# HG changeset patch # User Ronald Jordan # Date 1474998655 25200 # Node ID 1d2ebf9515bd234da50903e767951f677d05569a # Parent f9de80b7cc17f61cb241907c4482dcd5936e0235 24710405 Upgrade OpenSSL version to 1.0.1u 24703800 problem in LIBRARY/OPENSSL 24703856 problem in LIBRARY/OPENSSL 24703866 problem in LIBRARY/OPENSSL 24703911 problem in LIBRARY/OPENSSL 24703934 problem in LIBRARY/OPENSSL 24703939 problem in LIBRARY/OPENSSL diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1-fips-140/Makefile --- a/components/openssl/openssl-1.0.1-fips-140/Makefile Tue Sep 27 00:30:26 2016 -0700 +++ b/components/openssl/openssl-1.0.1-fips-140/Makefile Tue Sep 27 10:50:55 2016 -0700 @@ -32,18 +32,18 @@ COMPONENT_NAME = openssl-fips-140 # Note that this is the OpenSSL version that is used to build FIPS-140 certified # libraries. However, we use the FIPS canister version for the IPS package. -COMPONENT_VERSION = 1.0.1t +COMPONENT_VERSION = 1.0.1u IPS_COMPONENT_VERSION = 2.0.6 COMPONENT_PROJECT_URL= http://www.openssl.org/ COMPONENT_SRC_NAME = openssl COMPONENT_SRC = $(COMPONENT_SRC_NAME)-$(COMPONENT_VERSION) COMPONENT_ARCHIVE = $(COMPONENT_SRC).tar.gz COMPONENT_ARCHIVE_HASH= \ - sha256:4a6ee491a2fdb22e519c76fdc2a628bb3cec12762cd456861d207996c8a07088 + sha256:4312b4ca1215b6f2c97007503d80db80d5157f76f8f7d3febbe6b4c56ff26739 COMPONENT_ARCHIVE_URL = $(COMPONENT_PROJECT_URL)source/$(COMPONENT_ARCHIVE) COMPONENT_BUGDB= library/openssl -TPNO= 28138 +TPNO= 31796 # OpenSSL FIPS directory OPENSSL_FIPS_DIR = $(COMPONENT_DIR)/../openssl-fips @@ -107,7 +107,7 @@ CONFIGURE_OPTIONS += no-seed # Disable SSLv2 protocol -CONFIGURE_OPTIONS += no-ssl2 no-ssl2-method +CONFIGURE_OPTIONS += no-ssl2 # We define our own compiler and linker option sets for Solaris. See Configure # for more information. diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1-fips-140/openssl-1.0.1-fips-140.license --- a/components/openssl/openssl-1.0.1-fips-140/openssl-1.0.1-fips-140.license Tue Sep 27 00:30:26 2016 -0700 +++ b/components/openssl/openssl-1.0.1-fips-140/openssl-1.0.1-fips-140.license Tue Sep 27 10:50:55 2016 -0700 @@ -12,7 +12,7 @@ --------------- /* ==================================================================== - * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1-fips-140/patches/42_rm_sslv2.patch --- a/components/openssl/openssl-1.0.1-fips-140/patches/42_rm_sslv2.patch Tue Sep 27 00:30:26 2016 -0700 +++ b/components/openssl/openssl-1.0.1-fips-140/patches/42_rm_sslv2.patch Tue Sep 27 10:50:55 2016 -0700 @@ -1,54 +1,6 @@ # # This was developed in house. Not applicable to the upstream. # ---- openssl-1.0.1/ssl/s2_meth.c Fri May 8 09:38:33 2015 -+++ openssl-1.0.1/ssl/s2_meth.c.new Fri May 8 09:51:53 2015 -@@ -74,6 +74,13 @@ - ssl2_accept, ssl2_connect, ssl2_get_method) - #else /* !OPENSSL_NO_SSL2 */ - -+/* stub function */ -+const SSL_METHOD * -+SSLv2_method(void) -+{ -+ return (NULL); -+} -+ - # if PEDANTIC - static void *dummy = &dummy; - # endif ---- openssl-1.0.1/ssl/s2_clnt.c Fri May 8 09:37:51 2015 -+++ openssl-1.0.1/ssl/ss2_clnt.c.new Fri May 8 09:53:12 2015 -@@ -1087,6 +1087,13 @@ - } - #else /* !OPENSSL_NO_SSL2 */ - -+/* stub function */ -+const SSL_METHOD * -+SSLv2_client_method(void) -+{ -+ return (NULL); -+} -+ - # if PEDANTIC - static void *dummy = &dummy; - # endif ---- openssl-1.0.1/ssl/s2_srvr.c Fri May 8 09:38:02 2015 -+++ openssl-1.0.1/ssl/s2_srvr.c.new Fri May 8 09:53:43 2015 -@@ -1150,6 +1150,13 @@ - } - #else /* !OPENSSL_NO_SSL2 */ - -+/* stub function */ -+const SSL_METHOD * -+SSLv2_server_method(void) -+{ -+ return (NULL); -+} -+ - # if PEDANTIC - static void *dummy = &dummy; - # endif --- openssl-1.0.1/ssl/ssl.h Tue May 26 11:13:15 2015 +++ openssl-1.0.1/ssl/ssl.h.new Tue May 26 11:32:09 2015 @@ -2016,12 +2016,28 @@ diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1-fips-140/patches/43_cve-2016-2177.patch --- a/components/openssl/openssl-1.0.1-fips-140/patches/43_cve-2016-2177.patch Tue Sep 27 00:30:26 2016 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,214 +0,0 @@ -# The patch is based on the following commit from the upstream: -# https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7 -# The fix is patched until the new version becomes available -# from the upstream. ---- a/ssl/s3_srvr.c -+++ b/ssl/s3_srvr.c -@@ -1040,7 +1040,7 @@ int ssl3_get_client_hello(SSL *s) - - session_length = *(p + SSL3_RANDOM_SIZE); - -- if (p + SSL3_RANDOM_SIZE + session_length + 1 >= d + n) { -+ if (SSL3_RANDOM_SIZE + session_length + 1 >= (d + n) - p) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); - goto f_err; -@@ -1058,7 +1058,7 @@ int ssl3_get_client_hello(SSL *s) - /* get the session-id */ - j = *(p++); - -- if (p + j > d + n) { -+ if ((d + n) - p < j) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); - goto f_err; -@@ -1114,14 +1114,14 @@ int ssl3_get_client_hello(SSL *s) - - if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) { - /* cookie stuff */ -- if (p + 1 > d + n) { -+ if ((d + n) - p < 1) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); - goto f_err; - } - cookie_len = *(p++); - -- if (p + cookie_len > d + n) { -+ if ((d + n ) - p < cookie_len) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); - goto f_err; -@@ -1166,7 +1166,7 @@ int ssl3_get_client_hello(SSL *s) - p += cookie_len; - } - -- if (p + 2 > d + n) { -+ if ((d + n ) - p < 2) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); - goto f_err; -@@ -1180,7 +1180,7 @@ int ssl3_get_client_hello(SSL *s) - } - - /* i bytes of cipher data + 1 byte for compression length later */ -- if ((p + i + 1) > (d + n)) { -+ if ((d + n) - p < i + 1) { - /* not enough data */ - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); -@@ -1246,7 +1246,7 @@ int ssl3_get_client_hello(SSL *s) - - /* compression */ - i = *(p++); -- if ((p + i) > (d + n)) { -+ if ((d + n) - p < i) { - /* not enough data */ - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); ---- a/ssl/ssl_sess.c -+++ b/ssl/ssl_sess.c -@@ -602,7 +602,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, - int r; - #endif - -- if (session_id + len > limit) { -+ if (limit - session_id < len) { - fatal = 1; - goto err; - } ---- a/ssl/t1_lib.c -+++ b/ssl/t1_lib.c -@@ -942,11 +942,11 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, - 0x02, 0x03, /* SHA-1/ECDSA */ - }; - -- if (data >= (limit - 2)) -+ if (limit - data <= 2) - return; - data += 2; - -- if (data > (limit - 4)) -+ if (limit - data < 4) - return; - n2s(data, type); - n2s(data, size); -@@ -954,7 +954,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, - if (type != TLSEXT_TYPE_server_name) - return; - -- if (data + size > limit) -+ if (limit - data < size) - return; - data += size; - -@@ -962,7 +962,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, - const size_t len1 = sizeof(kSafariExtensionsBlock); - const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock); - -- if (data + len1 + len2 != limit) -+ if (limit - data != (int)(len1 + len2)) - return; - if (memcmp(data, kSafariExtensionsBlock, len1) != 0) - return; -@@ -971,7 +971,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, - } else { - const size_t len = sizeof(kSafariExtensionsBlock); - -- if (data + len != limit) -+ if (limit - data != (int)(len)) - return; - if (memcmp(data, kSafariExtensionsBlock, len) != 0) - return; -@@ -1019,19 +1019,19 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, - if (data == limit) - goto ri_check; - -- if (data > (limit - 2)) -+ if (limit - data < 2) - goto err; - - n2s(data, len); - -- if (data + len != limit) -+ if (limit - data != len) - goto err; - -- while (data <= (limit - 4)) { -+ while (limit - data >= 4) { - n2s(data, type); - n2s(data, size); - -- if (data + size > (limit)) -+ if (limit - data < size) - goto err; - # if 0 - fprintf(stderr, "Received extension type %d size %d\n", type, size); -@@ -1460,20 +1460,20 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, - SSL_TLSEXT_HB_DONT_SEND_REQUESTS); - # endif - -- if (data >= (d + n - 2)) -+ if ((d + n) - data <= 2) - goto ri_check; - - n2s(data, length); -- if (data + length != d + n) { -+ if ((d + n) - data != length) { - *al = SSL_AD_DECODE_ERROR; - return 0; - } - -- while (data <= (d + n - 4)) { -+ while ((d + n) - data >= 4) { - n2s(data, type); - n2s(data, size); - -- if (data + size > (d + n)) -+ if ((d + n) - data < size) - goto ri_check; - - if (s->tlsext_debug_cb) -@@ -2179,29 +2179,33 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, - /* Skip past DTLS cookie */ - if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) { - i = *(p++); -- p += i; -- if (p >= limit) -+ -+ if (limit - p <= i) - return -1; -+ -+ p += i; - } - /* Skip past cipher list */ - n2s(p, i); -- p += i; -- if (p >= limit) -+ if (limit - p <= i) - return -1; -+ p += i; -+ - /* Skip past compression algorithm list */ - i = *(p++); -- p += i; -- if (p > limit) -+ if (limit - p < i) - return -1; -+ p += i; -+ - /* Now at start of extensions */ -- if ((p + 2) >= limit) -+ if (limit - p <= 2) - return 0; - n2s(p, i); -- while ((p + 4) <= limit) { -+ while (limit - p >= 4) { - unsigned short type, size; - n2s(p, type); - n2s(p, size); -- if (p + size > limit) -+ if (limit - p < size) - return 0; - if (type == TLSEXT_TYPE_session_ticket) { - int r; diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1-fips-140/patches/44_cve-2016-2178.patch --- a/components/openssl/openssl-1.0.1-fips-140/patches/44_cve-2016-2178.patch Tue Sep 27 00:30:26 2016 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,28 +0,0 @@ -# The patch is based on the following commit from the upstream: -# https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2 -# The fix is patched until the new version becomes available -# from the upstream. ---- a/crypto/dsa/dsa_ossl.c 2016-06-20 08:06:46.793733045 -0700 -+++ b/crypto/dsa/dsa_ossl.c 2016-06-20 08:07:42.133601060 -0700 -@@ -248,9 +248,6 @@ - if (!BN_rand_range(&k, dsa->q)) - goto err; - while (BN_is_zero(&k)) ; -- if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { -- BN_set_flags(&k, BN_FLG_CONSTTIME); -- } - - if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { - if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, -@@ -282,6 +279,11 @@ - } else { - K = &k; - } -+ -+ if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { -+ BN_set_flags(K, BN_FLG_CONSTTIME); -+ } -+ - DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx, - dsa->method_mont_p); - if (!BN_mod(r, r, dsa->q, ctx)) diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1-fips-140/patches/46_cve-2016-6302.patch --- a/components/openssl/openssl-1.0.1-fips-140/patches/46_cve-2016-6302.patch Tue Sep 27 00:30:26 2016 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,30 +0,0 @@ -# The patch is based on the following commit from the upstream: -# https://github.com/openssl/openssl/commit/baaabfd8fdcec04a691695fad9a664bea43202b6 -# The fix is patched until the new version becomes available -# from the upstream. ---- a/ssl/t1_lib.c -+++ b/ssl/t1_lib.c -@@ -3401,9 +3401,7 @@ - HMAC_CTX hctx; - EVP_CIPHER_CTX ctx; - SSL_CTX *tctx = s->initial_ctx; -- /* Need at least keyname + iv + some encrypted data */ -- if (eticklen < 48) -- return 2; -+ - /* Initialize session ticket encryption and HMAC contexts */ - HMAC_CTX_init(&hctx); - EVP_CIPHER_CTX_init(&ctx); -@@ -3437,6 +3435,12 @@ - if (mlen < 0) { - goto err; - } -+ /* Sanity check ticket length: must exceed keyname + IV + HMAC */ -+ if (eticklen <= 16 + EVP_CIPHER_CTX_iv_length(&ctx) + mlen) { -+ HMAC_CTX_cleanup(&hctx); -+ EVP_CIPHER_CTX_cleanup(&ctx); -+ return 2; -+ } - eticklen -= mlen; - /* Check HMAC of encrypted ticket */ - if (HMAC_Update(&hctx, etick, eticklen) <= 0 diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1-fips-140/patches/48_large_crl.patch --- a/components/openssl/openssl-1.0.1-fips-140/patches/48_large_crl.patch Tue Sep 27 00:30:26 2016 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,18 +0,0 @@ -# The patch is based on the following commit from the upstream: -# https://github.com/openssl/openssl/commit/a1eef756cc1948e -# The fix is patched until the new version becomes available from the upstream. ---- a/crypto/asn1/x_name.c 2016-07-12 15:17:45.766267352 -0700 -+++ b/crypto/asn1/x_name.c 2016-07-12 15:18:02.542842140 -0700 -@@ -199,10 +199,8 @@ - int i, j, ret; - STACK_OF(X509_NAME_ENTRY) *entries; - X509_NAME_ENTRY *entry; -- if (len > X509_NAME_MAX) { -- ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG); -- return 0; -- } -+ if (len > X509_NAME_MAX) -+ len = X509_NAME_MAX; - q = p; - - /* Get internal representation of Name */ diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1/Makefile --- a/components/openssl/openssl-1.0.1/Makefile Tue Sep 27 00:30:26 2016 -0700 +++ b/components/openssl/openssl-1.0.1/Makefile Tue Sep 27 10:50:55 2016 -0700 @@ -28,20 +28,20 @@ # When upgrading OpenSSL, please, DON'T FORGET TO TEST WANBOOT too. # For more information about wanboot-openssl testing, please refer to # ../README. -COMPONENT_VERSION = 1.0.1t +COMPONENT_VERSION = 1.0.1u # Version for IPS. It is easier to do it manually than convert the letter to a # number while taking into account that there might be no letter at all. -IPS_COMPONENT_VERSION = 1.0.1.20 +IPS_COMPONENT_VERSION = 1.0.1.21 COMPONENT_PROJECT_URL= http://www.openssl.org/ COMPONENT_SRC = $(COMPONENT_NAME)-$(COMPONENT_VERSION) COMPONENT_ARCHIVE = $(COMPONENT_SRC).tar.gz COMPONENT_ARCHIVE_HASH= \ - sha256:4a6ee491a2fdb22e519c76fdc2a628bb3cec12762cd456861d207996c8a07088 + sha256:4312b4ca1215b6f2c97007503d80db80d5157f76f8f7d3febbe6b4c56ff26739 COMPONENT_ARCHIVE_URL = $(COMPONENT_PROJECT_URL)source/$(COMPONENT_ARCHIVE) COMPONENT_BUGDB= library/openssl -TPNO= 28138 +TPNO= 31796 include $(WS_MAKE_RULES)/prep.mk include $(WS_MAKE_RULES)/configure.mk @@ -98,7 +98,7 @@ CONFIGURE_OPTIONS += no-seed # Disable SSLv2 protocol -CONFIGURE_OPTIONS += no-ssl2 no-ssl2-method +CONFIGURE_OPTIONS += no-ssl2 # We use both no-whirlpool and no-whrlpool since there is an inconsistency in # the OpenSSL code and one needs both to build OpenSSL successfully with diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1/openssl-1.0.1.license --- a/components/openssl/openssl-1.0.1/openssl-1.0.1.license Tue Sep 27 00:30:26 2016 -0700 +++ b/components/openssl/openssl-1.0.1/openssl-1.0.1.license Tue Sep 27 10:50:55 2016 -0700 @@ -12,7 +12,7 @@ --------------- /* ==================================================================== - * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1/patches/42_rm_sslv2.patch --- a/components/openssl/openssl-1.0.1/patches/42_rm_sslv2.patch Tue Sep 27 00:30:26 2016 -0700 +++ b/components/openssl/openssl-1.0.1/patches/42_rm_sslv2.patch Tue Sep 27 10:50:55 2016 -0700 @@ -1,54 +1,6 @@ # # This was developed in house. Not applicable to the upstream. # ---- openssl-1.0.1/ssl/s2_meth.c Fri May 8 09:38:33 2015 -+++ openssl-1.0.1/ssl/s2_meth.c.new Fri May 8 09:51:53 2015 -@@ -74,6 +74,13 @@ - ssl2_accept, ssl2_connect, ssl2_get_method) - #else /* !OPENSSL_NO_SSL2 */ - -+/* stub function */ -+const SSL_METHOD * -+SSLv2_method(void) -+{ -+ return (NULL); -+} -+ - # if PEDANTIC - static void *dummy = &dummy; - # endif ---- openssl-1.0.1/ssl/s2_clnt.c Fri May 8 09:37:51 2015 -+++ openssl-1.0.1/ssl/ss2_clnt.c.new Fri May 8 09:53:12 2015 -@@ -1087,6 +1087,13 @@ - } - #else /* !OPENSSL_NO_SSL2 */ - -+/* stub function */ -+const SSL_METHOD * -+SSLv2_client_method(void) -+{ -+ return (NULL); -+} -+ - # if PEDANTIC - static void *dummy = &dummy; - # endif ---- openssl-1.0.1/ssl/s2_srvr.c Fri May 8 09:38:02 2015 -+++ openssl-1.0.1/ssl/s2_srvr.c.new Fri May 8 09:53:43 2015 -@@ -1150,6 +1150,13 @@ - } - #else /* !OPENSSL_NO_SSL2 */ - -+/* stub function */ -+const SSL_METHOD * -+SSLv2_server_method(void) -+{ -+ return (NULL); -+} -+ - # if PEDANTIC - static void *dummy = &dummy; - # endif --- openssl-1.0.1/ssl/ssl.h Tue May 26 11:13:15 2015 +++ openssl-1.0.1/ssl/ssl.h.new Tue May 26 11:32:09 2015 @@ -2016,12 +2016,28 @@ diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1/patches/43_cve-2016-2177.patch --- a/components/openssl/openssl-1.0.1/patches/43_cve-2016-2177.patch Tue Sep 27 00:30:26 2016 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,214 +0,0 @@ -# The patch is based on the following commit from the upstream: -# https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7 -# The fix is patched until the new version becomes available -# from the upstream. ---- a/ssl/s3_srvr.c -+++ b/ssl/s3_srvr.c -@@ -1040,7 +1040,7 @@ int ssl3_get_client_hello(SSL *s) - - session_length = *(p + SSL3_RANDOM_SIZE); - -- if (p + SSL3_RANDOM_SIZE + session_length + 1 >= d + n) { -+ if (SSL3_RANDOM_SIZE + session_length + 1 >= (d + n) - p) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); - goto f_err; -@@ -1058,7 +1058,7 @@ int ssl3_get_client_hello(SSL *s) - /* get the session-id */ - j = *(p++); - -- if (p + j > d + n) { -+ if ((d + n) - p < j) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); - goto f_err; -@@ -1114,14 +1114,14 @@ int ssl3_get_client_hello(SSL *s) - - if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) { - /* cookie stuff */ -- if (p + 1 > d + n) { -+ if ((d + n) - p < 1) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); - goto f_err; - } - cookie_len = *(p++); - -- if (p + cookie_len > d + n) { -+ if ((d + n ) - p < cookie_len) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); - goto f_err; -@@ -1166,7 +1166,7 @@ int ssl3_get_client_hello(SSL *s) - p += cookie_len; - } - -- if (p + 2 > d + n) { -+ if ((d + n ) - p < 2) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); - goto f_err; -@@ -1180,7 +1180,7 @@ int ssl3_get_client_hello(SSL *s) - } - - /* i bytes of cipher data + 1 byte for compression length later */ -- if ((p + i + 1) > (d + n)) { -+ if ((d + n) - p < i + 1) { - /* not enough data */ - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); -@@ -1246,7 +1246,7 @@ int ssl3_get_client_hello(SSL *s) - - /* compression */ - i = *(p++); -- if ((p + i) > (d + n)) { -+ if ((d + n) - p < i) { - /* not enough data */ - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); ---- a/ssl/ssl_sess.c -+++ b/ssl/ssl_sess.c -@@ -602,7 +602,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, - int r; - #endif - -- if (session_id + len > limit) { -+ if (limit - session_id < len) { - fatal = 1; - goto err; - } ---- a/ssl/t1_lib.c -+++ b/ssl/t1_lib.c -@@ -942,11 +942,11 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, - 0x02, 0x03, /* SHA-1/ECDSA */ - }; - -- if (data >= (limit - 2)) -+ if (limit - data <= 2) - return; - data += 2; - -- if (data > (limit - 4)) -+ if (limit - data < 4) - return; - n2s(data, type); - n2s(data, size); -@@ -954,7 +954,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, - if (type != TLSEXT_TYPE_server_name) - return; - -- if (data + size > limit) -+ if (limit - data < size) - return; - data += size; - -@@ -962,7 +962,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, - const size_t len1 = sizeof(kSafariExtensionsBlock); - const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock); - -- if (data + len1 + len2 != limit) -+ if (limit - data != (int)(len1 + len2)) - return; - if (memcmp(data, kSafariExtensionsBlock, len1) != 0) - return; -@@ -971,7 +971,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, - } else { - const size_t len = sizeof(kSafariExtensionsBlock); - -- if (data + len != limit) -+ if (limit - data != (int)(len)) - return; - if (memcmp(data, kSafariExtensionsBlock, len) != 0) - return; -@@ -1019,19 +1019,19 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, - if (data == limit) - goto ri_check; - -- if (data > (limit - 2)) -+ if (limit - data < 2) - goto err; - - n2s(data, len); - -- if (data + len != limit) -+ if (limit - data != len) - goto err; - -- while (data <= (limit - 4)) { -+ while (limit - data >= 4) { - n2s(data, type); - n2s(data, size); - -- if (data + size > (limit)) -+ if (limit - data < size) - goto err; - # if 0 - fprintf(stderr, "Received extension type %d size %d\n", type, size); -@@ -1460,20 +1460,20 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, - SSL_TLSEXT_HB_DONT_SEND_REQUESTS); - # endif - -- if (data >= (d + n - 2)) -+ if ((d + n) - data <= 2) - goto ri_check; - - n2s(data, length); -- if (data + length != d + n) { -+ if ((d + n) - data != length) { - *al = SSL_AD_DECODE_ERROR; - return 0; - } - -- while (data <= (d + n - 4)) { -+ while ((d + n) - data >= 4) { - n2s(data, type); - n2s(data, size); - -- if (data + size > (d + n)) -+ if ((d + n) - data < size) - goto ri_check; - - if (s->tlsext_debug_cb) -@@ -2179,29 +2179,33 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, - /* Skip past DTLS cookie */ - if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) { - i = *(p++); -- p += i; -- if (p >= limit) -+ -+ if (limit - p <= i) - return -1; -+ -+ p += i; - } - /* Skip past cipher list */ - n2s(p, i); -- p += i; -- if (p >= limit) -+ if (limit - p <= i) - return -1; -+ p += i; -+ - /* Skip past compression algorithm list */ - i = *(p++); -- p += i; -- if (p > limit) -+ if (limit - p < i) - return -1; -+ p += i; -+ - /* Now at start of extensions */ -- if ((p + 2) >= limit) -+ if (limit - p <= 2) - return 0; - n2s(p, i); -- while ((p + 4) <= limit) { -+ while (limit - p >= 4) { - unsigned short type, size; - n2s(p, type); - n2s(p, size); -- if (p + size > limit) -+ if (limit - p < size) - return 0; - if (type == TLSEXT_TYPE_session_ticket) { - int r; diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1/patches/44_cve-2016-2178.patch --- a/components/openssl/openssl-1.0.1/patches/44_cve-2016-2178.patch Tue Sep 27 00:30:26 2016 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,28 +0,0 @@ -# The patch is based on the following commit from the upstream: -# https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2 -# The fix is patched until the new version becomes available -# from the upstream. ---- a/crypto/dsa/dsa_ossl.c 2016-06-20 08:06:46.793733045 -0700 -+++ b/crypto/dsa/dsa_ossl.c 2016-06-20 08:07:42.133601060 -0700 -@@ -248,9 +248,6 @@ - if (!BN_rand_range(&k, dsa->q)) - goto err; - while (BN_is_zero(&k)) ; -- if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { -- BN_set_flags(&k, BN_FLG_CONSTTIME); -- } - - if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { - if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, -@@ -282,6 +279,11 @@ - } else { - K = &k; - } -+ -+ if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { -+ BN_set_flags(K, BN_FLG_CONSTTIME); -+ } -+ - DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx, - dsa->method_mont_p); - if (!BN_mod(r, r, dsa->q, ctx)) diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1/patches/46_cve-2016-6302.patch --- a/components/openssl/openssl-1.0.1/patches/46_cve-2016-6302.patch Tue Sep 27 00:30:26 2016 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,30 +0,0 @@ -# The patch is based on the following commit from the upstream: -# https://github.com/openssl/openssl/commit/baaabfd8fdcec04a691695fad9a664bea43202b6 -# The fix is patched until the new version becomes available -# from the upstream. ---- a/ssl/t1_lib.c -+++ b/ssl/t1_lib.c -@@ -3401,9 +3401,7 @@ - HMAC_CTX hctx; - EVP_CIPHER_CTX ctx; - SSL_CTX *tctx = s->initial_ctx; -- /* Need at least keyname + iv + some encrypted data */ -- if (eticklen < 48) -- return 2; -+ - /* Initialize session ticket encryption and HMAC contexts */ - HMAC_CTX_init(&hctx); - EVP_CIPHER_CTX_init(&ctx); -@@ -3437,6 +3435,12 @@ - if (mlen < 0) { - goto err; - } -+ /* Sanity check ticket length: must exceed keyname + IV + HMAC */ -+ if (eticklen <= 16 + EVP_CIPHER_CTX_iv_length(&ctx) + mlen) { -+ HMAC_CTX_cleanup(&hctx); -+ EVP_CIPHER_CTX_cleanup(&ctx); -+ return 2; -+ } - eticklen -= mlen; - /* Check HMAC of encrypted ticket */ - if (HMAC_Update(&hctx, etick, eticklen) <= 0 diff -r f9de80b7cc17 -r 1d2ebf9515bd components/openssl/openssl-1.0.1/patches/48_large_crl.patch --- a/components/openssl/openssl-1.0.1/patches/48_large_crl.patch Tue Sep 27 00:30:26 2016 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,18 +0,0 @@ -# The patch is based on the following commit from the upstream: -# https://github.com/openssl/openssl/commit/a1eef756cc1948e -# The fix is patched until the new version becomes available from the upstream. ---- a/crypto/asn1/x_name.c 2016-07-12 15:17:45.766267352 -0700 -+++ b/crypto/asn1/x_name.c 2016-07-12 15:18:02.542842140 -0700 -@@ -199,10 +199,8 @@ - int i, j, ret; - STACK_OF(X509_NAME_ENTRY) *entries; - X509_NAME_ENTRY *entry; -- if (len > X509_NAME_MAX) { -- ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG); -- return 0; -- } -+ if (len > X509_NAME_MAX) -+ len = X509_NAME_MAX; - q = p; - - /* Get internal representation of Name */