diff --git a/.gitignore b/.gitignore index ae6bed9..2d84e1d 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/gnutls-3.1.18-hobbled.tar.xz +SOURCES/gnutls-3.3.8-hobbled.tar.xz diff --git a/.gnutls.metadata b/.gnutls.metadata index d808294..20684e9 100644 --- a/.gnutls.metadata +++ b/.gnutls.metadata @@ -1 +1 @@ -928dac9a2ea7b2de57bf9fdb62194aac22117df9 SOURCES/gnutls-3.1.18-hobbled.tar.xz +328c5c1d1fb28537df0e894765939b0f6b9780ea SOURCES/gnutls-3.3.8-hobbled.tar.xz diff --git a/SOURCES/ecc.c b/SOURCES/ecc.c deleted file mode 100644 index f4869b0..0000000 --- a/SOURCES/ecc.c +++ /dev/null @@ -1,314 +0,0 @@ -/* - * Copyright (C) 2011-2012 Free Software Foundation, Inc. - * - * Author: Nikos Mavrogiannopoulos - * - * This file is part of GnuTLS. - * - * The GnuTLS is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program. If not, see - * - */ - -#include -#include -#include -#include - - -/* Supported ECC curves - */ - -static const gnutls_ecc_curve_entry_st ecc_curves[] = { - { - .name = "SECP256R1", - .oid = "1.2.840.10045.3.1.7", - .id = GNUTLS_ECC_CURVE_SECP256R1, - .tls_id = 23, - .size = 32, - .prime = "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", - .A = "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", - .B = "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", - .order = "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", - .Gx = "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", - .Gy = "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", - }, - { - .name = "SECP384R1", - .oid = "1.3.132.0.34", - .id = GNUTLS_ECC_CURVE_SECP384R1, - .tls_id = 24, - .size = 48, - .prime = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", - .A = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", - .B = "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", - .order = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", - .Gx = "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", - .Gy = "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F" - }, - { - .name = "SECP521R1", - .oid = "1.3.132.0.35", - .id = GNUTLS_ECC_CURVE_SECP521R1, - .tls_id = 25, - .size = 66, - .prime = "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", - .A = "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", - .B = "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", - .order = "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", - .Gx = "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", - .Gy = "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", - }, - {0, 0, 0} -}; - -#define GNUTLS_ECC_CURVE_LOOP(b) \ - { const gnutls_ecc_curve_entry_st *p; \ - for(p = ecc_curves; p->name != NULL; p++) { b ; } } - - -/* Returns the TLS id of the given curve - */ -int -_gnutls_tls_id_to_ecc_curve (int num) -{ - gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_INVALID; - - GNUTLS_ECC_CURVE_LOOP ( - if (p->tls_id == num) - { - ret = p->id; - break; - } - ); - - return ret; -} - -/** - * gnutls_ecc_curve_list: - * - * Get the list of supported elliptic curves. - * - * This function is not thread safe. - * - * Returns: Return a (0)-terminated list of #gnutls_ecc_curve_t - * integers indicating the available curves. - **/ -const gnutls_ecc_curve_t * -gnutls_ecc_curve_list (void) -{ -static gnutls_ecc_curve_t supported_curves[MAX_ALGOS] = { 0 }; - - if (supported_curves[0] == 0) - { - int i = 0; - - GNUTLS_ECC_CURVE_LOOP ( - supported_curves[i++]=p->id; - ); - supported_curves[i++]=0; - } - - return supported_curves; -} - -/* Maps numbers to TLS NamedCurve IDs (RFC4492). - * Returns a negative number on error. - */ -int -_gnutls_ecc_curve_get_tls_id (gnutls_ecc_curve_t supported_ecc) -{ - int ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; - - GNUTLS_ECC_CURVE_LOOP ( - if (p->id == supported_ecc) - { - ret = p->tls_id; - break; - } - ); - - return ret; -} - -/*- - * _gnutls_oid_to_ecc_curve: - * @oid: is a curve's OID - * - * Returns: return a #gnutls_ecc_curve_t value corresponding to - * the specified OID, or %GNUTLS_ECC_CURVE_INVALID on error. - -*/ -gnutls_ecc_curve_t _gnutls_oid_to_ecc_curve (const char* oid) -{ - gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_INVALID; - - GNUTLS_ECC_CURVE_LOOP ( - if (strcasecmp (p->oid, oid) == 0) - { - ret = p->id; - break; - } - ); - - return ret; -} - -/*- - * _gnutls_ecc_curve_get_id: - * @name: is a curve name - * - * The names are compared in a case insensitive way. - * - * Returns: return a #gnutls_ecc_curve_t value corresponding to - * the specified curve, or %GNUTLS_ECC_CURVE_INVALID on error. - -*/ -gnutls_ecc_curve_t -_gnutls_ecc_curve_get_id (const char *name) -{ - gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_INVALID; - - GNUTLS_ECC_CURVE_LOOP ( - if (strcasecmp (p->name, name) == 0) - { - ret = p->id; - break; - } - ); - - return ret; -} - -/*- - * _gnutls_ecc_bits_to_curve: - * @bits: is a security parameter in bits - * - * Returns: return a #gnutls_ecc_curve_t value corresponding to - * the specified bit length, or %GNUTLS_ECC_CURVE_INVALID on error. - -*/ -gnutls_ecc_curve_t -_gnutls_ecc_bits_to_curve (int bits) -{ - gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_SECP224R1; - - GNUTLS_ECC_CURVE_LOOP ( - if (8*p->size >= bits) - { - ret = p->id; - break; - } - ); - - return ret; -} - -/** - * gnutls_ecc_curve_get_name: - * @curve: is an ECC curve - * - * Convert a #gnutls_ecc_curve_t value to a string. - * - * Returns: a string that contains the name of the specified - * curve or %NULL. - * - * Since: 3.0 - **/ -const char * -gnutls_ecc_curve_get_name (gnutls_ecc_curve_t curve) -{ - const char *ret = NULL; - - GNUTLS_ECC_CURVE_LOOP( - if (p->id == curve) - { - ret = p->name; - break; - } - ); - - return ret; -} - -/*- - * _gnutls_ecc_curve_get_oid: - * @curve: is an ECC curve - * - * Convert a #gnutls_ecc_curve_t value to a string. - * - * Returns: a string that contains the name of the specified - * curve or %NULL. - -*/ -const char * -_gnutls_ecc_curve_get_oid (gnutls_ecc_curve_t curve) -{ - const char *ret = NULL; - - GNUTLS_ECC_CURVE_LOOP( - if (p->id == curve) - { - ret = p->oid; - break; - } - ); - - return ret; -} - -/*- - * _gnutls_ecc_curve_get_params: - * @curve: is an ECC curve - * - * Returns the information on a curve. - * - * Returns: a pointer to #gnutls_ecc_curve_entry_st or %NULL. - -*/ -const gnutls_ecc_curve_entry_st * -_gnutls_ecc_curve_get_params (gnutls_ecc_curve_t curve) -{ - const gnutls_ecc_curve_entry_st *ret = NULL; - - GNUTLS_ECC_CURVE_LOOP( - if (p->id == curve) - { - ret = p; - break; - } - ); - - return ret; -} - -/** - * gnutls_ecc_curve_get_size: - * @curve: is an ECC curve - * - * Returns the size in bytes of the curve. - * - * Returns: a the size or (0). - * - * Since: 3.0 - **/ -int gnutls_ecc_curve_get_size (gnutls_ecc_curve_t curve) -{ - int ret = 0; - - GNUTLS_ECC_CURVE_LOOP( - if (p->id == curve) - { - ret = p->size; - break; - } - ); - - return ret; -} diff --git a/SOURCES/gnutls-2.12.21-fips-algorithms.patch b/SOURCES/gnutls-2.12.21-fips-algorithms.patch deleted file mode 100644 index f40af01..0000000 --- a/SOURCES/gnutls-2.12.21-fips-algorithms.patch +++ /dev/null @@ -1,209 +0,0 @@ -diff -up gnutls-2.12.21/lib/gcrypt/init.c.fips gnutls-2.12.21/lib/gcrypt/init.c ---- gnutls-2.12.21/lib/gcrypt/init.c.fips 2012-01-06 20:06:23.000000000 +0100 -+++ gnutls-2.12.21/lib/gcrypt/init.c 2012-11-09 19:57:54.651624659 +0100 -@@ -43,6 +43,8 @@ static struct gcry_thread_cbs gct = { - .recvmsg = NULL, - }; - -+int gnutls_gcrypt_fips; -+ - int - gnutls_crypto_init (void) - { -@@ -72,6 +74,8 @@ gnutls_crypto_init (void) - return GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY; - } - -+ gnutls_gcrypt_fips = gcry_fips_mode_active(); -+ - /* for gcrypt in order to be able to allocate memory */ - gcry_control (GCRYCTL_DISABLE_SECMEM, NULL, 0); - -diff -up gnutls-2.12.21/lib/gnutls_algorithms.c.fips gnutls-2.12.21/lib/gnutls_algorithms.c ---- gnutls-2.12.21/lib/gnutls_algorithms.c.fips 2012-01-06 20:06:23.000000000 +0100 -+++ gnutls-2.12.21/lib/gnutls_algorithms.c 2012-11-28 14:19:34.507948036 +0100 -@@ -44,11 +44,11 @@ typedef struct - } gnutls_sec_params_entry; - - static const gnutls_sec_params_entry sec_params[] = { -- {"Weak", GNUTLS_SEC_PARAM_WEAK, 64, 816, 1024, 128, 128}, -- {"Low", GNUTLS_SEC_PARAM_LOW, 80, 1248, 2048, 160, 160}, -- {"Normal", GNUTLS_SEC_PARAM_NORMAL, 112, 2432, 3072, 224, 224}, -- {"High", GNUTLS_SEC_PARAM_HIGH, 128, 3248, 3072, 256, 256}, -- {"Ultra", GNUTLS_SEC_PARAM_ULTRA, 256, 15424, 3072, 512, 512}, -+ {"Weak", GNUTLS_SEC_PARAM_WEAK, 64, 1024, 1024, 128, 128}, -+ {"Low", GNUTLS_SEC_PARAM_LOW, 80, 1280, 2048, 160, 160}, -+ {"Normal", GNUTLS_SEC_PARAM_NORMAL, 112, 2560, 3072, 224, 224}, -+ {"High", GNUTLS_SEC_PARAM_HIGH, 128, 3328, 3072, 256, 256}, -+ {"Ultra", GNUTLS_SEC_PARAM_ULTRA, 256, 15616, 3072, 512, 512}, - {NULL, 0, 0, 0, 0, 0} - }; - -diff -up gnutls-2.12.21/lib/gnutls_priority.c.fips gnutls-2.12.21/lib/gnutls_priority.c ---- gnutls-2.12.21/lib/gnutls_priority.c.fips 2012-11-08 17:11:11.000000000 +0100 -+++ gnutls-2.12.21/lib/gnutls_priority.c 2012-11-09 19:57:54.651624659 +0100 -@@ -30,6 +30,7 @@ - #include "gnutls_algorithms.h" - #include "gnutls_errors.h" - #include -+#include - - static void - break_comma_list (char *etag, -@@ -223,6 +224,13 @@ static const int protocol_priority[] = { - 0 - }; - -+static const int protocol_priority_fips[] = { -+ GNUTLS_TLS1_2, -+ GNUTLS_TLS1_1, -+ GNUTLS_TLS1_0, -+ 0 -+}; -+ - static const int kx_priority_performance[] = { - GNUTLS_KX_RSA, - GNUTLS_KX_DHE_RSA, -@@ -269,6 +277,13 @@ static const int cipher_priority_perform - 0 - }; - -+static const int cipher_priority_performance_fips[] = { -+ GNUTLS_CIPHER_AES_128_CBC, -+ GNUTLS_CIPHER_3DES_CBC, -+ GNUTLS_CIPHER_AES_256_CBC, -+ 0 -+}; -+ - static const int cipher_priority_normal[] = { - GNUTLS_CIPHER_AES_128_CBC, - #ifdef ENABLE_CAMELLIA -@@ -284,6 +299,13 @@ static const int cipher_priority_normal[ - 0 - }; - -+static const int cipher_priority_normal_fips[] = { -+ GNUTLS_CIPHER_AES_128_CBC, -+ GNUTLS_CIPHER_AES_256_CBC, -+ GNUTLS_CIPHER_3DES_CBC, -+ 0 -+}; -+ - static const int cipher_priority_secure128[] = { - GNUTLS_CIPHER_AES_128_CBC, - #ifdef ENABLE_CAMELLIA -@@ -295,6 +317,11 @@ static const int cipher_priority_secure1 - 0 - }; - -+static const int cipher_priority_secure128_fips[] = { -+ GNUTLS_CIPHER_AES_128_CBC, -+ GNUTLS_CIPHER_3DES_CBC, -+ 0 -+}; - - static const int cipher_priority_secure256[] = { - GNUTLS_CIPHER_AES_256_CBC, -@@ -311,6 +338,13 @@ static const int cipher_priority_secure2 - 0 - }; - -+static const int cipher_priority_secure256_fips[] = { -+ GNUTLS_CIPHER_AES_256_CBC, -+ GNUTLS_CIPHER_AES_128_CBC, -+ GNUTLS_CIPHER_3DES_CBC, -+ 0 -+}; -+ - /* The same as cipher_priority_security_normal + arcfour-40. */ - static const int cipher_priority_export[] = { - GNUTLS_CIPHER_AES_128_CBC, -@@ -362,6 +396,12 @@ static const int mac_priority_normal[] = - 0 - }; - -+static const int mac_priority_normal_fips[] = { -+ GNUTLS_MAC_SHA1, -+ GNUTLS_MAC_SHA256, -+ 0 -+}; -+ - - static const int mac_priority_secure[] = { - GNUTLS_MAC_SHA256, -@@ -462,6 +502,8 @@ gnutls_priority_set (gnutls_session_t se - - #define MAX_ELEMENTS 48 - -+extern int gnutls_gcrypt_fips; -+ - /** - * gnutls_priority_init: - * @priority_cache: is a #gnutls_prioritity_t structure. -@@ -561,7 +603,7 @@ gnutls_priority_init (gnutls_priority_t - */ - if (strcasecmp (broken_list[0], "NONE") != 0) - { -- _set_priority (&(*priority_cache)->protocol, protocol_priority); -+ _set_priority (&(*priority_cache)->protocol, gnutls_gcrypt_fips?protocol_priority_fips:protocol_priority); - _set_priority (&(*priority_cache)->compression, comp_priority); - _set_priority (&(*priority_cache)->cert_type, cert_type_priority_default); - _set_priority (&(*priority_cache)->sign_algo, sign_priority_default); -@@ -577,17 +619,17 @@ gnutls_priority_init (gnutls_priority_t - if (strcasecmp (broken_list[i], "PERFORMANCE") == 0) - { - _set_priority (&(*priority_cache)->cipher, -- cipher_priority_performance); -+ gnutls_gcrypt_fips?cipher_priority_performance_fips:cipher_priority_performance); - _set_priority (&(*priority_cache)->kx, kx_priority_performance); -- _set_priority (&(*priority_cache)->mac, mac_priority_normal); -+ _set_priority (&(*priority_cache)->mac, gnutls_gcrypt_fips?mac_priority_normal_fips:mac_priority_normal); - _set_priority (&(*priority_cache)->sign_algo, - sign_priority_default); - } - else if (strcasecmp (broken_list[i], "NORMAL") == 0) - { -- _set_priority (&(*priority_cache)->cipher, cipher_priority_normal); -+ _set_priority (&(*priority_cache)->cipher, gnutls_gcrypt_fips?cipher_priority_normal_fips:cipher_priority_normal); - _set_priority (&(*priority_cache)->kx, kx_priority_secure); -- _set_priority (&(*priority_cache)->mac, mac_priority_normal); -+ _set_priority (&(*priority_cache)->mac, gnutls_gcrypt_fips?mac_priority_normal_fips:mac_priority_normal); - _set_priority (&(*priority_cache)->sign_algo, - sign_priority_default); - } -@@ -595,7 +637,7 @@ gnutls_priority_init (gnutls_priority_t - || strcasecmp (broken_list[i], "SECURE") == 0) - { - _set_priority (&(*priority_cache)->cipher, -- cipher_priority_secure256); -+ gnutls_gcrypt_fips?cipher_priority_secure256_fips:cipher_priority_secure256); - _set_priority (&(*priority_cache)->kx, kx_priority_secure); - _set_priority (&(*priority_cache)->mac, mac_priority_secure); - _set_priority (&(*priority_cache)->sign_algo, -@@ -604,7 +646,7 @@ gnutls_priority_init (gnutls_priority_t - else if (strcasecmp (broken_list[i], "SECURE128") == 0) - { - _set_priority (&(*priority_cache)->cipher, -- cipher_priority_secure128); -+ gnutls_gcrypt_fips?cipher_priority_secure128_fips:cipher_priority_secure128); - _set_priority (&(*priority_cache)->kx, kx_priority_secure); - _set_priority (&(*priority_cache)->mac, mac_priority_secure); - _set_priority (&(*priority_cache)->sign_algo, -@@ -646,7 +688,7 @@ gnutls_priority_init (gnutls_priority_t - if (strncasecmp (&broken_list[i][1], "VERS-TLS-ALL", 12) == 0) - { - bulk_fn (&(*priority_cache)->protocol, -- protocol_priority); -+ gnutls_gcrypt_fips?protocol_priority_fips:protocol_priority); - } - else - { -@@ -718,7 +760,7 @@ gnutls_priority_init (gnutls_priority_t - else if (strncasecmp (&broken_list[i][1], "CIPHER-ALL", 7) == 0) - { - bulk_fn (&(*priority_cache)->cipher, -- cipher_priority_normal); -+ gnutls_gcrypt_fips?cipher_priority_normal_fips:cipher_priority_normal); - } - else - goto error; diff --git a/SOURCES/gnutls-3.1.10-tests-rndport.patch b/SOURCES/gnutls-3.1.10-tests-rndport.patch deleted file mode 100644 index 6fe2236..0000000 --- a/SOURCES/gnutls-3.1.10-tests-rndport.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -up gnutls-3.1.10/tests/dsa/testdsa.rndport gnutls-3.1.10/tests/dsa/testdsa ---- gnutls-3.1.10/tests/dsa/testdsa.rndport 2013-03-21 21:42:28.000000000 +0100 -+++ gnutls-3.1.10/tests/dsa/testdsa 2013-03-26 15:50:38.973561603 +0100 -@@ -23,7 +23,7 @@ - srcdir="${srcdir:-.}" - SERV="${SERV:-../../src/gnutls-serv} -q" - CLI="${CLI:-../../src/gnutls-cli}" --PORT="${PORT:-5559}" -+PORT="${PORT:-$((RANDOM+5000))}" - DEBUG="" - unset RETCODE - -diff -up gnutls-3.1.10/tests/openpgp-certs/testcerts.rndport gnutls-3.1.10/tests/openpgp-certs/testcerts ---- gnutls-3.1.10/tests/openpgp-certs/testcerts.rndport 2013-03-21 21:42:28.000000000 +0100 -+++ gnutls-3.1.10/tests/openpgp-certs/testcerts 2013-03-26 15:52:33.207007952 +0100 -@@ -23,7 +23,7 @@ - srcdir="${srcdir:-.}" - SERV="${SERV:-../../src/gnutls-serv} -q" - CLI="${CLI:-../../src/gnutls-cli}" --PORT="${PORT:-5557}" -+PORT="${PORT:-$((RANDOM+5000))}" - DEBUG="" - - if test "${WINDIR}" != "";then diff --git a/SOURCES/gnutls-3.1.17-rpath.patch b/SOURCES/gnutls-3.1.17-rpath.patch deleted file mode 100644 index bac0981..0000000 --- a/SOURCES/gnutls-3.1.17-rpath.patch +++ /dev/null @@ -1,29 +0,0 @@ -diff -ur gnutls-3.1.17.orig/configure gnutls-3.1.17/configure ---- gnutls-3.1.17.orig/configure 2013-11-23 10:55:26.000000000 +0100 -+++ gnutls-3.1.17/configure 2013-11-26 11:33:04.865342480 +0100 -@@ -49103,7 +49103,7 @@ - shlibpath_overrides_runpath=unknown - version_type=none - dynamic_linker="$host_os ld.so" --sys_lib_dlsearch_path_spec="/lib /usr/lib" -+sys_lib_dlsearch_path_spec="/lib /usr/lib /lib64 /usr/lib64" - need_lib_prefix=unknown - hardcode_into_libs=no - -@@ -52940,7 +52940,7 @@ - shlibpath_overrides_runpath=unknown - version_type=none - dynamic_linker="$host_os ld.so" --sys_lib_dlsearch_path_spec="/lib /usr/lib" -+sys_lib_dlsearch_path_spec="/lib /usr/lib /lib64 /usr/lib64" - need_lib_prefix=unknown - hardcode_into_libs=no - -Only in gnutls-3.1.17: configure~ -Only in gnutls-3.1.17.orig/lib/algorithms: ecc.c -Only in gnutls-3.1.17.orig/lib/auth: srp.c -Only in gnutls-3.1.17.orig/lib/auth: srp_passwd.c -Only in gnutls-3.1.17.orig/lib/auth: srp_rsa.c -Only in gnutls-3.1.17.orig/lib/auth: srp_sb64.c -Only in gnutls-3.1.17.orig/lib/ext: srp.c -Only in gnutls-3.1.17.orig/lib: gnutls_srp.c diff --git a/SOURCES/gnutls-3.1.18-cve-2014-0092.patch b/SOURCES/gnutls-3.1.18-cve-2014-0092.patch deleted file mode 100644 index a0684bb..0000000 --- a/SOURCES/gnutls-3.1.18-cve-2014-0092.patch +++ /dev/null @@ -1,128 +0,0 @@ -From 43ad7b2ad231489b7ada46e2f34deb82d64dd54d Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos -Date: Wed, 19 Feb 2014 11:10:26 +0100 -Subject: [PATCH] corrected return codes. - ---- - lib/x509/verify.c | 22 ++++++++++++++-------- - 1 file changed, 14 insertions(+), 8 deletions(-) - -diff --git a/lib/x509/verify.c b/lib/x509/verify.c -index 86a901e..d3f349b 100644 ---- a/lib/x509/verify.c -+++ b/lib/x509/verify.c -@@ -106,7 +106,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - if (result < 0) - { - gnutls_assert (); -- goto cleanup; -+ goto fail; - } - - result = -@@ -115,7 +115,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - if (result < 0) - { - gnutls_assert (); -- goto cleanup; -+ goto fail; - } - - result = -@@ -123,7 +123,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - if (result < 0) - { - gnutls_assert (); -- goto cleanup; -+ goto fail; - } - - result = -@@ -131,7 +131,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - if (result < 0) - { - gnutls_assert (); -- goto cleanup; -+ goto fail; - } - - /* If the subject certificate is the same as the issuer -@@ -183,6 +183,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - else - gnutls_assert (); - -+fail: - result = 0; - - cleanup: -@@ -408,14 +409,15 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, - if (issuer_version < 0) - { - gnutls_assert (); -- return issuer_version; -+ result = 0; -+ goto cleanup; - } - - if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) && - ((flags & GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT) - || issuer_version != 1)) - { -- if (check_if_ca (cert, issuer, max_path, flags) == 0) -+ if (check_if_ca (cert, issuer, max_path, flags) != 1) - { - gnutls_assert (); - out = GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID; -@@ -446,6 +448,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, - if (result < 0) - { - gnutls_assert (); -+ result = 0; - goto cleanup; - } - -@@ -454,6 +457,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, - if (result < 0) - { - gnutls_assert (); -+ result = 0; - goto cleanup; - } - -@@ -461,6 +465,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, - if (result < 0) - { - gnutls_assert (); -+ result = 0; - goto cleanup; - } - -@@ -481,6 +486,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, - else if (result < 0) - { - gnutls_assert(); -+ result = 0; - goto cleanup; - } - -@@ -650,7 +656,7 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list, - ret = _gnutls_verify_certificate2 (certificate_list[clist_size - 1], - trusted_cas, tcas_size, flags, &output, - &issuer, now, &max_path, func); -- if (ret == 0) -+ if (ret != 1) - { - /* if the last certificate in the certificate - * list is invalid, then the certificate is not -@@ -681,7 +687,7 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list, - if ((ret = - _gnutls_verify_certificate2 (certificate_list[i - 1], - &certificate_list[i], 1, flags, -- &output, NULL, now, &max_path, func)) == 0) -+ &output, NULL, now, &max_path, func)) != 1) - { - status |= output; - status |= GNUTLS_CERT_INVALID; --- -1.8.5.3 - diff --git a/SOURCES/gnutls-3.1.18-cve-2014-8564.patch b/SOURCES/gnutls-3.1.18-cve-2014-8564.patch deleted file mode 100644 index 99c598d..0000000 --- a/SOURCES/gnutls-3.1.18-cve-2014-8564.patch +++ /dev/null @@ -1,39 +0,0 @@ -diff --git a/lib/gnutls_ecc.c b/lib/gnutls_ecc.c -index 51abe7b..5816b96 100644 ---- a/lib/gnutls_ecc.c -+++ b/lib/gnutls_ecc.c -@@ -53,12 +53,24 @@ _gnutls_ecc_ansi_x963_export (gnutls_ecc_curve_t curve, bigint_t x, bigint_t y, - - /* pad and store x */ - byte_size = (_gnutls_mpi_get_nbits (x) + 7) / 8; -+ if (numlen < byte_size) -+ { -+ ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); -+ goto cleanup; -+ } -+ - size = out->size - (1 + (numlen - byte_size)); - ret = _gnutls_mpi_print (x, &out->data[1 + (numlen - byte_size)], &size); - if (ret < 0) - return gnutls_assert_val (ret); - - byte_size = (_gnutls_mpi_get_nbits (y) + 7) / 8; -+ if (numlen < byte_size) -+ { -+ ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); -+ goto cleanup; -+ } -+ - size = out->size - (1 + (numlen + numlen - byte_size)); - ret = - _gnutls_mpi_print (y, &out->data[1 + numlen + numlen - byte_size], &size); -@@ -67,6 +79,9 @@ _gnutls_ecc_ansi_x963_export (gnutls_ecc_curve_t curve, bigint_t x, bigint_t y, - - /* pad and store y */ - return 0; -+cleanup: -+ _gnutls_free_datum(out); -+ return ret; - } - - diff --git a/SOURCES/gnutls-3.1.18-fix-crash-on-certain-names.patch b/SOURCES/gnutls-3.1.18-fix-crash-on-certain-names.patch deleted file mode 100644 index 6bd51db..0000000 --- a/SOURCES/gnutls-3.1.18-fix-crash-on-certain-names.patch +++ /dev/null @@ -1,35 +0,0 @@ -From d3648ebb04b650e6d20a2ec1fb839256b30b9fc6 Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos -Date: Sun, 26 Jan 2014 20:03:50 +0100 -Subject: [PATCH] fixed null pointer derefence when printing a name and an LDAP - description isn't present for the OID - -Conflicts: - lib/x509/common.c ---- - lib/x509/common.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/lib/x509/common.c b/lib/x509/common.c -index 59b7e93..f761b25 100644 ---- a/lib/x509/common.c -+++ b/lib/x509/common.c -@@ -1,5 +1,5 @@ - /* -- * Copyright (C) 2003-2012 Free Software Foundation, Inc. -+ * Copyright (C) 2003-2014 Free Software Foundation, Inc. - * - * Author: Nikos Mavrogiannopoulos - * -@@ -242,7 +242,7 @@ gnutls_x509_dn_oid_name (const char *oid, unsigned int flags) - - do - { -- if (strcmp (_oid2str[i].oid, oid) == 0) -+ if (strcmp (_oid2str[i].oid, oid) == 0 && _oid2str[i].ldap_desc != NULL) - return _oid2str[i].ldap_desc; - i++; - } --- -1.9.0 - diff --git a/SOURCES/gnutls-3.1.18-server-hello-fix.patch b/SOURCES/gnutls-3.1.18-server-hello-fix.patch deleted file mode 100644 index e9721a7..0000000 --- a/SOURCES/gnutls-3.1.18-server-hello-fix.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -ur gnutls-3.1.18.orig/lib/gnutls_handshake.c gnutls-3.1.18/lib/gnutls_handshake.c ---- gnutls-3.1.18.orig/lib/gnutls_handshake.c 2013-11-15 18:10:53.000000000 +0100 -+++ gnutls-3.1.18/lib/gnutls_handshake.c 2014-05-28 13:43:50.922689540 +0200 -@@ -1679,7 +1679,7 @@ - DECR_LEN (len, 1); - session_id_len = data[pos++]; - -- if (len < session_id_len) -+ if (len < session_id_len || session_id_len > TLS_MAX_SESSION_ID_SIZE) - { - gnutls_assert (); - return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; diff --git a/SOURCES/gnutls-3.1.18-suiteb.patch b/SOURCES/gnutls-3.1.18-suiteb.patch deleted file mode 100644 index 8b5974c..0000000 --- a/SOURCES/gnutls-3.1.18-suiteb.patch +++ /dev/null @@ -1,141 +0,0 @@ -diff -ur gnutls-3.1.18.orig/lib/gnutls_ecc.c gnutls-3.1.18/lib/gnutls_ecc.c ---- gnutls-3.1.18.orig/lib/gnutls_ecc.c 2013-04-02 22:27:35.000000000 +0200 -+++ gnutls-3.1.18/lib/gnutls_ecc.c 2014-01-02 09:13:27.383415863 +0100 -@@ -129,6 +129,12 @@ - goto cleanup; - } - params->params_nr++; -+ -+ if (_gnutls_mpi_get_nbits(params->params[ECC_PRIME]) < 256) -+ { -+ ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE); -+ goto cleanup; -+ } - - val_size = sizeof(val); - ret = _gnutls_hex2bin(st->order, strlen(st->order), val, &val_size); -diff -ur gnutls-3.1.18.orig/lib/gnutls_priority.c gnutls-3.1.18/lib/gnutls_priority.c ---- gnutls-3.1.18.orig/lib/gnutls_priority.c 2013-11-19 18:36:38.000000000 +0100 -+++ gnutls-3.1.18/lib/gnutls_priority.c 2014-01-02 09:13:27.384415875 +0100 -@@ -245,8 +245,6 @@ - } - - static const int supported_ecc_normal[] = { -- GNUTLS_ECC_CURVE_SECP192R1, -- GNUTLS_ECC_CURVE_SECP224R1, - GNUTLS_ECC_CURVE_SECP256R1, - GNUTLS_ECC_CURVE_SECP384R1, - GNUTLS_ECC_CURVE_SECP521R1, -diff -ur gnutls-3.1.18.orig/lib/nettle/ecc_mulmod_cached.c gnutls-3.1.18/lib/nettle/ecc_mulmod_cached.c ---- gnutls-3.1.18.orig/lib/nettle/ecc_mulmod_cached.c 2013-04-02 22:27:35.000000000 +0200 -+++ gnutls-3.1.18/lib/nettle/ecc_mulmod_cached.c 2014-01-02 10:26:08.425986981 +0100 -@@ -42,6 +42,7 @@ - - /* global cache */ - static gnutls_ecc_curve_cache_entry_t *ecc_wmnaf_cache = NULL; -+static gnutls_ecc_curve_cache_entry_t *ecc_wmnaf_cache_last = NULL; - - /* free single cache entry */ - static void -@@ -63,13 +64,15 @@ - gnutls_ecc_curve_cache_entry_t *p = ecc_wmnaf_cache; - if (p) - { -- for (; p->id != GNUTLS_ECC_CURVE_INVALID; ++p) -+ for (; p <= ecc_wmnaf_cache_last; ++p) - { -- _ecc_wmnaf_cache_entry_free (p); -+ if (p->id != GNUTLS_ECC_CURVE_INVALID) -+ _ecc_wmnaf_cache_entry_free (p); - } - - free (ecc_wmnaf_cache); - ecc_wmnaf_cache = NULL; -+ ecc_wmnaf_cache_last = NULL; - } - } - -@@ -198,7 +201,7 @@ - const gnutls_ecc_curve_t *p; - - ret = (gnutls_ecc_curve_cache_entry_t *) -- malloc (MAX_ALGOS * sizeof (gnutls_ecc_curve_cache_entry_t)); -+ calloc (MAX_ALGOS, sizeof (gnutls_ecc_curve_cache_entry_t)); - if (ret == NULL) - return GNUTLS_E_MEMORY_ERROR; - -@@ -207,12 +210,16 @@ - - for (j = 0; *p; ++p, ++j) - { -- if ((err = _ecc_wmnaf_cache_entry_init (ret + *p - 1, *p)) != 0) -+ gnutls_ecc_curve_cache_entry_t *entry; -+ -+ entry = ret + *p - 1; -+ if ((err = _ecc_wmnaf_cache_entry_init (entry, *p)) != 0) - goto done; -+ if (ecc_wmnaf_cache_last < entry) -+ ecc_wmnaf_cache_last = entry; - } - -- /* nullify last cache entry id */ -- ret[j].id = GNUTLS_ECC_CURVE_INVALID; -+ /* no need to nullify last cache entry id, done by calloc */ - - err = GNUTLS_E_SUCCESS; - -@@ -223,11 +230,13 @@ - int i; - for (i = 0; i < j; ++i) - { -- _ecc_wmnaf_cache_entry_free (ret + i); -+ --p; -+ _ecc_wmnaf_cache_entry_free (ret + *p - 1); - } - - free (ret); - ecc_wmnaf_cache = NULL; -+ ecc_wmnaf_cache_last = NULL; - } - return err; - } -@@ -445,9 +454,11 @@ - if (k == NULL || G == NULL || R == NULL || modulus == NULL) - return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; - -- for (i = 0; (id = ecc_wmnaf_cache[i].id); ++i) -+ for (i = 0; ecc_wmnaf_cache + i <= ecc_wmnaf_cache_last; ++i) - { -- if (!(mpz_cmp (G->x, ecc_wmnaf_cache[i].pos[0]->x)) && -+ id = ecc_wmnaf_cache[i].id; -+ if (id && -+ !(mpz_cmp (G->x, ecc_wmnaf_cache[i].pos[0]->x)) && - !(mpz_cmp (G->y, ecc_wmnaf_cache[i].pos[0]->y))) - { - break; -diff -ur gnutls-3.1.18.orig/tests/mini-xssl.c gnutls-3.1.18/tests/mini-xssl.c ---- gnutls-3.1.18.orig/tests/mini-xssl.c 2013-05-30 08:50:22.000000000 +0200 -+++ gnutls-3.1.18/tests/mini-xssl.c 2014-01-02 09:13:27.384415875 +0100 -@@ -27,7 +27,8 @@ - #include - #include - --#if defined(_WIN32) -+/* uses unsupported curves */ -+#if 1 - - int main() - { -diff -ur gnutls-3.1.18.orig/tests/pkcs12_simple.c gnutls-3.1.18/tests/pkcs12_simple.c ---- gnutls-3.1.18.orig/tests/pkcs12_simple.c 2013-05-21 20:27:20.000000000 +0200 -+++ gnutls-3.1.18/tests/pkcs12_simple.c 2014-01-02 09:13:27.384415875 +0100 -@@ -50,6 +50,9 @@ - gnutls_x509_privkey_t pkey; - int ret; - -+ /* uses unsupported curves */ -+ exit(77); -+ - ret = global_init (); - if (ret < 0) - fail ("global_init failed %d\n", ret); diff --git a/SOURCES/gnutls-3.1.18-v1-fix.patch b/SOURCES/gnutls-3.1.18-v1-fix.patch deleted file mode 100644 index 5964af5..0000000 --- a/SOURCES/gnutls-3.1.18-v1-fix.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/lib/x509/verify.c b/lib/x509/verify.c -index cb8289e..86a901e 100644 ---- a/lib/x509/verify.c -+++ b/lib/x509/verify.c -@@ -674,7 +674,10 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list, - * certificates can exist in a supplied chain. - */ - if (!(flags & GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT)) -- flags &= ~(GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT); -+ { -+ flags &= ~(GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT); -+ flags |= GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT; -+ } - if ((ret = - _gnutls_verify_certificate2 (certificate_list[i - 1], - &certificate_list[i], 1, flags, diff --git a/SOURCES/gnutls-3.2.7-rpath.patch b/SOURCES/gnutls-3.2.7-rpath.patch new file mode 100644 index 0000000..4e6aed3 --- /dev/null +++ b/SOURCES/gnutls-3.2.7-rpath.patch @@ -0,0 +1,12 @@ +diff -ur gnutls-3.2.7.orig/configure gnutls-3.2.7/configure +--- gnutls-3.2.7.orig/configure 2013-11-23 11:09:49.000000000 +0100 ++++ gnutls-3.2.7/configure 2013-11-25 16:53:05.559440656 +0100 +@@ -39652,7 +39652,7 @@ + shlibpath_overrides_runpath=unknown + version_type=none + dynamic_linker="$host_os ld.so" +-sys_lib_dlsearch_path_spec="/lib /usr/lib" ++sys_lib_dlsearch_path_spec="/lib /usr/lib /lib64 /usr/lib64" + need_lib_prefix=unknown + hardcode_into_libs=no + diff --git a/SOURCES/gnutls-3.3.8-cve-2014-8564.patch b/SOURCES/gnutls-3.3.8-cve-2014-8564.patch new file mode 100644 index 0000000..ec045e0 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-cve-2014-8564.patch @@ -0,0 +1,42 @@ +>From 45401d6b4297f4ace2cbc2f476cf44d1f7d8dd45 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Fri, 31 Oct 2014 10:00:32 +0100 +Subject: [PATCH 1/2] when exporting curve coordinates to X9.63 format, perform + additional sanity checks on input + +Reported by Sean Burford. +--- + lib/gnutls_ecc.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/lib/gnutls_ecc.c b/lib/gnutls_ecc.c +index 847f0d2..aa6399b 100644 +--- a/lib/gnutls_ecc.c ++++ b/lib/gnutls_ecc.c +@@ -53,6 +53,11 @@ _gnutls_ecc_ansi_x963_export(gnutls_ecc_curve_t curve, bigint_t x, + + /* pad and store x */ + byte_size = (_gnutls_mpi_get_nbits(x) + 7) / 8; ++ if (numlen < byte_size) { ++ ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); ++ goto cleanup; ++ } ++ + size = out->size - (1 + (numlen - byte_size)); + ret = + _gnutls_mpi_print(x, &out->data[1 + (numlen - byte_size)], +@@ -63,6 +68,11 @@ _gnutls_ecc_ansi_x963_export(gnutls_ecc_curve_t curve, bigint_t x, + } + + byte_size = (_gnutls_mpi_get_nbits(y) + 7) / 8; ++ if (numlen < byte_size) { ++ ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); ++ goto cleanup; ++ } ++ + size = out->size - (1 + (numlen + numlen - byte_size)); + ret = + _gnutls_mpi_print(y, +-- +2.0.0 + diff --git a/SOURCES/gnutls-3.3.8-dh-fips-tests.patch b/SOURCES/gnutls-3.3.8-dh-fips-tests.patch new file mode 100644 index 0000000..be8f315 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-dh-fips-tests.patch @@ -0,0 +1,305 @@ +diff --git a/lib/gnutls_global.c b/lib/gnutls_global.c +index b9ca0cb..ac8a922 100644 +--- a/lib/gnutls_global.c ++++ b/lib/gnutls_global.c +@@ -297,6 +297,7 @@ int gnutls_global_init(void) + * res == not in fips140 mode + */ + if (res != 0) { ++ _gnutls_debug_log("FIPS140-2 mode: %d\n", res); + _gnutls_priority_update_fips(); + + /* first round of self checks, these are done on the +diff --git a/lib/libgnutls.map b/lib/libgnutls.map +index 5de541d..cbd62d7 100644 +--- a/lib/libgnutls.map ++++ b/lib/libgnutls.map +@@ -1043,6 +1043,10 @@ GNUTLS_FIPS140 { + _gnutls_prf_raw; + _gnutls_encode_ber_rs_raw; + _rsa_generate_fips186_4_keypair; ++ _gnutls_dh_compute_key; ++ _gnutls_dh_generate_key; ++ _gnutls_ecdh_generate_key; ++ _gnutls_ecdh_compute_key; + }; + + GNUTLS_PRIVATE { +diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c +index fbc3da1..1b61051 100644 +--- a/lib/nettle/pk.c ++++ b/lib/nettle/pk.c +@@ -844,7 +844,7 @@ wrap_nettle_pk_generate_params(gnutls_pk_algorithm_t algo, + #endif + + params->params_nr = 0; +- ++ + ret = _gnutls_mpi_init_multi(¶ms->params[DSA_P], ¶ms->params[DSA_Q], + ¶ms->params[DSA_G], NULL); + if (ret < 0) { +@@ -891,6 +891,249 @@ wrap_nettle_pk_generate_params(gnutls_pk_algorithm_t algo, + return ret; + } + ++#ifdef ENABLE_FIPS140 ++int _gnutls_dh_generate_key(gnutls_dh_params_t dh_params, ++ gnutls_datum_t *priv_key, gnutls_datum_t *pub_key); ++ ++int _gnutls_dh_compute_key(gnutls_dh_params_t dh_params, ++ const gnutls_datum_t *priv_key, const gnutls_datum_t *pub_key, ++ const gnutls_datum_t *peer_key, gnutls_datum_t *Z); ++ ++int _gnutls_ecdh_compute_key(gnutls_ecc_curve_t curve, ++ const gnutls_datum_t *x, const gnutls_datum_t *y, ++ const gnutls_datum_t *k, ++ const gnutls_datum_t *peer_x, const gnutls_datum_t *peer_y, ++ gnutls_datum_t *Z); ++ ++int _gnutls_ecdh_generate_key(gnutls_ecc_curve_t curve, ++ gnutls_datum_t *x, gnutls_datum_t *y, ++ gnutls_datum_t *k); ++ ++ ++int _gnutls_dh_generate_key(gnutls_dh_params_t dh_params, ++ gnutls_datum_t *priv_key, gnutls_datum_t *pub_key) ++{ ++ gnutls_pk_params_st params; ++ int ret; ++ ++ gnutls_pk_params_init(¶ms); ++ params.params[DH_P] = _gnutls_mpi_copy(dh_params->params[0]); ++ params.params[DH_G] = _gnutls_mpi_copy(dh_params->params[1]); ++ ++ params.params_nr = 3; /* include empty q */ ++ params.algo = GNUTLS_PK_DH; ++ ++ priv_key->data = NULL; ++ pub_key->data = NULL; ++ ++ ret = _gnutls_pk_generate_keys(GNUTLS_PK_DH, 0, ¶ms); ++ if (ret < 0) { ++ return gnutls_assert_val(ret); ++ } ++ ++ ret = ++ _gnutls_mpi_dprint_lz(params.params[DH_X], priv_key); ++ if (ret < 0) { ++ gnutls_assert(); ++ goto fail; ++ } ++ ++ ret = ++ _gnutls_mpi_dprint_lz(params.params[DH_Y], pub_key); ++ if (ret < 0) { ++ gnutls_assert(); ++ goto fail; ++ } ++ ++ ret = 0; ++ goto cleanup; ++ fail: ++ gnutls_free(pub_key->data); ++ gnutls_free(priv_key->data); ++ cleanup: ++ gnutls_pk_params_clear(¶ms); ++ return ret; ++} ++ ++int _gnutls_dh_compute_key(gnutls_dh_params_t dh_params, ++ const gnutls_datum_t *priv_key, const gnutls_datum_t *pub_key, ++ const gnutls_datum_t *peer_key, gnutls_datum_t *Z) ++{ ++ gnutls_pk_params_st pub, priv; ++ int ret; ++ ++ gnutls_pk_params_init(&pub); ++ gnutls_pk_params_init(&priv); ++ pub.algo = GNUTLS_PK_DH; ++ ++ if (_gnutls_mpi_init_scan_nz ++ (&pub.params[DH_Y], peer_key->data, ++ peer_key->size) != 0) { ++ ret = ++ gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto cleanup; ++ } ++ ++ priv.params[DH_P] = _gnutls_mpi_copy(dh_params->params[0]); ++ priv.params[DH_G] = _gnutls_mpi_copy(dh_params->params[1]); ++ ++ if (_gnutls_mpi_init_scan_nz ++ (&priv.params[DH_X], priv_key->data, ++ priv_key->size) != 0) { ++ ret = ++ gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto cleanup; ++ } ++ ++ priv.params_nr = 3; /* include empty q */ ++ priv.algo = GNUTLS_PK_DH; ++ ++ Z->data = NULL; ++ ++ ret = _gnutls_pk_derive(GNUTLS_PK_DH, Z, &priv, &pub); ++ if (ret < 0) { ++ gnutls_assert(); ++ goto cleanup; ++ } ++ ++ ret = 0; ++ cleanup: ++ gnutls_pk_params_clear(&pub); ++ gnutls_pk_params_clear(&priv); ++ return ret; ++} ++ ++int _gnutls_ecdh_generate_key(gnutls_ecc_curve_t curve, ++ gnutls_datum_t *x, gnutls_datum_t *y, ++ gnutls_datum_t *k) ++{ ++ gnutls_pk_params_st params; ++ int ret; ++ ++ gnutls_pk_params_init(¶ms); ++ params.flags = curve; ++ params.algo = GNUTLS_PK_EC; ++ ++ x->data = NULL; ++ y->data = NULL; ++ k->data = NULL; ++ ++ ret = _gnutls_pk_generate_keys(GNUTLS_PK_EC, curve, ¶ms); ++ if (ret < 0) { ++ return gnutls_assert_val(ret); ++ } ++ ++ ret = ++ _gnutls_mpi_dprint_lz(params.params[ECC_X], x); ++ if (ret < 0) { ++ gnutls_assert(); ++ goto fail; ++ } ++ ++ ret = ++ _gnutls_mpi_dprint_lz(params.params[ECC_Y], y); ++ if (ret < 0) { ++ gnutls_assert(); ++ goto fail; ++ } ++ ++ ret = ++ _gnutls_mpi_dprint_lz(params.params[ECC_K], k); ++ if (ret < 0) { ++ gnutls_assert(); ++ goto fail; ++ } ++ ++ ret = 0; ++ goto cleanup; ++ fail: ++ gnutls_free(y->data); ++ gnutls_free(x->data); ++ gnutls_free(k->data); ++ cleanup: ++ gnutls_pk_params_clear(¶ms); ++ return ret; ++} ++ ++int _gnutls_ecdh_compute_key(gnutls_ecc_curve_t curve, ++ const gnutls_datum_t *x, const gnutls_datum_t *y, ++ const gnutls_datum_t *k, ++ const gnutls_datum_t *peer_x, const gnutls_datum_t *peer_y, ++ gnutls_datum_t *Z) ++{ ++ gnutls_pk_params_st pub, priv; ++ int ret; ++ ++ gnutls_pk_params_init(&pub); ++ gnutls_pk_params_init(&priv); ++ ++ pub.algo = GNUTLS_PK_EC; ++ pub.flags = curve; ++ ++ if (_gnutls_mpi_init_scan_nz ++ (&pub.params[ECC_Y], peer_y->data, ++ peer_y->size) != 0) { ++ ret = ++ gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto cleanup; ++ } ++ ++ if (_gnutls_mpi_init_scan_nz ++ (&pub.params[ECC_X], peer_x->data, ++ peer_x->size) != 0) { ++ ret = ++ gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto cleanup; ++ } ++ ++ priv.params_nr = 2; ++ ++ if (_gnutls_mpi_init_scan_nz ++ (&priv.params[ECC_Y], y->data, ++ y->size) != 0) { ++ ret = ++ gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto cleanup; ++ } ++ ++ if (_gnutls_mpi_init_scan_nz ++ (&priv.params[ECC_X], x->data, ++ x->size) != 0) { ++ ret = ++ gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto cleanup; ++ } ++ ++ if (_gnutls_mpi_init_scan_nz ++ (&priv.params[ECC_K], k->data, ++ k->size) != 0) { ++ ret = ++ gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); ++ goto cleanup; ++ } ++ ++ ++ priv.params_nr = 3; ++ priv.algo = GNUTLS_PK_EC; ++ priv.flags = curve; ++ ++ Z->data = NULL; ++ ++ ret = _gnutls_pk_derive(GNUTLS_PK_EC, Z, &priv, &pub); ++ if (ret < 0) { ++ gnutls_assert(); ++ goto cleanup; ++ } ++ ++ ret = 0; ++ cleanup: ++ gnutls_pk_params_clear(&pub); ++ gnutls_pk_params_clear(&priv); ++ return ret; ++} ++#endif ++ ++ + /* To generate a DH key either q must be set in the params or + * level should be set to the number of required bits. + */ +@@ -1398,12 +1641,12 @@ static int calc_rsa_exp(gnutls_pk_params_st * params) + { + bigint_t tmp; + int ret; +- ++ + if (params->params_nr < RSA_PRIVATE_PARAMS - 2) { + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } +- ++ + params->params[6] = params->params[7] = NULL; + + ret = _gnutls_mpi_init_multi(&tmp, ¶ms->params[6], ¶ms->params[7], NULL); diff --git a/SOURCES/gnutls-3.3.8-dh-fips-tests2.patch b/SOURCES/gnutls-3.3.8-dh-fips-tests2.patch new file mode 100644 index 0000000..4cb3df7 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-dh-fips-tests2.patch @@ -0,0 +1,13 @@ +diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c +index 0653fcc..66815f0 100644 +--- a/lib/nettle/pk.c ++++ b/lib/nettle/pk.c +@@ -929,7 +929,7 @@ int _gnutls_dh_generate_key(gnutls_dh_params_t dh_params, + priv_key->data = NULL; + pub_key->data = NULL; + +- ret = _gnutls_pk_generate_keys(GNUTLS_PK_DH, 0, ¶ms); ++ ret = _gnutls_pk_generate_keys(GNUTLS_PK_DH, dh_params->q_bits, ¶ms); + if (ret < 0) { + return gnutls_assert_val(ret); + } diff --git a/SOURCES/gnutls-3.3.8-drbg-fips-symbol.patch b/SOURCES/gnutls-3.3.8-drbg-fips-symbol.patch new file mode 100644 index 0000000..855c57f --- /dev/null +++ b/SOURCES/gnutls-3.3.8-drbg-fips-symbol.patch @@ -0,0 +1,13 @@ +diff --git a/lib/libgnutls.map b/lib/libgnutls.map +index cbd62d7..6e56004 100644 +--- a/lib/libgnutls.map ++++ b/lib/libgnutls.map +@@ -1032,7 +1032,7 @@ GNUTLS_FIPS140 { + gnutls_mac_self_test; + gnutls_digest_self_test; + #for FIPS140-2 validation +- rbg_aes_reseed; ++ drbg_aes_reseed; + drbg_aes_init; + drbg_aes_generate; + _dsa_generate_dss_pq; diff --git a/SOURCES/gnutls-3.3.8-fips-key.patch b/SOURCES/gnutls-3.3.8-fips-key.patch new file mode 100644 index 0000000..b83aee9 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-fips-key.patch @@ -0,0 +1,12 @@ +diff -ur gnutls-3.3.8b1.orig/lib/fips.c gnutls-3.3.8b1/lib/fips.c +--- gnutls-3.3.8b1.orig/lib/fips.c 2014-09-03 16:53:13.000000000 +0200 ++++ gnutls-3.3.8b1/lib/fips.c 2014-09-04 17:11:26.825733730 +0200 +@@ -97,7 +97,7 @@ + #define HOGWEED_LIBRARY_NAME "libhogweed.so.2" + #define GMP_LIBRARY_NAME "libgmp.so.10" + +-static const char fips_key[] = "I'd rather be skiing"; ++static const char fips_key[] = "orboDeJITITejsirpADONivirpUkvarP"; + + #define HMAC_SUFFIX ".hmac" + #define HMAC_SIZE 32 diff --git a/SOURCES/gnutls-3.3.8-fips-rnd-regr.patch b/SOURCES/gnutls-3.3.8-fips-rnd-regr.patch new file mode 100644 index 0000000..a9b8850 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-fips-rnd-regr.patch @@ -0,0 +1,16 @@ +diff --git a/lib/random.h b/lib/random.h +index 370a2f9..59e3f3c 100644 +--- a/lib/random.h ++++ b/lib/random.h +@@ -50,7 +50,10 @@ int _gnutls_rnd_init(void); + + inline static int _gnutls_rnd_check(void) + { +- return _gnutls_rnd_ops.check(gnutls_rnd_ctx); ++ if (_gnutls_rnd_ops.check) ++ return _gnutls_rnd_ops.check(gnutls_rnd_ctx); ++ else ++ return 0; + } + + #ifndef _WIN32 diff --git a/SOURCES/gnutls-3.3.8-fips140-dsa1024.patch b/SOURCES/gnutls-3.3.8-fips140-dsa1024.patch new file mode 100644 index 0000000..656e34f --- /dev/null +++ b/SOURCES/gnutls-3.3.8-fips140-dsa1024.patch @@ -0,0 +1,71 @@ +diff --git a/lib/nettle/int/dsa-fips.h b/lib/nettle/int/dsa-fips.h +index 08fac25..82d545e 100644 +--- a/lib/nettle/int/dsa-fips.h ++++ b/lib/nettle/int/dsa-fips.h +@@ -80,7 +80,7 @@ int + _dsa_validate_dss_g(struct dsa_public_key *pub, + unsigned domain_seed_size, const uint8_t *domain_seed, unsigned index); + +-unsigned _dsa_check_qp_sizes(unsigned q_bits, unsigned p_bits); ++unsigned _dsa_check_qp_sizes(unsigned q_bits, unsigned p_bits, unsigned generate); + + /* The following low-level functions can be used for DH key exchange as well + */ +diff --git a/lib/nettle/int/dsa-keygen-fips186.c b/lib/nettle/int/dsa-keygen-fips186.c +index 2712ddb..1ac9441 100644 +--- a/lib/nettle/int/dsa-keygen-fips186.c ++++ b/lib/nettle/int/dsa-keygen-fips186.c +@@ -36,11 +36,11 @@ + + #include + +-unsigned _dsa_check_qp_sizes(unsigned q_bits, unsigned p_bits) ++unsigned _dsa_check_qp_sizes(unsigned q_bits, unsigned p_bits, unsigned generate) + { + switch (q_bits) { + case 160: +- if (_gnutls_fips_mode_enabled() != 0) ++ if (_gnutls_fips_mode_enabled() != 0 && generate != 0) + return 0; + + if (p_bits != 1024) +@@ -77,7 +77,7 @@ _dsa_generate_dss_pq(struct dsa_public_key *pub, + uint8_t *storage = NULL; + unsigned storage_length = 0; + +- ret = _dsa_check_qp_sizes(q_bits, p_bits); ++ ret = _dsa_check_qp_sizes(q_bits, p_bits, 1); + if (ret == 0) { + return 0; + } +@@ -375,7 +375,7 @@ dsa_generate_dss_pqg(struct dsa_public_key *pub, + uint8_t domain_seed[MAX_PVP_SEED_SIZE*3]; + unsigned domain_seed_size = 0; + +- ret = _dsa_check_qp_sizes(q_bits, p_bits); ++ ret = _dsa_check_qp_sizes(q_bits, p_bits, 1); + if (ret == 0) + return 0; + +diff --git a/lib/nettle/int/dsa-validate.c b/lib/nettle/int/dsa-validate.c +index 3f55755..daa39da 100644 +--- a/lib/nettle/int/dsa-validate.c ++++ b/lib/nettle/int/dsa-validate.c +@@ -83,7 +83,7 @@ _dsa_validate_dss_g(struct dsa_public_key *pub, + p_bits = mpz_sizeinbase(pub->p, 2); + q_bits = mpz_sizeinbase(pub->q, 2); + +- ret = _dsa_check_qp_sizes(q_bits, p_bits); ++ ret = _dsa_check_qp_sizes(q_bits, p_bits, 0); + if (ret == 0) { + return 0; + } +@@ -151,7 +151,7 @@ _dsa_validate_dss_pq(struct dsa_public_key *pub, + p_bits = mpz_sizeinbase(pub->p, 2); + q_bits = mpz_sizeinbase(pub->q, 2); + +- ret = _dsa_check_qp_sizes(q_bits, p_bits); ++ ret = _dsa_check_qp_sizes(q_bits, p_bits, 0); + if (ret == 0) { + return 0; + } diff --git a/SOURCES/gnutls-3.3.8-fips140-rsa.patch b/SOURCES/gnutls-3.3.8-fips140-rsa.patch new file mode 100644 index 0000000..b456b6f --- /dev/null +++ b/SOURCES/gnutls-3.3.8-fips140-rsa.patch @@ -0,0 +1,178 @@ +From c25a14ab6ce15d18338a7499e5849225aea03a7d Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Tue, 14 Oct 2014 13:57:33 +0200 +Subject: [PATCH] FIPS140-2 RSA key generation changes to account for seed + starting with null byte + +--- + lib/nettle/int/dsa-fips.h | 2 ++ + lib/nettle/int/provable-prime.c | 25 ++++++++++++++++++------- + lib/nettle/int/rsa-keygen-fips186.c | 33 ++++++++++++++++++++------------- + 3 files changed, 40 insertions(+), 20 deletions(-) + +diff --git a/lib/nettle/int/dsa-fips.h b/lib/nettle/int/dsa-fips.h +index 571bc0a..08fac25 100644 +--- a/lib/nettle/int/dsa-fips.h ++++ b/lib/nettle/int/dsa-fips.h +@@ -115,4 +115,6 @@ hash (uint8_t digest[DIGEST_SIZE], unsigned length, void *data) + return; + } + ++unsigned mpz_seed_sizeinbase_256_u(mpz_t s, unsigned nominal); ++ + #endif /* DSA_FIPS_H_INCLUDED */ +diff --git a/lib/nettle/int/provable-prime.c b/lib/nettle/int/provable-prime.c +index 3bb46aa..e4a4325 100644 +--- a/lib/nettle/int/provable-prime.c ++++ b/lib/nettle/int/provable-prime.c +@@ -992,6 +992,18 @@ static unsigned small_prime_check(unsigned x) + return 1; + } + ++/* The seed in FIPS186-3 is used either as an integer or blob, ++ * but when used as an integer it must not be trunacated below ++ * the "nominal" seed size. This function returns the size ++ * that way. */ ++unsigned mpz_seed_sizeinbase_256_u(mpz_t s, unsigned nominal) ++{ ++ unsigned ret = nettle_mpz_sizeinbase_256_u(s); ++ if (ret < nominal) ++ return nominal; ++ return ret; ++} ++ + static int st_provable_prime_small(mpz_t p, + unsigned *prime_seed_length, + void *prime_seed, +@@ -1018,7 +1030,7 @@ static int st_provable_prime_small(mpz_t p, + nettle_mpz_set_str_256_u(s, seed_length, seed); + + retry: +- tseed_length = nettle_mpz_sizeinbase_256_u(s); ++ tseed_length = mpz_seed_sizeinbase_256_u(s, seed_length); + if (tseed_length > sizeof(tseed)) { + goto fail; + } +@@ -1030,7 +1042,7 @@ static int st_provable_prime_small(mpz_t p, + + mpz_add_ui(s, s, 1); + +- tseed_length = nettle_mpz_sizeinbase_256_u(s); ++ tseed_length = mpz_seed_sizeinbase_256_u(s, seed_length); + if (tseed_length > sizeof(tseed)) + goto fail; + +@@ -1071,7 +1083,7 @@ static int st_provable_prime_small(mpz_t p, + mpz_set_ui(p, c); + + if (prime_seed != NULL) { +- tseed_length = nettle_mpz_sizeinbase_256_u(s); ++ tseed_length = mpz_seed_sizeinbase_256_u(s, tseed_length); + if (*prime_seed_length < tseed_length) + goto fail; + +@@ -1161,7 +1173,7 @@ st_provable_prime(mpz_t p, + goto fail; + + for (i = 0; i < iterations; i++) { +- tseed_length = nettle_mpz_sizeinbase_256_u(s); ++ tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length); + if (tseed_length > sizeof(tseed)) + goto fail; + nettle_mpz_get_str_256(tseed_length, tseed, s); +@@ -1212,9 +1224,8 @@ st_provable_prime(mpz_t p, + + mpz_set_ui(r, 0); /* a = 0 */ + if (iterations > 0) { +- + for (i = 0; i < iterations; i++) { +- tseed_length = nettle_mpz_sizeinbase_256_u(s); ++ tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length); + if (tseed_length > sizeof(tseed)) + goto fail; + +@@ -1249,7 +1260,7 @@ st_provable_prime(mpz_t p, + mpz_set(p, c); + + if (prime_seed != NULL) { +- tseed_length = nettle_mpz_sizeinbase_256_u(s); ++ tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length); + if (*prime_seed_length < tseed_length) + goto fail; + +diff --git a/lib/nettle/int/rsa-keygen-fips186.c b/lib/nettle/int/rsa-keygen-fips186.c +index 754842a..624aa36 100644 +--- a/lib/nettle/int/rsa-keygen-fips186.c ++++ b/lib/nettle/int/rsa-keygen-fips186.c +@@ -53,7 +53,7 @@ unsigned iterations; + unsigned storage_length = 0, i; + uint8_t *storage = NULL; + uint8_t pseed[MAX_PVP_SEED_SIZE+1]; +-unsigned pseed_length = sizeof(pseed); ++unsigned pseed_length = sizeof(pseed), tseed_length; + unsigned max = bits*5; + + mpz_init(p0); +@@ -85,11 +85,13 @@ unsigned max = bits*5; + + nettle_mpz_set_str_256_u(s, pseed_length, pseed); + for (i = 0; i < iterations; i++) { +- pseed_length = nettle_mpz_sizeinbase_256_u(s); +- nettle_mpz_get_str_256(pseed_length, pseed, s); ++ tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length); ++ if (tseed_length > sizeof(pseed)) ++ goto fail; ++ nettle_mpz_get_str_256(tseed_length, pseed, s); + + hash(&storage[(iterations - i - 1) * DIGEST_SIZE], +- pseed_length, pseed); ++ tseed_length, pseed); + mpz_add_ui(s, s, 1); + } + +@@ -170,11 +172,13 @@ unsigned max = bits*5; + mpz_set_ui(x, 0); /* a = 0 */ + if (iterations > 0) { + for (i = 0; i < iterations; i++) { +- pseed_length = nettle_mpz_sizeinbase_256_u(s); +- nettle_mpz_get_str_256(pseed_length, pseed, s); ++ tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length); ++ if (tseed_length > sizeof(pseed)) ++ goto fail; ++ nettle_mpz_get_str_256(tseed_length, pseed, s); + + hash(&storage[(iterations - i - 1) * DIGEST_SIZE], +- pseed_length, pseed); ++ tseed_length, pseed); + mpz_add_ui(s, s, 1); + } + +@@ -203,16 +207,19 @@ unsigned max = bits*5; + mpz_powm(r1, r2, p0, p); + if (mpz_cmp_ui(r1, 1) == 0) { + if (prime_seed_length != NULL) { +- pseed_length = nettle_mpz_sizeinbase_256_u(s); +- nettle_mpz_get_str_256(pseed_length, pseed, s); ++ tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length); ++ if (tseed_length > sizeof(pseed)) ++ goto fail; ++ ++ nettle_mpz_get_str_256(tseed_length, pseed, s); + +- if (*prime_seed_length < pseed_length) { +- *prime_seed_length = pseed_length; ++ if (*prime_seed_length < tseed_length) { ++ *prime_seed_length = tseed_length; + goto fail; + } +- *prime_seed_length = pseed_length; ++ *prime_seed_length = tseed_length; + if (prime_seed != NULL) +- memcpy(prime_seed, pseed, pseed_length); ++ memcpy(prime_seed, pseed, tseed_length); + } + ret = 1; + goto cleanup; +-- +1.9.3 + diff --git a/SOURCES/gnutls-3.3.8-handshake-reset.patch b/SOURCES/gnutls-3.3.8-handshake-reset.patch new file mode 100644 index 0000000..1ad4e15 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-handshake-reset.patch @@ -0,0 +1,62 @@ +diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c +index 53f1ef1..759c67e 100644 +--- a/lib/gnutls_handshake.c ++++ b/lib/gnutls_handshake.c +@@ -2491,7 +2491,8 @@ static int _gnutls_recv_supplemental(gnutls_session_t session) + * full handshake will be performed. + * + * The non-fatal errors expected by this function are: +- * %GNUTLS_E_INTERRUPTED, %GNUTLS_E_AGAIN, and %GNUTLS_E_WARNING_ALERT_RECEIVED. ++ * %GNUTLS_E_INTERRUPTED, %GNUTLS_E_AGAIN, ++ * %GNUTLS_E_LARGE_PACKET and %GNUTLS_E_WARNING_ALERT_RECEIVED. + * The former two interrupt the handshake procedure due to the lower + * layer being interrupted, and the latter because of an alert that + * may be sent by a server (it is always a good idea to check any +@@ -2600,12 +2601,15 @@ gnutls_handshake_set_timeout(gnutls_session_t session, unsigned int ms) + #define IMED_RET( str, ret, allow_alert) do { \ + if (ret < 0) { \ + /* EAGAIN and INTERRUPTED are always non-fatal */ \ +- if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) \ ++ if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_LARGE_PACKET) \ + return ret; \ + /* a warning alert might interrupt handshake */ \ + if (allow_alert != 0 && ret==GNUTLS_E_WARNING_ALERT_RECEIVED) return ret; \ + gnutls_assert(); \ + ERR( str, ret); \ ++ /* do not allow non-fatal errors at this point */ \ ++ if (gnutls_error_is_fatal(ret) == 0) ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); \ ++ session_invalidate(session); \ + _gnutls_handshake_hash_buffers_clear(session); \ + return ret; \ + } } while (0) +diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c +index e2a492d..157d12a 100644 +--- a/lib/gnutls_record.c ++++ b/lib/gnutls_record.c +@@ -349,12 +349,6 @@ int gnutls_bye(gnutls_session_t session, gnutls_close_request_t how) + return 0; + } + +-inline static void session_invalidate(gnutls_session_t session) +-{ +- session->internals.invalid_connection = 1; +-} +- +- + inline static void session_unresumable(gnutls_session_t session) + { + session->internals.resumable = RESUME_FALSE; +diff --git a/lib/gnutls_record.h b/lib/gnutls_record.h +index 50ff08d..cb0320c 100644 +--- a/lib/gnutls_record.h ++++ b/lib/gnutls_record.h +@@ -101,4 +101,9 @@ unsigned int get_total_headers2(gnutls_session_t session, record_parameters_st * + return total + _gnutls_cipher_get_explicit_iv_size(params->cipher); + } + ++inline static void session_invalidate(gnutls_session_t session) ++{ ++ session->internals.invalid_connection = 1; ++} ++ + #endif diff --git a/SOURCES/gnutls-3.3.8-handshake-reset2.patch b/SOURCES/gnutls-3.3.8-handshake-reset2.patch new file mode 100644 index 0000000..3572b77 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-handshake-reset2.patch @@ -0,0 +1,58 @@ +From 42a8bb3bdad73f13425ae18a41addbbc04496101 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Thu, 25 Sep 2014 12:00:39 +0200 +Subject: [PATCH] protect DTLS clients that don't handle GNUTLS_E_LARGE_PACKET from an infinite loop on handshake + +--- + lib/gnutls_handshake.c | 6 +++++- + lib/gnutls_int.h | 3 +++ + lib/gnutls_state.c | 1 + + 3 files changed, 9 insertions(+), 1 deletions(-) + +diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c +index 759c67e..8b73267 100644 +--- a/lib/gnutls_handshake.c ++++ b/lib/gnutls_handshake.c +@@ -2601,8 +2601,12 @@ gnutls_handshake_set_timeout(gnutls_session_t session, unsigned int ms) + #define IMED_RET( str, ret, allow_alert) do { \ + if (ret < 0) { \ + /* EAGAIN and INTERRUPTED are always non-fatal */ \ +- if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_LARGE_PACKET) \ ++ if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) \ + return ret; \ ++ if (ret == GNUTLS_E_LARGE_PACKET && session->internals.handshake_large_loops < 16) { \ ++ session->internals.handshake_large_loops++; \ ++ return ret; \ ++ } \ + /* a warning alert might interrupt handshake */ \ + if (allow_alert != 0 && ret==GNUTLS_E_WARNING_ALERT_RECEIVED) return ret; \ + gnutls_assert(); \ +diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h +index 58ffdf1..deca5fe 100644 +--- a/lib/gnutls_int.h ++++ b/lib/gnutls_int.h +@@ -961,6 +961,9 @@ typedef struct { + + /* DTLS session state */ + dtls_st dtls; ++ /* In case of clients that don't handle GNUTLS_E_LARGE_PACKET, don't ++ * force them into an infinite loop */ ++ unsigned handshake_large_loops; + + /* if set it means that the master key was set using + * gnutls_session_set_master() rather than being negotiated. */ +diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c +index 121ad5c..6165531 100644 +--- a/lib/gnutls_state.c ++++ b/lib/gnutls_state.c +@@ -261,6 +261,7 @@ static void _gnutls_handshake_internal_state_init(gnutls_session_t session) + + session->internals.resumable = RESUME_TRUE; + ++ session->internals.handshake_large_loops = 0; + session->internals.dtls.hsk_read_seq = 0; + session->internals.dtls.hsk_write_seq = 0; + } +-- +1.7.1 + diff --git a/SOURCES/gnutls-3.3.8-handshake-reset3.patch b/SOURCES/gnutls-3.3.8-handshake-reset3.patch new file mode 100644 index 0000000..0f9b0d5 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-handshake-reset3.patch @@ -0,0 +1,42 @@ +From 01049f9c00f0a903d4923a054769ef9f2187bd21 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Fri, 21 Nov 2014 20:18:08 +0100 +Subject: [PATCH] treat GNUTLS_E_GOT_APPLICATION_DATA as non-fatal if initial + negotiation is complete + +This corrects a regression introduced in b5a0de2e6da98866cafb770c3141b7353d030ab2 +Reported by Dan Winship. https://savannah.gnu.org/support/?108690 +--- + lib/gnutls_handshake.c | 11 ++++++++--- + lib/gnutls_record.c | 2 +- + 2 files changed, 9 insertions(+), 4 deletions(-) + +diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c +index 40d399c..e904f2e 100644 +--- a/lib/gnutls_handshake.c ++++ b/lib/gnutls_handshake.c +@@ -2607,6 +2610,8 @@ gnutls_handshake_set_timeout(gnutls_session_t session, unsigned int ms) + /* EAGAIN and INTERRUPTED are always non-fatal */ \ + if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) \ + return ret; \ ++ if (ret == GNUTLS_E_GOT_APPLICATION_DATA && session->internals.initial_negotiation_completed != 0) \ ++ return ret; \ + if (ret == GNUTLS_E_LARGE_PACKET && session->internals.handshake_large_loops < 16) { \ + session->internals.handshake_large_loops++; \ + return ret; \ +diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c +index 157d12a..40c20fe 100644 +--- a/lib/gnutls_record.c ++++ b/lib/gnutls_record.c +@@ -837,7 +837,7 @@ record_add_to_buffers(gnutls_session_t session, + * reasons). Otherwise it is an unexpected packet + */ + if (type == GNUTLS_ALERT +- || (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO ++ || ((htype == GNUTLS_HANDSHAKE_SERVER_HELLO || htype == GNUTLS_HANDSHAKE_CLIENT_HELLO) + && type == GNUTLS_HANDSHAKE)) { + /* even if data is unexpected put it into the buffer */ + _gnutls_record_buffer_put(session, recv->type, +-- +2.1.0 + diff --git a/SOURCES/gnutls-3.3.8-keygen-fix.patch b/SOURCES/gnutls-3.3.8-keygen-fix.patch new file mode 100644 index 0000000..275fa6c --- /dev/null +++ b/SOURCES/gnutls-3.3.8-keygen-fix.patch @@ -0,0 +1,127 @@ +diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c +index 9017421..ad2b965 100644 +--- a/lib/nettle/pk.c ++++ b/lib/nettle/pk.c +@@ -798,50 +798,53 @@ wrap_nettle_pk_generate_params(gnutls_pk_algorithm_t algo, + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + + #ifdef ENABLE_FIPS140 +- if (algo==GNUTLS_PK_DSA) +- index = 1; +- else +- index = 2; ++ if (_gnutls_fips_mode_enabled() != 0) { ++ if (algo==GNUTLS_PK_DSA) ++ index = 1; ++ else ++ index = 2; + +- ret = +- dsa_generate_dss_pqg(&pub, &cert, ++ ret = ++ dsa_generate_dss_pqg(&pub, &cert, + index, + NULL, rnd_func, + NULL, NULL, + level, q_bits); +- if (ret != 1) { +- gnutls_assert(); +- ret = GNUTLS_E_PK_GENERATION_ERROR; +- goto dsa_fail; +- } ++ if (ret != 1) { ++ gnutls_assert(); ++ ret = GNUTLS_E_PK_GENERATION_ERROR; ++ goto dsa_fail; ++ } + +- /* verify the generated parameters */ +- ret = dsa_validate_dss_pqg(&pub, &cert, index); +- if (ret != 1) { +- gnutls_assert(); +- ret = GNUTLS_E_PK_GENERATION_ERROR; +- goto dsa_fail; +- } +-#else +- /* unfortunately nettle only accepts 160 or 256 +- * q_bits size. The check below makes sure we handle +- * cases in between by rounding up, but fail when +- * larger numbers are requested. */ +- if (q_bits < 160) +- q_bits = 160; +- else if (q_bits > 160 && q_bits <= 256) +- q_bits = 256; +- ret = +- dsa_generate_keypair(&pub, &priv, ++ /* verify the generated parameters */ ++ ret = dsa_validate_dss_pqg(&pub, &cert, index); ++ if (ret != 1) { ++ gnutls_assert(); ++ ret = GNUTLS_E_PK_GENERATION_ERROR; ++ goto dsa_fail; ++ } ++ } else ++#endif ++ { ++ /* unfortunately nettle only accepts 160 or 256 ++ * q_bits size. The check below makes sure we handle ++ * cases in between by rounding up, but fail when ++ * larger numbers are requested. */ ++ if (q_bits < 160) ++ q_bits = 160; ++ else if (q_bits > 160 && q_bits <= 256) ++ q_bits = 256; ++ ret = ++ dsa_generate_keypair(&pub, &priv, + NULL, rnd_func, + NULL, NULL, + level, q_bits); +- if (ret != 1) { +- gnutls_assert(); +- ret = GNUTLS_E_PK_GENERATION_ERROR; +- goto dsa_fail; ++ if (ret != 1) { ++ gnutls_assert(); ++ ret = GNUTLS_E_PK_GENERATION_ERROR; ++ goto dsa_fail; ++ } + } +-#endif + + params->params_nr = 0; + +@@ -1148,7 +1151,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, + switch (algo) { + case GNUTLS_PK_DSA: + #ifdef ENABLE_FIPS140 +- { ++ if (_gnutls_fips_mode_enabled() != 0) { + struct dsa_public_key pub; + struct dsa_private_key priv; + +@@ -1272,17 +1275,18 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, + rsa_private_key_init(&priv); + + mpz_set_ui(pub.e, 65537); +-#ifdef ENABLE_FIPS140 +- ret = +- rsa_generate_fips186_4_keypair(&pub, &priv, NULL, ++ ++ if (_gnutls_fips_mode_enabled() != 0) { ++ ret = ++ rsa_generate_fips186_4_keypair(&pub, &priv, NULL, + rnd_func, NULL, NULL, + level); +-#else +- ret = +- rsa_generate_keypair(&pub, &priv, NULL, ++ } else { ++ ret = ++ rsa_generate_keypair(&pub, &priv, NULL, + rnd_func, NULL, NULL, + level, 0); +-#endif ++ } + if (ret != 1) { + gnutls_assert(); + ret = GNUTLS_E_PK_GENERATION_ERROR; diff --git a/SOURCES/gnutls-3.3.8-lcm-fips.patch b/SOURCES/gnutls-3.3.8-lcm-fips.patch new file mode 100644 index 0000000..6d79390 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-lcm-fips.patch @@ -0,0 +1,47 @@ +diff --git a/lib/nettle/int/rsa-keygen-fips186.c b/lib/nettle/int/rsa-keygen-fips186.c +index 8d2a2b8..754842a 100644 +--- a/lib/nettle/int/rsa-keygen-fips186.c ++++ b/lib/nettle/int/rsa-keygen-fips186.c +@@ -256,7 +256,7 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub, + /* Desired size of modulo, in bits */ + unsigned n_size) + { +- mpz_t t, r, p1, q1, phi; ++ mpz_t t, r, p1, q1, lcm; + int ret; + struct dss_params_validation_seeds cert; + unsigned l = n_size / 2; +@@ -281,7 +281,7 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub, + + mpz_init(p1); + mpz_init(q1); +- mpz_init(phi); ++ mpz_init(lcm); + mpz_init(t); + mpz_init(r); + +@@ -337,9 +337,13 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub, + + mpz_sub_ui(p1, key->p, 1); + mpz_sub_ui(q1, key->q, 1); +- mpz_mul(phi, p1, q1); + +- assert(mpz_invert(key->d, pub->e, phi) != 0); ++ mpz_lcm(lcm, p1, q1); ++ ++ if (mpz_invert(key->d, pub->e, lcm) == 0) { ++ ret = 0; ++ goto cleanup; ++ } + + /* Done! Almost, we must compute the auxillary private values. */ + /* a = d % (p-1) */ +@@ -357,7 +361,7 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub, + cleanup: + mpz_clear(p1); + mpz_clear(q1); +- mpz_clear(phi); ++ mpz_clear(lcm); + mpz_clear(t); + mpz_clear(r); + return ret; diff --git a/SOURCES/gnutls-3.3.8-mem-issue.patch b/SOURCES/gnutls-3.3.8-mem-issue.patch new file mode 100644 index 0000000..58f9943 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-mem-issue.patch @@ -0,0 +1,95 @@ +diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c +index b102f4d..a4921f9 100644 +--- a/lib/gnutls_x509.c ++++ b/lib/gnutls_x509.c +@@ -697,11 +697,11 @@ static int + read_cert_url(gnutls_certificate_credentials_t res, const char *url) + { + int ret; +- gnutls_x509_crt_t crt; ++ gnutls_x509_crt_t crt = NULL; + gnutls_pcert_st *ccert; + gnutls_str_array_t names; + gnutls_datum_t t = {NULL, 0}; +- unsigned i; ++ unsigned i, count = 0; + + _gnutls_str_array_init(&names); + +@@ -729,13 +729,13 @@ read_cert_url(gnutls_certificate_credentials_t res, const char *url) + + if (ret < 0) { + gnutls_assert(); +- goto cleanup1; ++ goto cleanup; + } + + ret = get_x509_name(crt, &names); + if (ret < 0) { + gnutls_assert(); +- goto cleanup1; ++ goto cleanup; + } + + /* Try to load the whole certificate chain from the PKCS #11 token */ +@@ -747,17 +747,18 @@ read_cert_url(gnutls_certificate_credentials_t res, const char *url) + } + + ret = gnutls_pcert_import_x509(&ccert[i], crt, 0); +- gnutls_x509_crt_deinit(crt); +- + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } ++ count++; + + ret = gnutls_pkcs11_get_raw_issuer(url, crt, &t, GNUTLS_X509_FMT_DER, 0); + if (ret < 0) + break; +- ++ ++ gnutls_x509_crt_deinit(crt); ++ crt = NULL; + ret = gnutls_x509_crt_init(&crt); + if (ret < 0) { + gnutls_assert(); +@@ -767,23 +768,25 @@ read_cert_url(gnutls_certificate_credentials_t res, const char *url) + ret = gnutls_x509_crt_import(crt, &t, GNUTLS_X509_FMT_DER); + if (ret < 0) { + gnutls_assert(); +- goto cleanup1; ++ goto cleanup; + } + gnutls_free(t.data); + t.data = NULL; + } + +- ret = certificate_credential_append_crt_list(res, names, ccert, i+1); ++ ret = certificate_credential_append_crt_list(res, names, ccert, count); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + +- return 0; +-cleanup1: +- gnutls_x509_crt_deinit(crt); ++ if (crt != NULL) ++ gnutls_x509_crt_deinit(crt); + ++ return 0; + cleanup: ++ if (crt != NULL) ++ gnutls_x509_crt_deinit(crt); + gnutls_free(t.data); + _gnutls_str_array_clear(&names); + gnutls_free(ccert); +@@ -959,7 +962,6 @@ static int check_if_sorted(gnutls_pcert_st * crt, int nr) + ret = gnutls_x509_crt_init(&x509); + if (ret < 0) + return gnutls_assert_val(ret); +- + ret = + gnutls_x509_crt_import(x509, &crt[i].cert, + GNUTLS_X509_FMT_DER); diff --git a/SOURCES/gnutls-3.3.8-no-libtasn1-check.patch b/SOURCES/gnutls-3.3.8-no-libtasn1-check.patch new file mode 100644 index 0000000..993cfc6 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-no-libtasn1-check.patch @@ -0,0 +1,13 @@ +diff -ur gnutls-3.3.8-orig/m4/hooks.m4 gnutls-3.3.8/m4/hooks.m4 +--- gnutls-3.3.8-orig/m4/hooks.m4 2014-09-18 07:54:45.000000000 +0200 ++++ gnutls-3.3.8/m4/hooks.m4 2014-09-18 19:08:19.223172863 +0200 +@@ -104,7 +104,7 @@ + included_libtasn1=$withval, + included_libtasn1=no) + if test "$included_libtasn1" = "no"; then +- PKG_CHECK_MODULES(LIBTASN1, [libtasn1 >= 3.9], [], [included_libtasn1=yes]) ++ PKG_CHECK_MODULES(LIBTASN1, [libtasn1 >= 3.8], [], [included_libtasn1=yes]) + if test "$included_libtasn1" = yes; then + AC_MSG_WARN([[ + *** +Only in gnutls-3.3.8/m4: hooks.m4~ diff --git a/SOURCES/gnutls-3.3.8-padlock-disable.patch b/SOURCES/gnutls-3.3.8-padlock-disable.patch new file mode 100644 index 0000000..cd4c3b6 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-padlock-disable.patch @@ -0,0 +1,22 @@ +diff --git a/lib/accelerated/x86/x86-common.c b/lib/accelerated/x86/x86-common.c +index cc67b08..e730ba0 100644 +--- a/lib/accelerated/x86/x86-common.c ++++ b/lib/accelerated/x86/x86-common.c +@@ -37,6 +37,7 @@ + # include + #endif + #include ++#include + + /* ebx, ecx, edx + * This is a format compatible with openssl's CPUID detection. +@@ -581,7 +582,8 @@ void register_x86_crypto(void) + + register_x86_intel_crypto(capabilities); + #ifdef ENABLE_PADLOCK +- register_x86_padlock_crypto(capabilities); ++ if (_gnutls_fips_mode_enabled() != 1) ++ register_x86_padlock_crypto(capabilities); + #endif + } + diff --git a/SOURCES/gnutls-3.3.8-rnd-reregister.patch b/SOURCES/gnutls-3.3.8-rnd-reregister.patch new file mode 100644 index 0000000..960ff17 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-rnd-reregister.patch @@ -0,0 +1,29 @@ +From b6d992d0f96f2ecd9c0a3975576e4204c66b1fc6 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Thu, 11 Dec 2014 10:15:54 +0100 +Subject: [PATCH] Allow a random generator with the same priority to + re-register + +That corrects an issue where the library is deinitialized, and +reinitialization wouldn't register the same rnd module. +Reported by Stanislav Zidek. +--- + lib/crypto-backend.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/crypto-backend.c b/lib/crypto-backend.c +index 8840b1c..2132b53 100644 +--- a/lib/crypto-backend.c ++++ b/lib/crypto-backend.c +@@ -193,7 +193,7 @@ const gnutls_crypto_cipher_st + int + gnutls_crypto_rnd_register(int priority, const gnutls_crypto_rnd_st * s) + { +- if (crypto_rnd_prio > priority) { ++ if (crypto_rnd_prio >= priority) { + memcpy(&_gnutls_rnd_ops, s, sizeof(*s)); + crypto_rnd_prio = priority; + return 0; +-- +1.9.3 + diff --git a/SOURCES/gnutls-3.3.8-sha224-fix.patch b/SOURCES/gnutls-3.3.8-sha224-fix.patch new file mode 100644 index 0000000..7786ba6 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-sha224-fix.patch @@ -0,0 +1,13 @@ +diff --git a/lib/accelerated/x86/sha-x86-ssse3.c b/lib/accelerated/x86/sha-x86-ssse3.c +index 17724f7..e9d8eab 100644 +--- a/lib/accelerated/x86/sha-x86-ssse3.c ++++ b/lib/accelerated/x86/sha-x86-ssse3.c +@@ -248,7 +248,7 @@ static int _ctx_init(gnutls_digest_algorithm_t algo, + case GNUTLS_DIG_SHA224: + sha224_init(&ctx->ctx.sha224); + ctx->update = (update_func) x86_sha256_update; +- ctx->digest = (digest_func) sha256_digest; ++ ctx->digest = (digest_func) sha224_digest; + ctx->init = (init_func) sha224_init; + ctx->ctx_ptr = &ctx->ctx.sha224; + ctx->length = SHA224_DIGEST_SIZE; diff --git a/SOURCES/gnutls-3.3.8-testdsa-rndport.patch b/SOURCES/gnutls-3.3.8-testdsa-rndport.patch new file mode 100644 index 0000000..ae7a2b9 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-testdsa-rndport.patch @@ -0,0 +1,13 @@ +diff --git a/tests/dsa/testdsa b/tests/dsa/testdsa +index 4da172f..394d60a 100755 +--- a/tests/dsa/testdsa ++++ b/tests/dsa/testdsa +@@ -23,7 +23,7 @@ + srcdir="${srcdir:-.}" + SERV="${SERV:-../../src/gnutls-serv} -q" + CLI="${CLI:-../../src/gnutls-cli}" +-PORT="${PORT:-5558}" ++PORT="$(((($$<<15)|RANDOM) % 63001 + 2000))" + DEBUG="" + unset RETCODE + diff --git a/SOURCES/gnutls-3.3.8-urandom-fd-fips.patch b/SOURCES/gnutls-3.3.8-urandom-fd-fips.patch new file mode 100644 index 0000000..7854fe4 --- /dev/null +++ b/SOURCES/gnutls-3.3.8-urandom-fd-fips.patch @@ -0,0 +1,40 @@ +From a3f4c7e3f8cf4bb7be0267dd96d363ff69114162 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Wed, 10 Dec 2014 15:40:49 +0100 +Subject: [PATCH] added the .check function in FIPS140-2 code + +--- + lib/nettle/rnd-fips.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/lib/nettle/rnd-fips.c b/lib/nettle/rnd-fips.c +index 32fc141..7bb5dca 100644 +--- a/lib/nettle/rnd-fips.c ++++ b/lib/nettle/rnd-fips.c +@@ -218,6 +218,15 @@ static void _rngfips_deinit(void *_ctx) + free(ctx); + } + ++/* This is called when gnutls_global_init() is called for second time. ++ * It must check whether any resources are still available. ++ * The particular problem it solves is to verify that the urandom fd is still ++ * open (for applications that for some reason closed all fds */ ++static int _rndfips_check(void **ctx) ++{ ++ return _rnd_system_entropy_check(); ++} ++ + static void _rngfips_refresh(void *_ctx) + { + /* this is predictable RNG. Don't refresh */ +@@ -243,6 +252,7 @@ static int selftest_kat(void) + + gnutls_crypto_rnd_st _gnutls_fips_rnd_ops = { + .init = _rngfips_init, ++ .check = _rndfips_check, + .deinit = _rngfips_deinit, + .rnd = _rngfips_rnd, + .rnd_refresh = _rngfips_refresh, +-- +1.9.3 + diff --git a/SOURCES/gnutls-3.3.8-urandom-fd.patch b/SOURCES/gnutls-3.3.8-urandom-fd.patch new file mode 100644 index 0000000..7882f0e --- /dev/null +++ b/SOURCES/gnutls-3.3.8-urandom-fd.patch @@ -0,0 +1,310 @@ +diff -urN gnutls-3.3.8.orig/lib/crypto-backend.h gnutls-3.3.8/lib/crypto-backend.h +--- gnutls-3.3.8.orig/lib/crypto-backend.h 2014-07-29 22:22:47.000000000 +0200 ++++ gnutls-3.3.8/lib/crypto-backend.h 2014-11-18 09:52:15.420936655 +0100 +@@ -77,6 +77,7 @@ + + typedef struct gnutls_crypto_rnd { + int (*init) (void **ctx); ++ int (*check) (void **ctx); + int (*rnd) (void *ctx, int level, void *data, size_t datasize); + void (*rnd_refresh) (void *ctx); + void (*deinit) (void *ctx); +diff -urN gnutls-3.3.8.orig/lib/gnutls_global.c gnutls-3.3.8/lib/gnutls_global.c +--- gnutls-3.3.8.orig/lib/gnutls_global.c 2014-09-04 21:05:54.000000000 +0200 ++++ gnutls-3.3.8/lib/gnutls_global.c 2014-11-18 09:57:18.851879610 +0100 +@@ -207,6 +207,16 @@ + + _gnutls_init++; + if (_gnutls_init > 1) { ++ if (_gnutls_init == 2 && _gnutls_init_ret == 0) { ++ /* some applications may close the urandom fd ++ * before calling gnutls_global_init(). in that ++ * case reopen it */ ++ ret = _gnutls_rnd_check(); ++ if (ret < 0) { ++ gnutls_assert(); ++ goto out; ++ } ++ } + ret = _gnutls_init_ret; + goto out; + } +diff -urN gnutls-3.3.8.orig/lib/nettle/rnd.c gnutls-3.3.8/lib/nettle/rnd.c +--- gnutls-3.3.8.orig/lib/nettle/rnd.c 2014-07-29 22:25:07.000000000 +0200 ++++ gnutls-3.3.8/lib/nettle/rnd.c 2014-11-18 09:52:15.420936655 +0100 +@@ -255,6 +255,15 @@ + return 0; + } + ++/* This is called when gnutls_global_init() is called for second time. ++ * It must check whether any resources are still available. ++ * The particular problem it solves is to verify that the urandom fd is still ++ * open (for applications that for some reason closed all fds */ ++static int wrap_nettle_rnd_check(void **ctx) ++{ ++ return _rnd_system_entropy_check(); ++} ++ + static int + wrap_nettle_rnd_nonce(void *_ctx, void *data, size_t datasize) + { +@@ -363,6 +372,7 @@ + + gnutls_crypto_rnd_st _gnutls_rnd_ops = { + .init = wrap_nettle_rnd_init, ++ .check = wrap_nettle_rnd_check, + .deinit = wrap_nettle_rnd_deinit, + .rnd = wrap_nettle_rnd, + .rnd_refresh = wrap_nettle_rnd_refresh, +diff -urN gnutls-3.3.8.orig/lib/nettle/rnd-common.c gnutls-3.3.8/lib/nettle/rnd-common.c +--- gnutls-3.3.8.orig/lib/nettle/rnd-common.c 2014-08-03 14:22:42.000000000 +0200 ++++ gnutls-3.3.8/lib/nettle/rnd-common.c 2014-11-18 10:25:56.962112669 +0100 +@@ -37,6 +37,10 @@ + #include + #include + ++#include ++#include ++#include ++ + /* gnulib wants to claim strerror even if it cannot provide it. WTF */ + #undef strerror + +@@ -94,6 +98,11 @@ + + get_entropy_func _rnd_get_system_entropy = _rnd_get_system_entropy_win32; + ++int _rnd_system_entropy_check(void) ++{ ++ return 0; ++} ++ + int _rnd_system_entropy_init(void) + { + int old; +@@ -127,7 +136,8 @@ + #include + #include "egd.h" + +-static int device_fd = -1; ++int _gnutls_urandom_fd = -1; ++static mode_t _gnutls_urandom_fd_mode = 0; + + static int _rnd_get_system_entropy_urandom(void* _rnd, size_t size) + { +@@ -137,7 +147,7 @@ + for (done = 0; done < size;) { + int res; + do { +- res = read(device_fd, rnd + done, size - done); ++ res = read(_gnutls_urandom_fd, rnd + done, size - done); + } while (res < 0 && errno == EINTR); + + if (res <= 0) { +@@ -168,7 +178,7 @@ + + for (done = 0; done < size;) { + res = +- _rndegd_read(&device_fd, rnd + done, size - done); ++ _rndegd_read(&_gnutls_urandom_fd, rnd + done, size - done); + if (res <= 0) { + if (res < 0) { + _gnutls_debug_log("Failed to read egd.\n"); +@@ -186,31 +196,53 @@ + + get_entropy_func _rnd_get_system_entropy = NULL; + ++int _rnd_system_entropy_check(void) ++{ ++ int ret; ++ struct stat st; ++ ++ ret = fstat(_gnutls_urandom_fd, &st); ++ if (ret < 0 || st.st_mode != _gnutls_urandom_fd_mode) { ++ return _rnd_system_entropy_init(); ++ } ++ return 0; ++} ++ + int _rnd_system_entropy_init(void) + { +-int old; ++ int old; ++ struct stat st; + +- device_fd = open("/dev/urandom", O_RDONLY); +- if (device_fd < 0) { ++ _gnutls_urandom_fd = open("/dev/urandom", O_RDONLY); ++ if (_gnutls_urandom_fd < 0) { + _gnutls_debug_log("Cannot open urandom!\n"); + goto fallback; + } + +- old = fcntl(device_fd, F_GETFD); ++ old = fcntl(_gnutls_urandom_fd, F_GETFD); + if (old != -1) +- fcntl(device_fd, F_SETFD, old | FD_CLOEXEC); ++ fcntl(_gnutls_urandom_fd, F_SETFD, old | FD_CLOEXEC); ++ ++ if (fstat(_gnutls_urandom_fd, &st) >= 0) { ++ _gnutls_urandom_fd_mode = st.st_mode; ++ } + + _rnd_get_system_entropy = _rnd_get_system_entropy_urandom; + + return 0; + fallback: +- device_fd = _rndegd_connect_socket(); +- if (device_fd < 0) { ++ _gnutls_urandom_fd = _rndegd_connect_socket(); ++ if (_gnutls_urandom_fd < 0) { + _gnutls_debug_log("Cannot open egd socket!\n"); + return + gnutls_assert_val + (GNUTLS_E_RANDOM_DEVICE_ERROR); + } ++ ++ if (fstat(_gnutls_urandom_fd, &st) >= 0) { ++ _gnutls_urandom_fd_mode = st.st_mode; ++ } ++ + _rnd_get_system_entropy = _rnd_get_system_entropy_egd; + + return 0; +@@ -218,9 +250,9 @@ + + void _rnd_system_entropy_deinit(void) + { +- if (device_fd >= 0) { +- close(device_fd); +- device_fd = -1; ++ if (_gnutls_urandom_fd >= 0) { ++ close(_gnutls_urandom_fd); ++ _gnutls_urandom_fd = -1; + } + } + #endif +diff -urN gnutls-3.3.8.orig/lib/nettle/rnd-common.h gnutls-3.3.8/lib/nettle/rnd-common.h +--- gnutls-3.3.8.orig/lib/nettle/rnd-common.h 2014-07-29 22:22:47.000000000 +0200 ++++ gnutls-3.3.8/lib/nettle/rnd-common.h 2014-11-18 09:52:15.420936655 +0100 +@@ -50,6 +50,7 @@ + void _rnd_get_event(struct event_st *e); + + int _rnd_system_entropy_init(void); ++int _rnd_system_entropy_check(void); + void _rnd_system_entropy_deinit(void); + + typedef int (*get_entropy_func)(void* rnd, size_t size); +diff -urN gnutls-3.3.8.orig/lib/random.h gnutls-3.3.8/lib/random.h +--- gnutls-3.3.8.orig/lib/random.h 2014-07-29 22:22:47.000000000 +0200 ++++ gnutls-3.3.8/lib/random.h 2014-11-18 09:58:19.458267672 +0100 +@@ -48,4 +48,13 @@ + void _gnutls_rnd_deinit(void); + int _gnutls_rnd_init(void); + ++inline static int _gnutls_rnd_check(void) ++{ ++ return _gnutls_rnd_ops.check(gnutls_rnd_ctx); ++} ++ ++#ifndef _WIN32 ++extern int _gnutls_urandom_fd; ++#endif ++ + #endif +diff -urN gnutls-3.3.8.orig/tests/init_fds.c gnutls-3.3.8/tests/init_fds.c +--- gnutls-3.3.8.orig/tests/init_fds.c 1970-01-01 01:00:00.000000000 +0100 ++++ gnutls-3.3.8/tests/init_fds.c 2014-11-18 10:01:10.484365302 +0100 +@@ -0,0 +1,80 @@ ++/* ++ * Copyright (C) 2014 Nikos Mavrogiannopoulos ++ * ++ * Author: Nikos Mavrogiannopoulos ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++#ifdef HAVE_CONFIG_H ++#include ++#endif ++ ++#include ++#include ++#include ++#include ++ ++#include "utils.h" ++ ++/* See . */ ++ ++void doit(void) ++{ ++#ifndef _WIN32 ++ int res; ++ unsigned i; ++ int serial = 0; ++ char buf[128]; ++ ++ res = read(3, buf, 16); ++ if (res == 16) ++ serial = 1; ++ ++ /* close all descriptors */ ++ for (i=3;i<1024;i++) ++ close(i); ++ ++ res = gnutls_global_init(); ++ if (res != 0) ++ fail("global_init\n"); ++ ++ if (serial != 0) { ++ res = read(3, buf, 16); ++ if (res != 16) { ++ fail("could not open fd, or OS doesn't assign fds in a serial way (%d)\n", res); ++ } ++ } ++ ++ res = gnutls_global_init(); ++ if (res != 0) ++ fail("global_init2\n"); ++ ++ gnutls_rnd_refresh(); ++ ++ res = gnutls_rnd(GNUTLS_RND_RANDOM, buf, sizeof(buf)); ++ if (res != 0) ++ fail("gnutls_rnd\n"); ++ ++ gnutls_global_deinit(); ++ ++ if (debug) ++ success("init-close success\n"); ++#else ++ return; ++#endif ++} +diff -urN gnutls-3.3.8.orig/tests/Makefile.am gnutls-3.3.8/tests/Makefile.am +--- gnutls-3.3.8.orig/tests/Makefile.am 2014-09-13 13:08:01.000000000 +0200 ++++ gnutls-3.3.8/tests/Makefile.am 2014-11-18 10:01:10.483365293 +0100 +@@ -84,7 +84,7 @@ + mini-cert-status mini-rsa-psk global-init sec-params \ + fips-test mini-global-load name-constraints x509-extensions \ + long-session-id mini-x509-callbacks-intr \ +- crlverify ++ crlverify init_fds + + if ENABLE_OCSP + ctests += ocsp diff --git a/SOURCES/gnutls-3.3.8-zombie-fips.patch b/SOURCES/gnutls-3.3.8-zombie-fips.patch new file mode 100644 index 0000000..ed36f0b --- /dev/null +++ b/SOURCES/gnutls-3.3.8-zombie-fips.patch @@ -0,0 +1,110 @@ +diff -ur gnutls-3.3.8.orig/lib/fips.c gnutls-3.3.8/lib/fips.c +--- gnutls-3.3.8.orig/lib/fips.c 2014-09-04 21:05:54.000000000 +0200 ++++ gnutls-3.3.8/lib/fips.c 2014-11-18 09:46:47.376148426 +0100 +@@ -37,6 +37,8 @@ + #define FIPS_KERNEL_FILE "/proc/sys/crypto/fips_enabled" + #define FIPS_SYSTEM_FILE "/etc/system-fips" + ++static int _fips_mode = -1; ++ + /* Returns: + * 0 - FIPS mode disabled + * 1 - FIPS mode enabled and enforced +@@ -46,21 +48,20 @@ + { + unsigned f1p = 0, f2p; + FILE* fd; +-static int fips_mode = -1; + const char *p; + +- if (fips_mode != -1) +- return fips_mode; ++ if (_fips_mode != -1) ++ return _fips_mode; + + p = getenv("GNUTLS_FORCE_FIPS_MODE"); + if (p) { + if (p[0] == '1') +- fips_mode = 1; ++ _fips_mode = 1; + else if (p[0] == '2') +- fips_mode = 2; ++ _fips_mode = 2; + else +- fips_mode = 0; +- return fips_mode; ++ _fips_mode = 0; ++ return _fips_mode; + } + + fd = fopen(FIPS_KERNEL_FILE, "r"); +@@ -76,20 +77,29 @@ + + if (f1p != 0 && f2p != 0) { + _gnutls_debug_log("FIPS140-2 mode enabled\n"); +- fips_mode = 1; +- return fips_mode; ++ _fips_mode = 1; ++ return _fips_mode; + } + + if (f2p != 0) { + /* a funny state where self tests are performed + * and ignored */ + _gnutls_debug_log("FIPS140-2 ZOMBIE mode enabled\n"); +- fips_mode = 2; +- return fips_mode; ++ _fips_mode = 2; ++ return _fips_mode; + } + +- fips_mode = 0; +- return fips_mode; ++ _fips_mode = 0; ++ return _fips_mode; ++} ++ ++/* This _fips_mode == 2 is a strange mode where checks are being ++ * performed, but its output is ignored. */ ++void _gnutls_fips_mode_reset_zombie(void) ++{ ++ if (_fips_mode == 2) { ++ _fips_mode = 0; ++ } + } + + #define GNUTLS_LIBRARY_NAME "libgnutls.so.28" +@@ -367,6 +377,9 @@ + goto error; + } + ++ if (_fips_mode == 2) ++ _fips_mode = 0; ++ + return 0; + + error: +Only in gnutls-3.3.8/lib: fips.c.orig +diff -ur gnutls-3.3.8.orig/lib/fips.h gnutls-3.3.8/lib/fips.h +--- gnutls-3.3.8.orig/lib/fips.h 2014-09-04 21:05:54.000000000 +0200 ++++ gnutls-3.3.8/lib/fips.h 2014-11-18 09:46:47.377148445 +0100 +@@ -55,6 +55,7 @@ + + int _gnutls_fips_perform_self_checks1(void); + int _gnutls_fips_perform_self_checks2(void); ++void _gnutls_fips_mode_reset_zombie(void); + + #ifdef ENABLE_FIPS140 + unsigned _gnutls_fips_mode_enabled(void); +diff -ur gnutls-3.3.8.orig/lib/gnutls_global.c gnutls-3.3.8/lib/gnutls_global.c +--- gnutls-3.3.8.orig/lib/gnutls_global.c 2014-09-04 21:05:54.000000000 +0200 ++++ gnutls-3.3.8/lib/gnutls_global.c 2014-11-18 09:46:47.377148445 +0100 +@@ -326,6 +326,7 @@ + goto out; + } + } ++ _gnutls_fips_mode_reset_zombie(); + } + #endif + _gnutls_switch_lib_state(LIB_STATE_OPERATIONAL); +Only in gnutls-3.3.8/lib: gnutls_global.c.orig diff --git a/SOURCES/hobble-gnutls b/SOURCES/hobble-gnutls index 9fd507e..3302104 100755 --- a/SOURCES/hobble-gnutls +++ b/SOURCES/hobble-gnutls @@ -13,7 +13,3 @@ for f in auth/srp_sb64.c auth/srp_passwd.c auth/srp_rsa.c \ eval "$CMD lib/$f" done -# ECC -for f in ecc.c ; do - eval "$CMD lib/algorithms/$f" -done diff --git a/SPECS/gnutls.spec b/SPECS/gnutls.spec index c1f3bc7..8dd3b37 100644 --- a/SPECS/gnutls.spec +++ b/SPECS/gnutls.spec @@ -2,19 +2,24 @@ %bcond_with guile Summary: A TLS protocol implementation Name: gnutls -Version: 3.1.18 -Release: 10%{?dist} -# The libraries are LGPLv2.1+, utilities are GPLv3+, however -# the bundled gnulib is LGPLv3+ -License: GPLv3+ and LGPLv2+ and LGPLv3+ +Version: 3.3.8 +Release: 12%{?dist} +# The libraries are LGPLv2.1+, utilities are GPLv3+ +License: GPLv3+ and LGPLv2+ Group: System Environment/Libraries -BuildRequires: p11-kit-devel >= 0.11, gettext -BuildRequires: zlib-devel, readline-devel, libtasn1-devel >= 3.1 +BuildRequires: p11-kit-devel >= 0.20.7, gettext +BuildRequires: zlib-devel, readline-devel, libtasn1-devel >= 3.8 BuildRequires: libtool, automake, autoconf, texinfo -BuildRequires: nettle-devel >= 2.5 +BuildRequires: autogen-libopts-devel >= 5.18 autogen gettext-devel +BuildRequires: nettle-devel >= 2.7.1 +BuildRequires: trousers-devel >= 0.3.11.2 BuildRequires: libidn-devel -BuildRequires: autogen-libopts-devel >= 5.18 autogen -#BuildRequires: trousers-devel >= 0.3.11.2 +BuildRequires: gperf +BuildRequires: fipscheck +Requires: p11-kit-trust +# The automatic dependency on libtasn1 and p11-kit is insufficient, +Requires: libtasn1 >= 3.8 +Requires: p11-kit >= 0.20.7 %if %{with dane} BuildRequires: unbound-devel unbound-libs %endif @@ -28,19 +33,30 @@ URL: http://www.gnutls.org/ Source0: %{name}-%{version}-hobbled.tar.xz Source1: libgnutls-config Source2: hobble-gnutls -Source3: ecc.c -Patch1: gnutls-3.1.17-rpath.patch -Patch2: gnutls-3.1.18-v1-fix.patch -# Use only FIPS approved ciphers in the FIPS mode -Patch7: gnutls-2.12.21-fips-algorithms.patch -Patch8: gnutls-3.1.11-nosrp.patch -# Use random port in some tests to avoid conflicts during simultaneous builds on the same machine -Patch9: gnutls-3.1.10-tests-rndport.patch -Patch10: gnutls-3.1.18-suiteb.patch -Patch11: gnutls-3.1.18-cve-2014-0092.patch -Patch12: gnutls-3.1.18-server-hello-fix.patch -Patch13: gnutls-3.1.18-fix-crash-on-certain-names.patch -Patch14: gnutls-3.1.18-cve-2014-8564.patch +Patch1: gnutls-3.2.7-rpath.patch +Patch2: gnutls-3.1.11-nosrp.patch +Patch3: gnutls-3.3.8-no-libtasn1-check.patch +Patch4: gnutls-3.3.8-fips-key.patch +Patch5: gnutls-3.3.8-mem-issue.patch +Patch6: gnutls-3.3.8-testdsa-rndport.patch +Patch7: gnutls-3.3.8-padlock-disable.patch +Patch8: gnutls-3.3.8-dh-fips-tests.patch +Patch9: gnutls-3.3.8-drbg-fips-symbol.patch +Patch10: gnutls-3.3.8-lcm-fips.patch +Patch11: gnutls-3.3.8-sha224-fix.patch +Patch12: gnutls-3.3.8-fips140-rsa.patch +Patch13: gnutls-3.3.8-fips140-dsa1024.patch +Patch14: gnutls-3.3.8-handshake-reset.patch +Patch15: gnutls-3.3.8-handshake-reset2.patch +Patch16: gnutls-3.3.8-keygen-fix.patch +Patch17: gnutls-3.3.8-dh-fips-tests2.patch +Patch18: gnutls-3.3.8-cve-2014-8564.patch +Patch19: gnutls-3.3.8-zombie-fips.patch +Patch20: gnutls-3.3.8-urandom-fd.patch +Patch21: gnutls-3.3.8-fips-rnd-regr.patch +Patch22: gnutls-3.3.8-urandom-fd-fips.patch +Patch23: gnutls-3.3.8-rnd-reregister.patch +Patch24: gnutls-3.3.8-handshake-reset3.patch # Wildcard bundling exception https://fedorahosted.org/fpc/ticket/174 Provides: bundled(gnulib) = 20130424 @@ -142,33 +158,48 @@ This package contains Guile bindings for the library. %setup -q %patch1 -p1 -b .rpath -%patch2 -p1 -b .v1-fix -# This patch is not applicable as we use nettle now but some parts will be -# later reused. -#%patch7 -p1 -b .fips -%patch8 -p1 -b .nosrp -%patch9 -p1 -b .rndport -%patch10 -p1 -b .suiteb -%patch11 -p1 -b .cve-2014-0092 -%patch12 -p1 -b .server-hello-fix -%patch13 -p1 -b .fix-crash-on-certain-names -%patch14 -p1 -b .cve-2014-8564 +%patch2 -p1 -b .nosrp +%patch3 -p1 -b .libtasn1 +%patch4 -p1 -b .fips-key +%patch5 -p1 -b .mem-issue +%patch6 -p1 -b .testdsa +%patch7 -p1 -b .padlock-disable +%patch8 -p1 -b .fips-dh +%patch9 -p1 -b .fips-drbg +%patch10 -p1 -b .fips-lcm +%patch11 -p1 -b .sha224-fix +%patch12 -p1 -b .fips-rsa-fix +%patch13 -p1 -b .fips-dsa1024-fix +%patch14 -p1 -b .handshake-reset +%patch15 -p1 -b .handshake-reset2 +%patch16 -p1 -b .keygen-fix +%patch17 -p1 -b .fips-dh2 +%patch18 -p1 -b .cve-2014-8564 +%patch19 -p1 -b .zombie-fips +%patch20 -p1 -b .init-fd +%patch21 -p1 -b .fips-regression +%patch22 -p1 -b .init-fd-fips +%patch23 -p1 -b .reregister +%patch24 -p1 -b .handshake-reset3 +sed 's/gnutls_srp.c//g' -i lib/Makefile.in +sed 's/gnutls_srp.lo//g' -i lib/Makefile.in +rm -f lib/minitasn1/*.c lib/minitasn1/*.h +rm -f src/libopts/*.c src/libopts/*.h src/libopts/compat/*.c src/libopts/compat/*.h %{SOURCE2} -e - -cp -f %{SOURCE3} lib/algorithms -rm -f doc/gnutls.info* +autoreconf -if %build - export LDFLAGS="-Wl,--no-add-needed" +# --with-default-trust-store-pkcs11="pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit" %configure --with-libtasn1-prefix=%{_prefix} \ --with-included-libcfg \ --disable-static \ --disable-openssl-compatibility \ - --without-tpm \ --disable-srp-authentication \ + --disable-non-suiteb-curves \ + --enable-fips140-mode \ %if %{with guile} --enable-guile \ %ifarch %{arm} @@ -186,16 +217,22 @@ export LDFLAGS="-Wl,--no-add-needed" --disable-rpath # Note that the arm hack above is not quite right and the proper thing would # be to compile guile with largefile support. -make +make %{?_smp_mflags} + +%define __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + fipshmac -d $RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libdir}/libgnutls.so.28.*.* \ + file=`basename $RPM_BUILD_ROOT%{_libdir}/libgnutls.so.28.*.hmac` && mv $RPM_BUILD_ROOT%{_libdir}/$file $RPM_BUILD_ROOT%{_libdir}/.$file && ln -s .$file $RPM_BUILD_ROOT%{_libdir}/.libgnutls.so.28.hmac \ +%{nil} %install make install DESTDIR=$RPM_BUILD_ROOT rm -f $RPM_BUILD_ROOT%{_bindir}/srptool rm -f $RPM_BUILD_ROOT%{_bindir}/gnutls-srpcrypt cp -f %{SOURCE1} $RPM_BUILD_ROOT%{_bindir}/libgnutls-config -cp -f %{SOURCE1} $RPM_BUILD_ROOT%{_bindir}/libgnutls-extra-config rm -f $RPM_BUILD_ROOT%{_mandir}/man1/srptool.1 -rm -f $RPM_BUILD_ROOT%{_mandir}/man1/tpmtool.1 rm -f $RPM_BUILD_ROOT%{_mandir}/man3/*srp* rm -f $RPM_BUILD_ROOT%{_infodir}/dir rm -f $RPM_BUILD_ROOT%{_libdir}/*.la @@ -207,7 +244,7 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/gnutls-dane.pc %find_lang gnutls %check -make check +make check %{?_smp_mflags} %post -p /sbin/ldconfig @@ -242,7 +279,7 @@ fi %files -f gnutls.lang %defattr(-,root,root,-) %{_libdir}/libgnutls.so.28* -%{_libdir}/libgnutls-xssl.so.0* +%{_libdir}/.libgnutls.so.28*.hmac %doc COPYING COPYING.LESSER README AUTHORS NEWS THANKS %files c++ @@ -253,6 +290,7 @@ fi %{_bindir}/libgnutls*-config %{_includedir}/* %{_libdir}/libgnutls*.so +%{_libdir}/.libgnutls.so.*.hmac %{_libdir}/pkgconfig/*.pc %{_mandir}/man3/* %{_infodir}/gnutls* @@ -261,6 +299,7 @@ fi %files utils %defattr(-,root,root,-) %{_bindir}/certtool +%{_bindir}/tpmtool %{_bindir}/ocsptool %{_bindir}/psktool %{_bindir}/p11tool @@ -287,8 +326,71 @@ fi %endif %changelog -* Fri Nov 7 2014 Nikos Mavrogiannopoulos - 3.1.18-10 -- Applied fix for CVE-2014-8564 (#1161472) +* Mon Jan 5 2015 Nikos Mavrogiannopoulos 3.3.8-12 +- corrected fix of handshake buffer resets (#1153106) + +* Thu Dec 11 2014 Nikos Mavrogiannopoulos 3.3.8-11 +- Applied fix for urandom FD in FIPS140 mode (#1165047) +- Applied fix for FIPS140-2 related regression (#1110696) + +* Tue Dec 2 2014 Nikos Mavrogiannopoulos 3.3.8-10 +- Amended fix for urandom FD to avoid regression in FIPS140 mode (#1165047) + +* Tue Nov 18 2014 Nikos Mavrogiannopoulos 3.3.8-9 +- Amended fix for FIPS enforcement issue (#1163848) +- Fixed issue with applications that close all file descriptors (#1165047) + +* Thu Nov 13 2014 Nikos Mavrogiannopoulos 3.3.8-8 +- Applied fix for FIPS enforcement issue when only /etc/system-fips + existed (#1163848) + +* Fri Nov 7 2014 Nikos Mavrogiannopoulos 3.3.8-7 +- Applied fix for CVE-2014-8564 (#1161473) + +* Wed Oct 29 2014 Nikos Mavrogiannopoulos 3.3.8-6 +- when generating test DH keys, enforce the q_bits. + +* Tue Oct 21 2014 Nikos Mavrogiannopoulos 3.3.8-5 +- do not enforce FIPS140-2 policies in non-FIPS140 mode (#1154774) + +* Thu Oct 16 2014 Nikos Mavrogiannopoulos 3.3.8-4 +- reverted change to use the p11-kit certificate storage (#1110750) +- added functions to test DH/ECDH in FIPS-140-2 mode and fixed + RSA key generation (#1110696) +- added manual dependencies on libtasn1 3.8 as well as p11-kit 0.20.7 +- fixed SHA224 in SSSE3 optimized code +- fixed issue with handshake buffer resets (#1153106) +- fixed issue in RSA key generation with specific seeds in FIPS140-2 mode + +* Wed Oct 01 2014 Nikos Mavrogiannopoulos 3.3.8-3 +- added dependency on libtasn1 3.8 (#1110696) + +* Thu Sep 18 2014 Nikos Mavrogiannopoulos 3.3.8-2 +- disabled padlock CPU support in FIPS140-2 mode + +* Thu Sep 18 2014 Nikos Mavrogiannopoulos 3.3.8-1 +- updated to latest stable release + +* Fri Sep 05 2014 Nikos Mavrogiannopoulos 3.3.8-1.b2 +- updated with latest bug fixes for 3.3.x branch +- delete bundled files + +* Thu Sep 04 2014 Nikos Mavrogiannopoulos 3.3.8b1-1 +- updated with latest bug fixes for 3.3.x branch + +* Fri Aug 22 2014 Nikos Mavrogiannopoulos 3.3.7-1 +- new upstream release (#1110696) +- allow DSA/DH key generation with 1024 when not in FIPS140-2 mode (#1132705) + +* Fri Aug 15 2014 Nikos Mavrogiannopoulos 3.3.7b1-1 +- updated with latest bug fixes for 3.3.x branch +- utilize the p11-kit trust store (#1110750) + +* Tue Jul 29 2014 Nikos Mavrogiannopoulos 3.3.6-2 +- correct path of fipscheck links + +* Wed Jul 23 2014 Nikos Mavrogiannopoulos 3.3.6-1 +- rebased to 3.3.6 and enabled fips mode (#1110696) * Wed May 28 2014 Nikos Mavrogiannopoulos - 3.1.18-9 - fix session ID length check (#1102027)