE_REQUESTED)) ++ || !TEST_true(SSL_do_handshake(peerupdate))) ++ goto end; ++ ++ /* Swap the writing endpoint's write BIO to force a retry */ ++ tmp = SSL_get_wbio(peerwrite); ++ if (!TEST_ptr(tmp) || !TEST_true(BIO_up_ref(tmp))) { ++ tmp = NULL; ++ goto end; ++ } ++ SSL_set0_wbio(peerwrite, bretry); ++ bretry = NULL; ++ ++ /* Write data that we know will fail with SSL_ERROR_WANT_WRITE */ ++ if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), -1) ++ || !TEST_int_eq(SSL_get_error(peerwrite, 0), SSL_ERROR_WANT_WRITE)) ++ goto end; ++ ++ /* Reinstate the original writing endpoint's write BIO */ ++ SSL_set0_wbio(peerwrite, tmp); ++ tmp = NULL; ++ ++ /* Now read some data - we will read the key update */ ++ if (!TEST_int_eq(SSL_read(peerwrite, buf, sizeof(buf)), -1) ++ || !TEST_int_eq(SSL_get_error(peerwrite, 0), SSL_ERROR_WANT_READ)) ++ goto end; ++ ++ /* ++ * Complete the write we started previously and read it from the other ++ * endpoint ++ */ ++ if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess)) ++ || !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess))) ++ goto end; ++ ++ /* Write more data to ensure we send the KeyUpdate message back */ ++ if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess)) ++ || !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess))) ++ goto end; ++ ++ testresult = 1; ++ ++ end: ++ SSL_free(serverssl); ++ SSL_free(clientssl); ++ SSL_CTX_free(sctx); ++ SSL_CTX_free(cctx); ++ BIO_free(bretry); ++ BIO_free(tmp); ++ ++ return testresult; ++} + #endif /* OPENSSL_NO_TLS1_3 */ + + static int test_ssl_clear(int idx) +@@ -5982,6 +6072,7 @@ int setup_tests(void) + #ifndef OPENSSL_NO_TLS1_3 + ADD_ALL_TESTS(test_export_key_mat_early, 3); + ADD_TEST(test_key_update); ++ ADD_ALL_TESTS(test_key_update_in_write, 2); + #endif + ADD_ALL_TESTS(test_ssl_clear, 2); + ADD_ALL_TESTS(test_max_fragment_len_ext, OSSL_NELEM(max_fragment_len_test)); +@@ -6002,4 +6093,5 @@ int setup_tests(void) + void cleanup_tests(void) + { + bio_s_mempacket_test_free(); ++ bio_s_always_retry_free(); + } +diff --git a/test/ssltestlib.c b/test/ssltestlib.c +index 05139be750..e1038620ac 100644 +--- a/test/ssltestlib.c ++++ b/test/ssltestlib.c +@@ -62,9 +62,11 @@ static int tls_dump_puts(BIO *bp, const char *str); + /* Choose a sufficiently large type likely to be unused for this custom BIO */ + #define BIO_TYPE_TLS_DUMP_FILTER (0x80 | BIO_TYPE_FILTER) + #define BIO_TYPE_MEMPACKET_TEST 0x81 ++#define BIO_TYPE_ALWAYS_RETRY 0x82 + + static BIO_METHOD *method_tls_dump = NULL; + static BIO_METHOD *meth_mem = NULL; ++static BIO_METHOD *meth_always_retry = NULL; + + /* Note: Not thread safe! */ + const BIO_METHOD *bio_f_tls_dump_filter(void) +@@ -612,6 +614,100 @@ static int mempacket_test_puts(BIO *bio, const char *str) + return mempacket_test_write(bio, str, strlen(str)); + } + ++static int always_retry_new(BIO *bi); ++static int always_retry_free(BIO *a); ++static int always_retry_read(BIO *b, char *out, int outl); ++static int always_retry_write(BIO *b, const char *in, int inl); ++static long always_retry_ctrl(BIO *b, int cmd, long num, void *ptr); ++static int always_retry_gets(BIO *bp, char *buf, int size); ++static int always_retry_puts(BIO *bp, const char *str); ++ ++const BIO_METHOD *bio_s_always_retry(void) ++{ ++ if (meth_always_retry == NULL) { ++ if (!TEST_ptr(meth_always_retry = BIO_meth_new(BIO_TYPE_ALWAYS_RETRY, ++ "Always Retry")) ++ || !TEST_true(BIO_meth_set_write(meth_always_retry, ++ always_retry_write)) ++ || !TEST_true(BIO_meth_set_read(meth_always_retry, ++ always_retry_read)) ++ || !TEST_true(BIO_meth_set_puts(meth_always_retry, ++ always_retry_puts)) ++ || !TEST_true(BIO_meth_set_gets(meth_always_retry, ++ always_retry_gets)) ++ || !TEST_true(BIO_meth_set_ctrl(meth_always_retry, ++ always_retry_ctrl)) ++ || !TEST_true(BIO_meth_set_create(meth_always_retry, ++ always_retry_new)) ++ || !TEST_true(BIO_meth_set_destroy(meth_always_retry, ++ always_retry_free))) ++ return NULL; ++ } ++ return meth_always_retry; ++} ++ ++void bio_s_always_retry_free(void) ++{ ++ BIO_meth_free(meth_always_retry); ++} ++ ++static int always_retry_new(BIO *bio) ++{ ++ BIO_set_init(bio, 1); ++ return 1; ++} ++ ++static int always_retry_free(BIO *bio) ++{ ++ BIO_set_data(bio, NULL); ++ BIO_set_init(bio, 0); ++ return 1; ++} ++ ++static int always_retry_read(BIO *bio, char *out, int outl) ++{ ++ BIO_set_retry_read(bio); ++ return -1; ++} ++ ++static int always_retry_write(BIO *bio, const char *in, int inl) ++{ ++ BIO_set_retry_write(bio); ++ return -1; ++} ++ ++static long always_retry_ctrl(BIO *bio, int cmd, long num, void *ptr) ++{ ++ long ret = 1; ++ ++ switch (cmd) { ++ case BIO_CTRL_FLUSH: ++ BIO_set_retry_write(bio); ++ /* fall through */ ++ case BIO_CTRL_EOF: ++ case BIO_CTRL_RESET: ++ case BIO_CTRL_DUP: ++ case BIO_CTRL_PUSH: ++ case BIO_CTRL_POP: ++ default: ++ ret = 0; ++ break; ++ } ++ return ret; ++} ++ ++static int always_retry_gets(BIO *bio, char *buf, int size) ++{ ++ BIO_set_retry_read(bio); ++ return -1; ++} ++ ++static int always_retry_puts(BIO *bio, const char *str) ++{ ++ BIO_set_retry_write(bio); ++ return -1; ++} ++ + int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, + int min_proto_version, int max_proto_version, + SSL_CTX **sctx, SSL_CTX **cctx, char *certfile, +diff --git a/test/ssltestlib.h b/test/ssltestlib.h +index fa19e7d80d..56e323f5bc 100644 +--- a/test/ssltestlib.h ++++ b/test/ssltestlib.h +@@ -30,6 +30,9 @@ void bio_f_tls_dump_filter_free(void); + const BIO_METHOD *bio_s_mempacket_test(void); + void bio_s_mempacket_test_free(void); + ++const BIO_METHOD *bio_s_always_retry(void); ++void bio_s_always_retry_free(void); ++ + /* Packet types - value 0 is reserved */ + #define INJECT_PACKET 1 + #define INJECT_PACKET_IGNORE_REC_SEQ 2 +-- +2.20.1 + +diff -up openssl-1.1.1c/include/internal/constant_time_locl.h.valgrind openssl-1.1.1c/include/internal/constant_time_locl.h +--- openssl-1.1.1c/include/internal/constant_time_locl.h.valgrind 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/include/internal/constant_time_locl.h 2019-06-24 15:02:12.796053536 +0200 +@@ -213,18 +213,66 @@ static ossl_inline unsigned char constan + return constant_time_eq_8((unsigned)(a), (unsigned)(b)); + } + ++/* Returns the value unmodified, but avoids optimizations. */ ++static ossl_inline unsigned int value_barrier(unsigned int a) ++{ ++#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__) ++ unsigned int r; ++ __asm__("" : "=r"(r) : "0"(a)); ++#else ++ volatile unsigned int r = a; ++#endif ++ return r; ++} ++ ++/* Convenience method for uint32_t. */ ++static ossl_inline uint32_t value_barrier_32(uint32_t a) ++{ ++#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__) ++ uint32_t r; ++ __asm__("" : "=r"(r) : "0"(a)); ++#else ++ volatile uint32_t r = a; ++#endif ++ return r; ++} ++ ++/* Convenience method for uint64_t. */ ++static ossl_inline uint64_t value_barrier_64(uint64_t a) ++{ ++#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__) ++ uint64_t r; ++ __asm__("" : "=r"(r) : "0"(a)); ++#else ++ volatile uint64_t r = a; ++#endif ++ return r; ++} ++ ++/* Convenience method for size_t. */ ++static ossl_inline size_t value_barrier_s(size_t a) ++{ ++#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__) ++ size_t r; ++ __asm__("" : "=r"(r) : "0"(a)); ++#else ++ volatile size_t r = a; ++#endif ++ return r; ++} ++ + static ossl_inline unsigned int constant_time_select(unsigned int mask, + unsigned int a, + unsigned int b) + { +- return (mask & a) | (~mask & b); ++ return (value_barrier(mask) & a) | (value_barrier(~mask) & b); + } + + static ossl_inline size_t constant_time_select_s(size_t mask, + size_t a, + size_t b) + { +- return (mask & a) | (~mask & b); ++ return (value_barrier_s(mask) & a) | (value_barrier_s(~mask) & b); + } + + static ossl_inline unsigned char constant_time_select_8(unsigned char mask, +@@ -249,13 +297,13 @@ static ossl_inline int constant_time_sel + static ossl_inline uint32_t constant_time_select_32(uint32_t mask, uint32_t a, + uint32_t b) + { +- return (mask & a) | (~mask & b); ++ return (value_barrier_32(mask) & a) | (value_barrier_32(~mask) & b); + } + + static ossl_inline uint64_t constant_time_select_64(uint64_t mask, uint64_t a, + uint64_t b) + { +- return (mask & a) | (~mask & b); ++ return (value_barrier_64(mask) & a) | (value_barrier_64(~mask) & b); + } + + /* diff --git a/openssl-freefilesync/openssl.spec b/openssl-freefilesync/openssl.spec index f4d8c1f..29cef89 100644 --- a/openssl-freefilesync/openssl.spec +++ b/openssl-freefilesync/openssl.spec @@ -11,12 +11,9 @@ # 1.0.0 soversion = 10 # 1.1.0 soversion = 1.1 (same as upstream although presence of some symbols # depends on build configuration options) - -# Additions for openssl-freefilesync -# https://github.com/aria2/aria2/issues/1249 -# change fips-post-rand.patch where it calls random.h to: -# +# include </usr/include/linux/random.h> %define soversion 1.1 + +# for openssl-freefilesync %define fullname openssl-freefilesync %define shortname openssl @@ -27,9 +24,11 @@ %global _performance_build 1 Summary: Utilities from the general purpose cryptography library with TLS implementation +# for openssl-freefilesync Name: %{fullname} Version: 1.1.1c -Release: 2.stack%{?dist} +# for openssl-freefilesync +Release: 6.stack%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -98,6 +97,7 @@ protocols. %package libs Summary: A general purpose cryptography library with TLS implementation Requires: ca-certificates >= 2008-5 +# for openssl-freefilesync #Requires: crypto-policies >= 20180730 #Recommends: openssl-pkcs11%{?_isa} Provides: openssl-fips = %{epoch}:%{version}-%{release} @@ -138,6 +138,7 @@ package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit. %prep +# for openssl-freefilesync %setup -q -n %{shortname}-%{version} # The hobble_openssl is called here redundantly, just to be sure. @@ -169,6 +170,8 @@ cp %{SOURCE13} test/ %patch46 -p1 -b .seclevel %patch47 -p1 -b .ts-sha256-default %patch48 -p1 -b .fips-post-rand +# for openssl-freefilesync +sed -i -r -e '/sys\/random\.h/s@sys/random\.h@/usr/include/linux/random.h@;' crypto/rand/rand_unix.c %patch49 -p1 -b .evp-kdf %patch50 -p1 -b .ssh-kdf %patch51 -p1 -b .upstream-sync @@ -241,6 +244,7 @@ sslarch=linux-generic64 # marked as not requiring an executable stack. # Also add -DPURIFY to make using valgrind with openssl easier as we do not # want to depend on the uninitialized memory as a source of entropy anyway. +# for openssl-freefilesync RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -DPURIFY $RPM_LD_FLAGS" export HASHBANGPERL=/usr/bin/perl @@ -362,6 +366,7 @@ mkdir -m755 $RPM_BUILD_ROOT%{_sysconfdir}/pki/CA/newcerts # Ensure the config file timestamps are identical across builds to avoid # mulitlib conflicts and unnecessary renames on upgrade +# for openssl-freefilesync touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf%{version} touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf%{version} @@ -401,13 +406,23 @@ install -m644 %{SOURCE9} \ LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}} export LD_LIBRARY_PATH +# for openssl-freefilesync +pushd ${RPM_BUILD_ROOT}%{_mandir} +for word in $( find . ! -type d -print ) ; +do + mv "${word}" "${word}-111c" +done +popd +mv ${RPM_BUILD_ROOT}%{_bindir}/openssl{,-111c} + %files %{!?_licensedir:%global license %%doc} %license LICENSE %doc FAQ NEWS README README.FIPS %{_bindir}/make-dummy-cert %{_bindir}/renew-dummy-cert -%{_bindir}/openssl +# for openssl-freefilesync +%{_bindir}/openssl-111c %{_mandir}/man1*/* %{_mandir}/man5*/* %{_mandir}/man7*/* @@ -424,6 +439,7 @@ export LD_LIBRARY_PATH %dir %{_sysconfdir}/pki/tls/certs %dir %{_sysconfdir}/pki/tls/misc %dir %{_sysconfdir}/pki/tls/private +# for openssl-freefilesync %config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf%{version} %config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf%{version} %attr(0755,root,root) %{_libdir}/libcrypto.so.%{version} @@ -458,13 +474,29 @@ export LD_LIBRARY_PATH %dir %{_sysconfdir}/pki/CA/crl %dir %{_sysconfdir}/pki/CA/newcerts +# for openssl-freefilesync %post libs -p /sbin/ldconfig %postun libs -p /sbin/ldconfig %changelog -* Tue Jul 16 2019 B Stack <bgstack15@gmail.com> 1.1.1c-3.stack -- rebuild for el7 +* Wed Sep 18 2019 B Stack <bgstack15@gmail.com> 1.1.1c-6.stack +- rebuild for el7 for freefilesync + +* Fri Sep 6 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-6 +- upstream fix for status request extension non-compliance (#1737471) + +* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.1.1c-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Jun 24 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-4 +- do not try to use EC groups disallowed in FIPS mode + in TLS +- fix Valgrind regression with constant-time code + +* Mon Jun 3 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-3 +- add upstream patch to defer sending KeyUpdate after + pending writes are complete * Thu May 30 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-2 - fix use of uninitialized memory diff --git a/openssl-freefilesync/readme-openssl-freefilesync.md b/openssl-freefilesync/readme-openssl-freefilesync.md index 66b8f85..b095f14 100644 --- a/openssl-freefilesync/readme-openssl-freefilesync.md +++ b/openssl-freefilesync/readme-openssl-freefilesync.md @@ -1,17 +1,12 @@ # Purpose of this package -Package openssl-freefilesync exists to enable the compilation and execution of FreeFileSync on CentOS 7. CentOS 7 does not bundle high-enough versions of openssl in the base repositories, so the bgstack15 copr serves a customized package of a sufficient version of openssl. +// vim: syntax=markdown +Package openssl-freefilesync exists to enable the compilation and execution of FreeFileSync on CentOS 7. CentOS 7 does not bundle high-enough versions of openssl in the base repositories, so the bgstack15 copr serves a customized package of a sufficient version of openssl. The city-fan repo does not provide this one, so I have to hack the Fedora package myself. # How to maintain openssl-freefilesync Take a [Fedora release](https://mirrors.rit.edu/fedora/fedora/linux/updates/30/Everything/SRPMS/Packages/o/openssl-1.1.1c-2.fc30.src.rpm) of openssl and open it. rpm2cpio openssl-1.1.1c-2.fc30.src.rpm | cpio -idm -Make any modifications necessary to get it to compile. This mostly involves reverting any Fedora improvements to rpm specs since CentOS 7 was released, such as `%ldconfig_scriptlets`. Also, make changes to the .cnf file deployments so this package can be installed alongside the regular openssl package in the distro. - -# Changelog -* For openssl-freefilesync-1.1.1c -# https://github.com/aria2/aria2/issues/1249 -# change fips-post-rand.patch where it calls random.h to: - - +# include </usr/include/linux/random.h> - +Make any modifications necessary to get it to compile. This changes include: +* Revert any Fedora improvements to rpm specs since CentOS 7 was released, such as `%ldconfig_scriptlets` +* Rename cnf and man pages and the main binary so they do not collide with system openssl package diff --git a/openssl-freefilesync/stackrpms-openssl.spec.diff b/openssl-freefilesync/stackrpms-openssl.spec.diff new file mode 100644 index 0000000..8a7c9c2 --- /dev/null +++ b/openssl-freefilesync/stackrpms-openssl.spec.diff @@ -0,0 +1,139 @@ +--- /usr/src/openssl/1.1.1c-6.fc30/openssl.spec 2019-09-06 11:21:33.000000000 -0400 ++++ /usr/src/openssl/1.1.1c-6.stack/openssl.spec 2019-09-19 09:13:41.214594699 -0400 +@@ -13,6 +13,10 @@ + # depends on build configuration options) + %define soversion 1.1 + ++# for openssl-freefilesync ++%define fullname openssl-freefilesync ++%define shortname openssl ++ + # Arches on which we need to prevent arch conflicts on opensslconf.h, must + # also be handled in opensslconf-new.h. + %define multilib_arches %{ix86} ia64 %{mips} ppc ppc64 s390 s390x sparcv9 sparc64 x86_64 +@@ -20,9 +24,11 @@ + %global _performance_build 1 + + Summary: Utilities from the general purpose cryptography library with TLS implementation +-Name: openssl ++# for openssl-freefilesync ++Name: %{fullname} + Version: 1.1.1c +-Release: 6%{?dist} ++# for openssl-freefilesync ++Release: 6.stack%{?dist} + Epoch: 1 + # We have to remove certain patented algorithms from the openssl source + # tarball with the hobble-openssl script which is included below. +@@ -91,8 +97,9 @@ + %package libs + Summary: A general purpose cryptography library with TLS implementation + Requires: ca-certificates >= 2008-5 +-Requires: crypto-policies >= 20180730 +-Recommends: openssl-pkcs11%{?_isa} ++# for openssl-freefilesync ++#Requires: crypto-policies >= 20180730 ++#Recommends: openssl-pkcs11%{?_isa} + Provides: openssl-fips = %{epoch}:%{version}-%{release} + + %description libs +@@ -131,7 +138,8 @@ + from other formats to the formats used by the OpenSSL toolkit. + + %prep +-%setup -q -n %{name}-%{version} ++# for openssl-freefilesync ++%setup -q -n %{shortname}-%{version} + + # The hobble_openssl is called here redundantly, just to be sure. + # The tarball has already the sources removed. +@@ -162,6 +170,8 @@ + %patch46 -p1 -b .seclevel + %patch47 -p1 -b .ts-sha256-default + %patch48 -p1 -b .fips-post-rand ++# for openssl-freefilesync ++sed -i -r -e '/sys\/random\.h/s@sys/random\.h@/usr/include/linux/random.h@;' crypto/rand/rand_unix.c + %patch49 -p1 -b .evp-kdf + %patch50 -p1 -b .ssh-kdf + %patch51 -p1 -b .upstream-sync +@@ -234,7 +244,8 @@ + # marked as not requiring an executable stack. + # Also add -DPURIFY to make using valgrind with openssl easier as we do not + # want to depend on the uninitialized memory as a source of entropy anyway. +-RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -Wa,--generate-missing-build-notes=yes -DPURIFY $RPM_LD_FLAGS" ++# for openssl-freefilesync ++RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -DPURIFY $RPM_LD_FLAGS" + + export HASHBANGPERL=/usr/bin/perl + +@@ -355,11 +366,12 @@ + + # Ensure the config file timestamps are identical across builds to avoid + # mulitlib conflicts and unnecessary renames on upgrade +-touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf +-touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf ++# for openssl-freefilesync ++touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf%{version} ++touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf%{version} + +-rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf.dist +-rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf.dist ++rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf{,.dist} ++rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf{,.dist} + + # Determine which arch opensslconf.h is going to try to #include. + basearch=%{_arch} +@@ -394,13 +406,23 @@ + LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}} + export LD_LIBRARY_PATH + ++# for openssl-freefilesync ++pushd ${RPM_BUILD_ROOT}%{_mandir} ++for word in $( find . ! -type d -print ) ; ++do ++ mv "${word}" "${word}-111c" ++done ++popd ++mv ${RPM_BUILD_ROOT}%{_bindir}/openssl{,-111c} ++ + %files + %{!?_licensedir:%global license %%doc} + %license LICENSE + %doc FAQ NEWS README README.FIPS + %{_bindir}/make-dummy-cert + %{_bindir}/renew-dummy-cert +-%{_bindir}/openssl ++# for openssl-freefilesync ++%{_bindir}/openssl-111c + %{_mandir}/man1*/* + %{_mandir}/man5*/* + %{_mandir}/man7*/* +@@ -417,8 +439,9 @@ + %dir %{_sysconfdir}/pki/tls/certs + %dir %{_sysconfdir}/pki/tls/misc + %dir %{_sysconfdir}/pki/tls/private +-%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf +-%config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf ++# for openssl-freefilesync ++%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf%{version} ++%config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf%{version} + %attr(0755,root,root) %{_libdir}/libcrypto.so.%{version} + %attr(0755,root,root) %{_libdir}/libcrypto.so.%{soversion} + %attr(0755,root,root) %{_libdir}/libssl.so.%{version} +@@ -451,9 +474,15 @@ + %dir %{_sysconfdir}/pki/CA/crl + %dir %{_sysconfdir}/pki/CA/newcerts + +-%ldconfig_scriptlets libs ++# for openssl-freefilesync ++%post libs -p /sbin/ldconfig ++ ++%postun libs -p /sbin/ldconfig + + %changelog ++* Wed Sep 18 2019 B Stack <bgstack15@gmail.com> 1.1.1c-6.stack ++- rebuild for el7 for freefilesync ++ + * Fri Sep 6 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-6 + - upstream fix for status request extension non-compliance (#1737471) + |