diff --git a/.gitignore b/.gitignore index 794ceea..aa8148b 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/nss-util-3.19.1.tar.gz +SOURCES/nss-util-3.21.0.tar.gz diff --git a/.nss-util.metadata b/.nss-util.metadata index 9142ac2..3f37be8 100644 --- a/.nss-util.metadata +++ b/.nss-util.metadata @@ -1 +1 @@ -b6dd2b379418fa0e7c468824f559909eedab98bd SOURCES/nss-util-3.19.1.tar.gz +d812083a23ddf6d1a7262ef8799b1d418126688a SOURCES/nss-util-3.21.0.tar.gz diff --git a/SOURCES/build-nss-util-only.patch b/SOURCES/build-nss-util-only.patch index 4005d9a..ba62231 100644 --- a/SOURCES/build-nss-util-only.patch +++ b/SOURCES/build-nss-util-only.patch @@ -65,7 +65,7 @@ diff -up nss/lib/Makefile.utilonly nss/lib/Makefile DBM_SRCDIR = dbm # Add the dbm directory to DIRS. endif -+ifeq ($(NSS_BUILD_NSSUTIL_ONLY),1) ++ifeq ($(NSS_BUILD_UTIL_ONLY),1) +SYSINIT_SRCDIR= +endif + @@ -87,7 +87,7 @@ diff -up nss/lib/manifest.mn.utilonly nss/lib/manifest.mn - libpkix \ - certdb certhigh pk11wrap cryptohi nss \ - $(ZLIB_SRCDIR) ssl \ -- pkcs12 pkcs7 smime \ +- pkcs7 pkcs12 smime \ - crmf jar \ - ckfw $(SYSINIT_SRCDIR) \ $(NULL) diff --git a/SOURCES/nss-3.20.1-security-fix.patch b/SOURCES/nss-3.20.1-security-fix.patch deleted file mode 100644 index 47597d0..0000000 --- a/SOURCES/nss-3.20.1-security-fix.patch +++ /dev/null @@ -1,271 +0,0 @@ -diff --git a/lib/util/secasn1d.c b/lib/util/secasn1d.c ---- a/lib/util/secasn1d.c -+++ b/lib/util/secasn1d.c -@@ -946,31 +946,116 @@ sec_asn1d_parse_more_length (sec_asn1d_s - } - - if (state->pending == 0) - state->place = afterLength; - - return count; - } - -+/* -+ * Helper function for sec_asn1d_prepare_for_contents. -+ * Checks that a value representing a number of bytes consumed can be -+ * subtracted from a remaining length. If so, returns PR_TRUE. -+ * Otherwise, sets the error SEC_ERROR_BAD_DER, indicates that there was a -+ * decoding error in the given SEC_ASN1DecoderContext, and returns PR_FALSE. -+ */ -+static PRBool -+sec_asn1d_check_and_subtract_length (unsigned long *remaining, -+ unsigned long consumed, -+ SEC_ASN1DecoderContext *cx) -+{ -+ PORT_Assert(remaining); -+ PORT_Assert(cx); -+ if (!remaining || !cx) { -+ PORT_SetError (SEC_ERROR_INVALID_ARGS); -+ cx->status = decodeError; -+ return PR_FALSE; -+ } -+ if (*remaining < consumed) { -+ PORT_SetError (SEC_ERROR_BAD_DER); -+ cx->status = decodeError; -+ return PR_FALSE; -+ } -+ *remaining -= consumed; -+ return PR_TRUE; -+} - - static void - sec_asn1d_prepare_for_contents (sec_asn1d_state *state) - { - SECItem *item; - PLArenaPool *poolp; - unsigned long alloc_len; -+ sec_asn1d_state *parent; - - #ifdef DEBUG_ASN1D_STATES - { - printf("Found Length %d %s\n", state->contents_length, - state->indefinite ? "indefinite" : ""); - } - #endif - -+ /** -+ * The maximum length for a child element should be constrained to the -+ * length remaining in the first definite length element in the ancestor -+ * stack. If there is no definite length element in the ancestor stack, -+ * there's nothing to constrain the length of the child, so there's no -+ * further processing necessary. -+ * -+ * It's necessary to walk the ancestor stack, because it's possible to have -+ * definite length children that are part of an indefinite length element, -+ * which is itself part of an indefinite length element, and which is -+ * ultimately part of a definite length element. A simple example of this -+ * would be the handling of constructed OCTET STRINGs in BER encoding. -+ * -+ * This algorithm finds the first definite length element in the ancestor -+ * stack, if any, and if so, ensures that the length of the child element -+ * is consistent with the number of bytes remaining in the constraining -+ * ancestor element (that is, after accounting for any other sibling -+ * elements that may have been read). -+ * -+ * It's slightly complicated by the need to account both for integer -+ * underflow and overflow, as well as ensure that for indefinite length -+ * encodings, there's also enough space for the End-of-Contents (EOC) -+ * octets (Tag = 0x00, Length = 0x00, or two bytes). -+ */ -+ -+ /* Determine the maximum length available for this element by finding the -+ * first definite length ancestor, if any. */ -+ parent = sec_asn1d_get_enclosing_construct(state); -+ while (parent && parent->indefinite) { -+ parent = sec_asn1d_get_enclosing_construct(parent); -+ } -+ /* If parent is null, state is either the outermost state / at the top of -+ * the stack, or the outermost state uses indefinite length encoding. In -+ * these cases, there's nothing external to constrain this element, so -+ * there's nothing to check. */ -+ if (parent) { -+ unsigned long remaining = parent->pending; -+ parent = state; -+ do { -+ if (!sec_asn1d_check_and_subtract_length( -+ &remaining, parent->consumed, state->top) || -+ /* If parent->indefinite is true, parent->contents_length is -+ * zero and this is a no-op. */ -+ !sec_asn1d_check_and_subtract_length( -+ &remaining, parent->contents_length, state->top) || -+ /* If parent->indefinite is true, then ensure there is enough -+ * space for an EOC tag of 2 bytes. */ -+ (parent->indefinite && !sec_asn1d_check_and_subtract_length( -+ &remaining, 2, state->top))) { -+ /* This element is larger than its enclosing element, which is -+ * invalid. */ -+ return; -+ } -+ } while ((parent = sec_asn1d_get_enclosing_construct(parent)) && -+ parent->indefinite); -+ } -+ - /* - * XXX I cannot decide if this allocation should exclude the case - * where state->endofcontents is true -- figure it out! - */ - if (state->allocate) { - void *dest; - - PORT_Assert (state->dest == NULL); -@@ -1002,31 +1087,16 @@ sec_asn1d_prepare_for_contents (sec_asn1 - } - - /* - * Remember, length may be indefinite here! In that case, - * both contents_length and pending will be zero. - */ - state->pending = state->contents_length; - -- /* If this item has definite length encoding, and -- ** is enclosed by a definite length constructed type, -- ** make sure it isn't longer than the remaining space in that -- ** constructed type. -- */ -- if (state->contents_length > 0) { -- sec_asn1d_state *parent = sec_asn1d_get_enclosing_construct(state); -- if (parent && !parent->indefinite && -- state->consumed + state->contents_length > parent->pending) { -- PORT_SetError (SEC_ERROR_BAD_DER); -- state->top->status = decodeError; -- return; -- } -- } -- - /* - * An EXPLICIT is nothing but an outer header, which we have - * already parsed and accepted. Now we need to do the inner - * header and its contents. - */ - if (state->explicit) { - state->place = afterExplicit; - state = sec_asn1d_push_state (state->top, -@@ -1715,20 +1785,117 @@ sec_asn1d_next_substring (sec_asn1d_stat - state->top->status = decodeError; - return; - } - - state->pending -= child_consumed; - if (state->pending == 0) - done = PR_TRUE; - } else { -+ PRBool preallocatedString; -+ sec_asn1d_state *temp_state; - PORT_Assert (state->indefinite); - - item = (SECItem *)(child->dest); -- if (item != NULL && item->data != NULL) { -+ -+ /** -+ * At this point, there's three states at play: -+ * child: The element that was just parsed -+ * state: The currently processed element -+ * 'parent' (aka state->parent): The enclosing construct -+ * of state, or NULL if this is the top-most element. -+ * -+ * This state handles both substrings of a constructed string AND -+ * child elements of items whose template type was that of -+ * SEC_ASN1_ANY, SEC_ASN1_SAVE, SEC_ASN1_ANY_CONTENTS, SEC_ASN1_SKIP -+ * template, as described in sec_asn1d_prepare_for_contents. For -+ * brevity, these will be referred to as 'string' and 'any' types. -+ * -+ * This leads to the following possibilities: -+ * 1: This element is an indefinite length string, part of a -+ * definite length string. -+ * 2: This element is an indefinite length string, part of an -+ * indefinite length string. -+ * 3: This element is an indefinite length any, part of a -+ * definite length any. -+ * 4: This element is an indefinite length any, part of an -+ * indefinite length any. -+ * 5: This element is an indefinite length any and does not -+ * meet any of the above criteria. Note that this would include -+ * an indefinite length string type matching an indefinite -+ * length any template. -+ * -+ * In Cases #1 and #3, the definite length 'parent' element will -+ * have allocated state->dest based on the parent elements definite -+ * size. During the processing of 'child', sec_asn1d_parse_leaf will -+ * have copied the (string, any) data directly into the offset of -+ * dest, as appropriate, so there's no need for this class to still -+ * store the child - it's already been processed. -+ * -+ * In Cases #2 and #4, dest will be set to the parent element's dest, -+ * but dest->data will not have been allocated yet, due to the -+ * indefinite length encoding. In this situation, it's necessary to -+ * hold onto child (and all other children) until the EOC, at which -+ * point, it becomes possible to compute 'state's overall length. Once -+ * 'state' has a computed length, this can then be fed to 'parent' (via -+ * this state), and then 'parent' can similarly compute the length of -+ * all of its children up to the EOC, which will ultimately transit to -+ * sec_asn1d_concat_substrings, determine the overall size needed, -+ * allocate, and copy the contents (of all of parent's children, which -+ * would include 'state', just as 'state' will have copied all of its -+ * children via sec_asn1d_concat_substrings) -+ * -+ * The final case, Case #5, will manifest in that item->data and -+ * item->len will be NULL/0, respectively, since this element was -+ * indefinite-length encoded. In that case, both the tag and length will -+ * already exist in state's subitems, via sec_asn1d_record_any_header, -+ * and so the contents (aka 'child') should be added to that list of -+ * items to concatenate in sec_asn1d_concat_substrings once the EOC -+ * is encountered. -+ * -+ * To distinguish #2/#4 from #1/#3, it's sufficient to walk the ancestor -+ * tree. If the current type is a string type, then the enclosing -+ * construct will be that same type (#1/#2). If the current type is an -+ * any type, then the enclosing construct is either an any type (#3/#4) -+ * or some other type (#5). Since this is BER, this nesting relationship -+ * between 'state' and 'parent' may go through several levels of -+ * constructed encoding, so continue walking the ancestor chain until a -+ * clear determination can be made. -+ * -+ * The variable preallocatedString is used to indicate Case #1/#3, -+ * indicating an in-place copy has already occurred, and Cases #2, #4, -+ * and #5 all have the same behaviour of adding a new substring. -+ */ -+ preallocatedString = PR_FALSE; -+ temp_state = state; -+ while (temp_state && item == temp_state->dest && temp_state->indefinite) { -+ sec_asn1d_state *parent = sec_asn1d_get_enclosing_construct(temp_state); -+ if (!parent || parent->underlying_kind != temp_state->underlying_kind) { -+ /* Case #5 - Either this is a top-level construct or it is part -+ * of some other element (e.g. a SEQUENCE), in which case, a -+ * new item should be allocated. */ -+ break; -+ } -+ if (!parent->indefinite) { -+ /* Cases #1 / #3 - A definite length ancestor exists, for which -+ * this is a substring that has already copied into dest. */ -+ preallocatedString = PR_TRUE; -+ break; -+ } -+ if (!parent->substring) { -+ /* Cases #2 / #4 - If the parent is not a substring, but is -+ * indefinite, then there's nothing further up that may have -+ * preallocated dest, thus child will not have already -+ * been copied in place, therefore it's necessary to save child -+ * as a subitem. */ -+ break; -+ } -+ temp_state = parent; -+ } -+ if (item != NULL && item->data != NULL && !preallocatedString) { - /* - * Save the string away for later concatenation. - */ - PORT_Assert (item->data != NULL); - sec_asn1d_add_to_subitems (state, item->data, item->len, PR_FALSE); - /* - * Clear the child item for the next round. - */ diff --git a/SOURCES/nss-util-3.19.1-tls12-mechanisms.patch b/SOURCES/nss-util-3.19.1-tls12-mechanisms.patch index 24c816b..77125f2 100644 --- a/SOURCES/nss-util-3.19.1-tls12-mechanisms.patch +++ b/SOURCES/nss-util-3.19.1-tls12-mechanisms.patch @@ -1,86 +1,14 @@ -diff --git a/lib/util/pkcs11t.h b/lib/util/pkcs11t.h ---- a/lib/util/pkcs11t.h -+++ b/lib/util/pkcs11t.h -@@ -819,16 +819,26 @@ typedef CK_ULONG CK_MECHANISM_T - /* WTLS mechanisms are new for v2.20 */ - #define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0 - #define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1 - #define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2 - #define CKM_WTLS_PRF 0x000003D3 - #define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4 - #define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5 +diff -up ./nss/lib/util/pkcs11t.h.tls12_mechs ./nss/lib/util/pkcs11t.h +--- ./nss/lib/util/pkcs11t.h.tls12_mechs 2015-11-08 21:12:59.000000000 -0800 ++++ ./nss/lib/util/pkcs11t.h 2016-02-02 07:27:51.243330963 -0800 +@@ -1695,6 +1695,10 @@ typedef struct CK_TLS_MAC_PARAMS { -+/* TLS 1.2 mechanisms are new for v2.40 */ -+#define CKM_TLS12_MASTER_KEY_DERIVE 0x000003E0 -+#define CKM_TLS12_KEY_AND_MAC_DERIVE 0x000003E1 -+#define CKM_TLS12_MASTER_KEY_DERIVE_DH 0x000003E2 -+#define CKM_TLS10_MAC_SERVER 0x000003E3 -+#define CKM_TLS10_MAC_CLIENT 0x000003E4 -+#define CKM_TLS12_MAC 0x000003E5 -+#define CKM_TLS12_KEY_SAFE_DERIVE 0x000003E6 -+#define CKM_TLS_KDF 0x000003E7 -+ - #define CKM_KEY_WRAP_LYNKS 0x00000400 - #define CKM_KEY_WRAP_SET_OAEP 0x00000401 - - /* CKM_CMS_SIG is new for v2.20 */ - #define CKM_CMS_SIG 0x00000500 - - /* Fortezza mechanisms */ - #define CKM_SKIPJACK_KEY_GEN 0x00001000 -@@ -1643,16 +1653,55 @@ typedef struct CK_TLS_PRF_PARAMS { - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLen; - CK_BYTE_PTR pOutput; - CK_ULONG_PTR pulOutputLen; - } CK_TLS_PRF_PARAMS; + typedef CK_TLS_MAC_PARAMS CK_PTR CK_TLS_MAC_PARAMS_PTR; - typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR; - -+/* TLS 1.2 is new for version 2.40 */ -+typedef struct CK_TLS12_MASTER_KEY_DERIVE_PARAMS { -+ CK_SSL3_RANDOM_DATA RandomInfo; -+ CK_VERSION_PTR pVersion; -+ CK_MECHANISM_TYPE prfHashMechanism; -+} CK_TLS12_MASTER_KEY_DERIVE_PARAMS; -+ -+typedef CK_TLS12_MASTER_KEY_DERIVE_PARAMS CK_PTR \ -+ CK_TLS12_MASTER_KEY_DERIVE_PARAMS_PTR; -+ -+typedef struct CK_TLS12_KEY_MAT_PARAMS { -+ CK_ULONG ulMacSizeInBits; -+ CK_ULONG ulKeySizeInBits; -+ CK_ULONG ulIVSizeInBits; -+ CK_BBOOL bIsExport; /* Unused. Must be set to CK_FALSE. */ -+ CK_SSL3_RANDOM_DATA RandomInfo; -+ CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; -+ CK_MECHANISM_TYPE prfHashMechanism; -+} CK_TLS12_KEY_MAT_PARAMS; -+ -+typedef CK_TLS12_KEY_MAT_PARAMS CK_PTR CK_TLS12_KEY_MAT_PARAMS_PTR; -+ -+typedef struct CK_TLS_KDF_PARAMS { -+ CK_MECHANISM_TYPE prfMechanism; -+ CK_BYTE_PTR pLabel; -+ CK_ULONG ulLabelLength; -+ CK_SSL3_RANDOM_DATA RandomInfo; -+ CK_BYTE_PTR pContextData; -+ CK_ULONG ulContextDataLength; -+} CK_TLS_KDF_PARAMS; -+ -+typedef struct CK_TLS12_MAC_PARAMS { -+ CK_MECHANISM_TYPE prfHashMechanism; -+ CK_ULONG ulMacLength; -+ CK_ULONG ulServerOrClient; -+} CK_TLS12_MAC_PARAMS; -+ -+typedef CK_TLS12_MAC_PARAMS CK_PTR CK_TLS12_MAC_PARAMS_PTR; ++/* aliases for compatibility with prior release */ ++#define CK_TLS12_MAC_PARAMS CK_TLS_MAC_PARAMS ++#define CK_TLS12_MAC_PARAMS_PTR CK_TLS_MAC_PARAMS_PTR + /* WTLS is new for version 2.20 */ typedef struct CK_WTLS_RANDOM_DATA { CK_BYTE_PTR pClientRandom; - CK_ULONG ulClientRandomLen; - CK_BYTE_PTR pServerRandom; - CK_ULONG ulServerRandomLen; - } CK_WTLS_RANDOM_DATA; - diff --git a/SPECS/nss-util.spec b/SPECS/nss-util.spec index 6b9a3e0..81b6c16 100644 --- a/SPECS/nss-util.spec +++ b/SPECS/nss-util.spec @@ -1,11 +1,11 @@ -%global nspr_version 4.10.8 +%global nspr_version 4.11.0 # adjust to the very latest build needed -%global nspr_build_version -2 +%global nspr_build_version -1 Summary: Network Security Services Utilities Library Name: nss-util -Version: 3.19.1 -Release: 9%{?dist} +Version: 3.21.0 +Release: 2.2%{?dist} License: MPLv2.0 URL: http://www.mozilla.org/projects/security/pki/nss/ Group: System Environment/Libraries @@ -33,14 +33,14 @@ Source1: nss-split-util.sh Source2: nss-util.pc.in Source3: nss-util-config.in +# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1186917 Patch1: build-nss-util-only.patch +# Local patches Patch2: hasht-dont-include-prtypes.patch Patch7: pkcs1sig-include-prtypes.patch # Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=951455 # Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=923089 Patch8: nss-util-3.19.1-tls12-mechanisms.patch -# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1205157 -Patch9: nss-3.20.1-security-fix.patch Patch10: cve-2016-1950.patch %description @@ -65,9 +65,8 @@ Header and library files for doing development with Network Security Services. %patch1 -p0 -b .utilonly %patch2 -p0 -b .prtypes %patch7 -p0 -b .include_prtypes -pushd nss %patch8 -p1 -b .tls12_mechs -%patch9 -p1 -b .various_flaws +pushd nss %patch10 -p1 -b .cve-2016-1950 popd @@ -98,11 +97,13 @@ NSPR_LIB_DIR=`/usr/bin/pkg-config --libs-only-L nspr | sed 's/-L//'` export NSPR_INCLUDE_DIR export NSPR_LIB_DIR -NSS_USE_SYSTEM_SQLITE=1 -export NSS_USE_SYSTEM_SQLITE +export NSS_USE_SYSTEM_SQLITE=1 -NSS_BUILD_NSSUTIL_ONLY=1 -export NSS_BUILD_NSSUTIL_ONLY +export NSS_BUILD_UTIL_ONLY=1 + +# external tests are not suitable for nss-util and +# won't compile as they depend on ssl +export NSS_DISABLE_GTESTS=1 %ifnarch noarch %if 0%{__isa_bits} == 64 @@ -238,6 +239,10 @@ done %{_includedir}/nss3/templates/templates.c %changelog +* Wed Mar 30 2016 Kai Engert - 3.21.0-2.2 +- Rebase to nss-util from nss 3.21 +- Add aliases for naming compatibility with prior release + * Thu Mar 03 2016 Kai Engert - 3.19.1-9 - Actually apply the fix for CVE-2016-1950 from NSS 3.19.2.3 ...