rpms / openssl098e

Clone
Source Code
GIT

Blame SOURCES/openssl-fips-0.9.8e-dtls-dos.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta
  1.   5820f55c83d296decb4f8def2db1aa47ac8b3e88
  2.   SOURCES
  3.   openssl-fips-0.9.8e-dtls-dos.patch
Blob History Raw
5820f5 
Fixes CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387
5820f5 
DoS vulnerabilities in the DTLS implementation.
5820f5 
diff -up openssl-fips-0.9.8e/crypto/pqueue/pqueue.c.dtls-dos openssl-fips-0.9.8e/crypto/pqueue/pqueue.c
5820f5 
--- openssl-fips-0.9.8e/crypto/pqueue/pqueue.c.dtls-dos	2005-06-28 14:53:33.000000000 +0200
5820f5 
+++ openssl-fips-0.9.8e/crypto/pqueue/pqueue.c	2009-05-21 14:41:48.000000000 +0200
5820f5 
@@ -234,3 +234,17 @@ pqueue_next(pitem **item)
5820f5
5820f5 
 	return ret;
5820f5 
 	}
5820f5 
+
5820f5 
+int
5820f5 
+pqueue_size(pqueue_s *pq)
5820f5 
+{
5820f5 
+	pitem *item = pq->items;
5820f5 
+	int count = 0;
5820f5 
+
5820f5 
+	while(item != NULL)
5820f5 
+	{
5820f5 
+		count++;
5820f5 
+		item = item->next;
5820f5 
+	}
5820f5 
+	return count;
5820f5 
+}
5820f5 
diff -up openssl-fips-0.9.8e/crypto/pqueue/pqueue.h.dtls-dos openssl-fips-0.9.8e/crypto/pqueue/pqueue.h
5820f5 
--- openssl-fips-0.9.8e/crypto/pqueue/pqueue.h.dtls-dos	2009-04-15 13:48:50.000000000 +0200
5820f5 
+++ openssl-fips-0.9.8e/crypto/pqueue/pqueue.h	2009-05-21 14:41:48.000000000 +0200
5820f5 
@@ -91,5 +91,6 @@ pitem *pqueue_iterator(pqueue pq);
5820f5 
 pitem *pqueue_next(piterator *iter);
5820f5
5820f5 
 void   pqueue_print(pqueue pq);
5820f5 
+int    pqueue_size(pqueue pq);
5820f5
5820f5 
 #endif /* ! HEADER_PQUEUE_H */
5820f5 
diff -up openssl-fips-0.9.8e/ssl/d1_both.c.dtls-dos openssl-fips-0.9.8e/ssl/d1_both.c
5820f5 
--- openssl-fips-0.9.8e/ssl/d1_both.c.dtls-dos	2009-04-15 13:48:51.000000000 +0200
5820f5 
+++ openssl-fips-0.9.8e/ssl/d1_both.c	2009-06-02 15:07:31.000000000 +0200
5820f5 
@@ -519,6 +519,7 @@ dtls1_retrieve_buffered_fragment(SSL *s,
5820f5
5820f5 
 	if ( s->d1->handshake_read_seq == frag->msg_header.seq)
5820f5 
 		{
5820f5 
+		unsigned long frag_len = frag->msg_header.frag_len;
5820f5 
 		pqueue_pop(s->d1->buffered_messages);
5820f5
5820f5 
 		al=dtls1_preprocess_fragment(s,&frag->msg_header,max);
5820f5 
@@ -536,7 +537,7 @@ dtls1_retrieve_buffered_fragment(SSL *s,
5820f5 
 		if (al==0)
5820f5 
 			{
5820f5 
 			*ok = 1;
5820f5 
-			return frag->msg_header.frag_len;
5820f5 
+			return frag_len;
5820f5 
 			}
5820f5
5820f5 
 		ssl3_send_alert(s,SSL3_AL_FATAL,al);
5820f5 
@@ -561,7 +562,16 @@ dtls1_process_out_of_seq_message(SSL *s,
5820f5 
 	if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
5820f5 
 		goto err;
5820f5
5820f5 
-	if (msg_hdr->seq <= s->d1->handshake_read_seq)
5820f5 
+	/* Try to find item in queue, to prevent duplicate entries */
5820f5 
+	pq_64bit_init(&seq64);
5820f5 
+	pq_64bit_assign_word(&seq64, msg_hdr->seq);
5820f5 
+	item = pqueue_find(s->d1->buffered_messages, seq64);
5820f5 
+	pq_64bit_free(&seq64);
5820f5 
+
5820f5 
+	/* Discard the message if sequence number was already there, is
5820f5 
+	 * too far in the future or the fragment is already in the queue */
5820f5 
+	if (msg_hdr->seq <= s->d1->handshake_read_seq ||
5820f5 
+		msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL)
5820f5 
 		{
5820f5 
 		unsigned char devnull [256];
5820f5
5820f5 
@@ -575,30 +585,31 @@ dtls1_process_out_of_seq_message(SSL *s,
5820f5 
 			}
5820f5 
 		}
5820f5
5820f5 
-	frag = dtls1_hm_fragment_new(frag_len);
5820f5 
-	if ( frag == NULL)
5820f5 
-		goto err;
5820f5 
+	if (frag_len)
5820f5 
+	{
5820f5 
+		frag = dtls1_hm_fragment_new(frag_len);
5820f5 
+		if ( frag == NULL)
5820f5 
+			goto err;
5820f5
5820f5 
-	memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
5820f5 
+		memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
5820f5
5820f5 
-	if (frag_len)
5820f5 
-		{
5820f5 
-		/* read the body of the fragment (header has already been read */
5820f5 
+		/* read the body of the fragment (header has already been read) */
5820f5 
 		i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
5820f5 
 			frag->fragment,frag_len,0);
5820f5 
-		if (i<=0 || i!=frag_len)
5820f5 
+		if (i<=0 || (unsigned long)i!=frag_len)
5820f5 
 			goto err;
5820f5 
-		}
5820f5
5820f5 
-	pq_64bit_init(&seq64);
5820f5 
-	pq_64bit_assign_word(&seq64, msg_hdr->seq);
5820f5 
+		pq_64bit_init(&seq64);
5820f5 
+		pq_64bit_assign_word(&seq64, msg_hdr->seq);
5820f5
5820f5 
-	item = pitem_new(seq64, frag);
5820f5 
-	pq_64bit_free(&seq64);
5820f5 
-	if ( item == NULL)
5820f5 
-		goto err;
5820f5 
+		item = pitem_new(seq64, frag);
5820f5 
+		pq_64bit_free(&seq64);
5820f5 
+		if ( item == NULL)
5820f5 
+			goto err;
5820f5 
+
5820f5 
+		pqueue_insert(s->d1->buffered_messages, item);
5820f5 
+	}
5820f5
5820f5 
-	pqueue_insert(s->d1->buffered_messages, item);
5820f5 
 	return DTLS1_HM_FRAGMENT_RETRY;
5820f5
5820f5 
 err:
5820f5 
diff -up openssl-fips-0.9.8e/ssl/d1_pkt.c.dtls-dos openssl-fips-0.9.8e/ssl/d1_pkt.c
5820f5 
--- openssl-fips-0.9.8e/ssl/d1_pkt.c.dtls-dos	2009-04-15 13:48:51.000000000 +0200
5820f5 
+++ openssl-fips-0.9.8e/ssl/d1_pkt.c	2009-05-21 14:41:48.000000000 +0200
5820f5 
@@ -167,6 +167,10 @@ dtls1_buffer_record(SSL *s, record_pqueu
5820f5 
     DTLS1_RECORD_DATA *rdata;
5820f5 
 	pitem *item;
5820f5
5820f5 
+	/* Limit the size of the queue to prevent DOS attacks */
5820f5 
+	if (pqueue_size(queue->q) >= 100)
5820f5 
+		return 0;
5820f5 
+
5820f5 
 	rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
5820f5 
 	item = pitem_new(priority, rdata);
5820f5 
 	if (rdata == NULL || item == NULL)
5820f5 
diff -up openssl-fips-0.9.8e/ssl/s3_pkt.c.dtls-dos openssl-fips-0.9.8e/ssl/s3_pkt.c
5820f5 
--- openssl-fips-0.9.8e/ssl/s3_pkt.c.dtls-dos	2006-11-29 15:45:14.000000000 +0100
5820f5 
+++ openssl-fips-0.9.8e/ssl/s3_pkt.c	2009-06-02 14:57:16.000000000 +0200
5820f5 
@@ -1225,6 +1225,13 @@ int ssl3_do_change_cipher_spec(SSL *s)
5820f5
5820f5 
 	if (s->s3->tmp.key_block == NULL)
5820f5 
 		{
5820f5 
+		if (s->session == NULL)
5820f5 
+			{
5820f5 
+			/* might happen if dtls1_read_bytes() calls this */
5820f5 
+			SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);
5820f5 
+			return (0);
5820f5 
+			}
5820f5 
+
5820f5 
 		s->session->cipher=s->s3->tmp.new_cipher;
5820f5 
 		if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
5820f5 
 		}
5820f5 
diff -up openssl-fips-0.9.8e/ssl/ssl_err.c.dtls-dos openssl-fips-0.9.8e/ssl/ssl_err.c
5820f5 
--- openssl-fips-0.9.8e/ssl/ssl_err.c.dtls-dos	2009-04-15 13:48:51.000000000 +0200
5820f5 
+++ openssl-fips-0.9.8e/ssl/ssl_err.c	2009-06-02 14:57:16.000000000 +0200
5820f5 
@@ -138,6 +138,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
5820f5 
 {ERR_FUNC(SSL_F_SSL3_CONNECT),	"SSL3_CONNECT"},
5820f5 
 {ERR_FUNC(SSL_F_SSL3_CTRL),	"SSL3_CTRL"},
5820f5 
 {ERR_FUNC(SSL_F_SSL3_CTX_CTRL),	"SSL3_CTX_CTRL"},
5820f5 
+{ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),	"SSL3_DO_CHANGE_CIPHER_SPEC"},
5820f5 
 {ERR_FUNC(SSL_F_SSL3_ENC),	"SSL3_ENC"},
5820f5 
 {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK),	"SSL3_GENERATE_KEY_BLOCK"},
5820f5 
 {ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),	"SSL3_GET_CERTIFICATE_REQUEST"},
5820f5 
diff -up openssl-fips-0.9.8e/ssl/ssl.h.dtls-dos openssl-fips-0.9.8e/ssl/ssl.h
5820f5 
--- openssl-fips-0.9.8e/ssl/ssl.h.dtls-dos	2009-04-15 13:48:51.000000000 +0200
5820f5 
+++ openssl-fips-0.9.8e/ssl/ssl.h	2009-06-02 14:57:16.000000000 +0200
5820f5 
@@ -1620,6 +1620,7 @@ void ERR_load_SSL_strings(void);
5820f5 
 #define SSL_F_SSL3_CONNECT				 132
5820f5 
 #define SSL_F_SSL3_CTRL					 213
5820f5 
 #define SSL_F_SSL3_CTX_CTRL				 133
5820f5 
+#define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC		 292
5820f5 
 #define SSL_F_SSL3_ENC					 134
5820f5 
 #define SSL_F_SSL3_GENERATE_KEY_BLOCK			 238
5820f5 
 #define SSL_F_SSL3_GET_CERTIFICATE_REQUEST		 135

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation