- rel 2; fixes CVE-2009-1377 CVE-2009-1378 CVE-2009-1379; enable tlsext and rfc3779 auto/aidath/openssl-0_9_8k-2 auto/th/openssl-0_9_8k-2 auto/ti/openssl-0_9_8k-2
authorArkadiusz Miśkiewicz <arekm@maven.pl>
Tue, 28 Jul 2009 15:44:54 +0000 (15:44 +0000)
committercvs2git <feedback@pld-linux.org>
Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
Changed files:
    openssl-CVE-2009-1377-1378-1379.patch -> 1.1
    openssl.spec -> 1.205

openssl-CVE-2009-1377-1378-1379.patch [new file with mode: 0644]
openssl.spec

diff --git a/openssl-CVE-2009-1377-1378-1379.patch b/openssl-CVE-2009-1377-1378-1379.patch
new file mode 100644 (file)
index 0000000..873071e
--- /dev/null
@@ -0,0 +1,83 @@
+diff -up openssl-0.9.8k/crypto/pqueue/pqueue.c.dtls-dos openssl-0.9.8k/crypto/pqueue/pqueue.c
+--- openssl-0.9.8k/crypto/pqueue/pqueue.c.dtls-dos     2005-06-28 14:53:33.000000000 +0200
++++ openssl-0.9.8k/crypto/pqueue/pqueue.c      2009-05-21 18:26:29.000000000 +0200
+@@ -234,3 +234,17 @@ pqueue_next(pitem **item)
+       return ret;
+       }
++
++int
++pqueue_size(pqueue_s *pq)
++{
++      pitem *item = pq->items;
++      int count = 0;
++      
++      while(item != NULL)
++      {
++              count++;
++              item = item->next;
++      }
++      return count;
++}
+diff -up openssl-0.9.8k/crypto/pqueue/pqueue.h.dtls-dos openssl-0.9.8k/crypto/pqueue/pqueue.h
+--- openssl-0.9.8k/crypto/pqueue/pqueue.h.dtls-dos     2009-04-21 11:43:58.000000000 +0200
++++ openssl-0.9.8k/crypto/pqueue/pqueue.h      2009-05-21 18:26:29.000000000 +0200
+@@ -91,5 +91,6 @@ pitem *pqueue_iterator(pqueue pq);
+ pitem *pqueue_next(piterator *iter);
+ void   pqueue_print(pqueue pq);
++int    pqueue_size(pqueue pq);
+ #endif /* ! HEADER_PQUEUE_H */
+diff -up openssl-0.9.8k/ssl/d1_both.c.dtls-dos openssl-0.9.8k/ssl/d1_both.c
+--- openssl-0.9.8k/ssl/d1_both.c.dtls-dos      2007-10-17 23:17:49.000000000 +0200
++++ openssl-0.9.8k/ssl/d1_both.c       2009-05-21 18:26:29.000000000 +0200
+@@ -519,6 +519,7 @@ dtls1_retrieve_buffered_fragment(SSL *s,
+       if ( s->d1->handshake_read_seq == frag->msg_header.seq)
+               {
++              unsigned long frag_len = frag->msg_header.frag_len;
+               pqueue_pop(s->d1->buffered_messages);
+               al=dtls1_preprocess_fragment(s,&frag->msg_header,max);
+@@ -536,7 +537,7 @@ dtls1_retrieve_buffered_fragment(SSL *s,
+               if (al==0)
+                       {
+                       *ok = 1;
+-                      return frag->msg_header.frag_len;
++                      return frag_len;
+                       }
+               ssl3_send_alert(s,SSL3_AL_FATAL,al);
+@@ -561,7 +562,16 @@ dtls1_process_out_of_seq_message(SSL *s,
+       if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
+               goto err;
+-      if (msg_hdr->seq <= s->d1->handshake_read_seq)
++      /* Try to find item in queue, to prevent duplicate entries */
++      pq_64bit_init(&seq64);
++      pq_64bit_assign_word(&seq64, msg_hdr->seq);
++      item = pqueue_find(s->d1->buffered_messages, seq64);
++      pq_64bit_free(&seq64);
++      
++      /* Discard the message if sequence number was already there, is
++       * too far in the future or the fragment is already in the queue */
++      if (msg_hdr->seq <= s->d1->handshake_read_seq ||
++              msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL)
+               {
+               unsigned char devnull [256];
+diff -up openssl-0.9.8k/ssl/d1_pkt.c.dtls-dos openssl-0.9.8k/ssl/d1_pkt.c
+--- openssl-0.9.8k/ssl/d1_pkt.c.dtls-dos       2009-04-21 11:44:02.000000000 +0200
++++ openssl-0.9.8k/ssl/d1_pkt.c        2009-05-21 18:26:29.000000000 +0200
+@@ -167,6 +167,10 @@ dtls1_buffer_record(SSL *s, record_pqueu
+     DTLS1_RECORD_DATA *rdata;
+       pitem *item;
++      /* Limit the size of the queue to prevent DOS attacks */
++      if (pqueue_size(queue->q) >= 100)
++              return 0;
++              
+       rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
+       item = pitem_new(priority, rdata);
+       if (rdata == NULL || item == NULL)
index 1a6c93ded1608e631a1b16de5bfc9ca42835fc07..a4a6041fd7faa837a349723d27c18f9a0df56220 100644 (file)
@@ -15,7 +15,7 @@ Summary(ru.UTF-8):    Библиотеки и утилиты для соедине
 Summary(uk.UTF-8):     Бібліотеки та утиліти для з'єднань через Secure Sockets Layer
 Name:          openssl
 Version:       0.9.8k
-Release:       1
+Release:       2
 License:       Apache-like
 Group:         Libraries
 Source0:       ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
@@ -32,13 +32,8 @@ Patch5:              %{name}-man-namespace.patch
 Patch6:                %{name}-asflag.patch
 Patch7:                %{name}-ca-certificates.patch
 Patch8:                %{name}-fips_install.patch
+Patch9:                %{name}-CVE-2009-1377-1378-1379.patch
 URL:           http://www.openssl.org/
-# problem with =< 1.0.0beta2
-# Fixes should be in sourcecode
-BuildRequires: security(CVE-2009-1377)
-BuildRequires: security(CVE-2009-1378)
-BuildRequires: security(CVE-2009-1379)
-##
 BuildRequires: bc
 BuildRequires: perl-devel >= 1:5.6.1
 BuildRequires: rpm-perlprov >= 4.1-13
@@ -207,6 +202,7 @@ RC4, RSA и SSL. Включает статические библиотеки д
 %patch6 -p1
 %patch7 -p1
 %patch8 -p0
+%patch9 -p1
 
 %{__perl} -pi -e 's#%{_prefix}/local/bin/perl#%{__perl}#g' \
        `grep -l -r "%{_prefix}/local/bin/perl" *`
@@ -227,7 +223,13 @@ OPTFLAGS="%{rpmcflags} %{?with_purify:-DPURIFY}" \
 %endif
        --lib=%{_lib} \
        shared threads \
-       enable-mdc2 enable-rc5 enable-tlsext \
+       enable-tlsext \
+       enable-seed \
+       enable-rfc3779 \
+       enable-cms \
+       enable-idea \
+       enable-mdc2 \
+       enable-rc5 \
 %ifarch %{ix86}
 %ifarch i386
        386 linux-elf
This page took 0.050928 seconds and 4 git commands to generate.