Skip to content

Commit

Permalink
deps: upgrade openssl sources to 1.1.1d
Browse files Browse the repository at this point in the history
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.0h.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: #29550
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
  • Loading branch information
sam-github committed Oct 1, 2019
1 parent 7ce316e commit 17d1d16
Show file tree
Hide file tree
Showing 323 changed files with 5,179 additions and 10,941 deletions.
111 changes: 108 additions & 3 deletions deps/openssl/openssl/CHANGES
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,101 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.

Changes between 1.1.1c and 1.1.1d [10 Sep 2019]

*) Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random
number generator (RNG). This was intended to include protection in the
event of a fork() system call in order to ensure that the parent and child
processes did not share the same RNG state. However this protection was not
being used in the default case.

A partial mitigation for this issue is that the output from a high
precision timer is mixed into the RNG state so the likelihood of a parent
and child process sharing state is significantly reduced.

If an application already calls OPENSSL_init_crypto() explicitly using
OPENSSL_INIT_ATFORK then this problem does not occur at all.
(CVE-2019-1549)
[Matthias St. Pierre]

*) For built-in EC curves, ensure an EC_GROUP built from the curve name is
used even when parsing explicit parameters, when loading a serialized key
or calling `EC_GROUP_new_from_ecpkparameters()`/
`EC_GROUP_new_from_ecparameters()`.
This prevents bypass of security hardening and performance gains,
especially for curves with specialized EC_METHODs.
By default, if a key encoded with explicit parameters is loaded and later
serialized, the output is still encoded with explicit parameters, even if
internally a "named" EC_GROUP is used for computation.
[Nicola Tuveri]

*) Compute ECC cofactors if not provided during EC_GROUP construction. Before
this change, EC_GROUP_set_generator would accept order and/or cofactor as
NULL. After this change, only the cofactor parameter can be NULL. It also
does some minimal sanity checks on the passed order.
(CVE-2019-1547)
[Billy Bob Brumley]

*) Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey.
An attack is simple, if the first CMS_recipientInfo is valid but the
second CMS_recipientInfo is chosen ciphertext. If the second
recipientInfo decodes to PKCS #1 v1.5 form plaintext, the correct
encryption key will be replaced by garbage, and the message cannot be
decoded, but if the RSA decryption fails, the correct encryption key is
used and the recipient will not notice the attack.
As a work around for this potential attack the length of the decrypted
key must be equal to the cipher default key length, in case the
certifiate is not given and all recipientInfo are tried out.
The old behaviour can be re-enabled in the CMS code by setting the
CMS_DEBUG_DECRYPT flag.
(CVE-2019-1563)
[Bernd Edlinger]

*) Early start up entropy quality from the DEVRANDOM seed source has been
improved for older Linux systems. The RAND subsystem will wait for
/dev/random to be producing output before seeding from /dev/urandom.
The seeded state is stored for future library initialisations using
a system global shared memory segment. The shared memory identifier
can be configured by defining OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID to
the desired value. The default identifier is 114.
[Paul Dale]

*) Correct the extended master secret constant on EBCDIC systems. Without this
fix TLS connections between an EBCDIC system and a non-EBCDIC system that
negotiate EMS will fail. Unfortunately this also means that TLS connections
between EBCDIC systems with this fix, and EBCDIC systems without this
fix will fail if they negotiate EMS.
[Matt Caswell]

*) Use Windows installation paths in the mingw builds

Mingw isn't a POSIX environment per se, which means that Windows
paths should be used for installation.
(CVE-2019-1552)
[Richard Levitte]

*) Changed DH_check to accept parameters with order q and 2q subgroups.
With order 2q subgroups the bit 0 of the private key is not secret
but DH_generate_key works around that by clearing bit 0 of the
private key for those. This avoids leaking bit 0 of the private key.
[Bernd Edlinger]

*) Significantly reduce secure memory usage by the randomness pools.
[Paul Dale]

*) Revert the DEVRANDOM_WAIT feature for Linux systems

The DEVRANDOM_WAIT feature added a select() call to wait for the
/dev/random device to become readable before reading from the
/dev/urandom device.

It turned out that this change had negative side effects on
performance which were not acceptable. After some discussion it
was decided to revert this feature and leave it up to the OS
resp. the platform maintainer to ensure a proper initialization
during early boot time.
[Matthias St. Pierre]

Changes between 1.1.1b and 1.1.1c [28 May 2019]

*) Add build tests for C++. These are generated files that only do one
Expand Down Expand Up @@ -75,6 +170,16 @@
(CVE-2019-1543)
[Matt Caswell]

*) Add DEVRANDOM_WAIT feature for Linux systems

On older Linux systems where the getrandom() system call is not available,
OpenSSL normally uses the /dev/urandom device for seeding its CSPRNG.
Contrary to getrandom(), the /dev/urandom device will not block during
early boot when the kernel CSPRNG has not been seeded yet.

To mitigate this known weakness, use select() to wait for /dev/random to
become readable before reading from /dev/urandom.

*) Ensure that SM2 only uses SM3 as digest algorithm
[Paul Yang]

Expand Down Expand Up @@ -322,7 +427,7 @@
SSL_set_ciphersuites()
[Matt Caswell]

*) Memory allocation failures consistenly add an error to the error
*) Memory allocation failures consistently add an error to the error
stack.
[Rich Salz]

Expand Down Expand Up @@ -6860,7 +6965,7 @@
reason texts, thereby removing some of the footprint that may not
be interesting if those errors aren't displayed anyway.

NOTE: it's still possible for any application or module to have it's
NOTE: it's still possible for any application or module to have its
own set of error texts inserted. The routines are there, just not
used by default when no-err is given.
[Richard Levitte]
Expand Down Expand Up @@ -8826,7 +8931,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
Changes between 0.9.6g and 0.9.6h [5 Dec 2002]

*) New function OPENSSL_cleanse(), which is used to cleanse a section of
memory from it's contents. This is done with a counter that will
memory from its contents. This is done with a counter that will
place alternating values in each byte. This can be used to solve
two issues: 1) the removal of calls to memset() by highly optimizing
compilers, and 2) cleansing with other values than 0, since those can
Expand Down
4 changes: 2 additions & 2 deletions deps/openssl/openssl/Configurations/00-base-templates.conf
Original file line number Diff line number Diff line change
Expand Up @@ -198,7 +198,7 @@ my %targets=(
bn_asm_src => "bn-586.s co-586.s x86-mont.s x86-gf2m.s",
ec_asm_src => "ecp_nistz256.c ecp_nistz256-x86.s",
des_asm_src => "des-586.s crypt586.s",
aes_asm_src => "aes-586.s vpaes-x86.s aesni-x86.s",
aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
bf_asm_src => "bf-586.s",
md5_asm_src => "md5-586.s",
cast_asm_src => "cast-586.s",
Expand All @@ -223,7 +223,7 @@ my %targets=(
cpuid_asm_src => "x86_64cpuid.s",
bn_asm_src => "asm/x86_64-gcc.c x86_64-mont.s x86_64-mont5.s x86_64-gf2m.s rsaz_exp.c rsaz-x86_64.s rsaz-avx2.s",
ec_asm_src => "ecp_nistz256.c ecp_nistz256-x86_64.s x25519-x86_64.s",
aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
md5_asm_src => "md5-x86_64.s",
sha1_asm_src => "sha1-x86_64.s sha256-x86_64.s sha512-x86_64.s sha1-mb-x86_64.s sha256-mb-x86_64.s",
rc4_asm_src => "rc4-x86_64.s rc4-md5-x86_64.s",
Expand Down
6 changes: 5 additions & 1 deletion deps/openssl/openssl/Configurations/10-main.conf
Original file line number Diff line number Diff line change
Expand Up @@ -1111,7 +1111,7 @@ my %targets = (
thread_scheme => "pthreads",
dso_scheme => "dlfcn",
shared_target => "self",
module_ldflags => "-Wl,-G,-bsymbolic,-bexpall",
module_ldflags => "-Wl,-G,-bsymbolic,-bnoentry",
shared_ldflag => "-Wl,-G,-bsymbolic,-bnoentry",
shared_defflag => "-Wl,-bE:",
shared_extension => ".so.\$(SHLIB_VERSION_NUMBER)",
Expand Down Expand Up @@ -1397,6 +1397,10 @@ my %targets = (
shared_extension => ".dll",
multilib => "",
apps_aux_src => add("win32_init.c"),
# "WOW" stands for "Windows on Windows", and that word engages
# some installation path heuristics in unix-Makefile.tmpl...
build_scheme => add("WOW", { separator => undef }),

},
"mingw64" => {
# As for OPENSSL_USE_APPLINK. Applink makes it possible to use
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/Configurations/15-ios.conf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#### iPhoneOS/iOS
#
# It takes recent enough XCode to use following two targets. It shouldn't
# It takes recent enough Xcode to use following two targets. It shouldn't
# be a problem by now, but if they don't work, original targets below
# that depend on manual definition of environment variables should still
# work...
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/Configurations/50-win-onecore.conf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Windows OneCore targets.
#
# OneCore is new API stability "contract" that transends Desktop, IoT and
# OneCore is new API stability "contract" that transcends Desktop, IoT and
# Mobile[?] Windows editions. It's a set up "umbrella" libraries that
# export subset of Win32 API that are common to all Windows 10 devices.
#
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/Configurations/common0.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
our @generated =
sort ( ( grep { defined $unified_info{generate}->{$_} }
sort keys %generatables ),
# Scripts are assumed to be generated, so add thhem too
# Scripts are assumed to be generated, so add them too
( grep { defined $unified_info{sources}->{$_} }
@{$unified_info{scripts}} ) );

Expand Down
106 changes: 102 additions & 4 deletions deps/openssl/openssl/Configurations/unix-Makefile.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,26 @@
our $dsoext = $target{dso_extension} || ".so";
our $makedepprog = $disabled{makedepend} ? undef : $config{makedepprog};

# $mingw_installroot and $mingw_commonroot is relevant for mingw only.
my $build_scheme = $target{build_scheme};
my $install_flavour = $build_scheme->[$#$build_scheme]; # last element
my $mingw_installenv = $install_flavour eq "WOW" ? "ProgramFiles(x86)"
: "ProgramW6432";
my $mingw_commonenv = $install_flavour eq "WOW" ? "CommonProgramFiles(x86)"
: "CommonProgramW6432";
our $mingw_installroot =
defined($ENV{$mingw_installenv}) ? $mingw_installenv : 'ProgramFiles';
our $mingw_commonroot =
defined($ENV{$mingw_commonenv}) ? $mingw_commonenv : 'CommonProgramFiles';
my $mingw_installdflt =
$install_flavour eq "WOW" ? "C:/Program Files (x86)"
: "C:/Program Files";
my $mingw_commondflt = "$mingw_installdflt/Common Files";

# expand variables early
$mingw_installroot = $ENV{$mingw_installroot} // $mingw_installdflt;
$mingw_commonroot = $ENV{$mingw_commonroot} // $mingw_commondflt;

sub windowsdll { $config{target} =~ /^(?:Cygwin|mingw)/ }

# Shared AIX support is special. We put libcrypto[64].so.ver into
Expand Down Expand Up @@ -132,6 +152,7 @@ APPS_OPENSSL={- use File::Spec::Functions;
# Normally it is left empty.
DESTDIR=

{- output_off() if $config{target} =~ /^mingw/; "" -}
# Do not edit these manually. Use Configure with --prefix or --openssldir
# to change this! Short explanation in the top comment in Configure
INSTALLTOP={- # $prefix is used in the OPENSSLDIR perl snippet
Expand Down Expand Up @@ -175,6 +196,83 @@ ENGINESDIR=$(libdir)/engines-{- $sover_dirname -}
# Convenience variable for those who want to set the rpath in shared
# libraries and applications
LIBRPATH=$(libdir)
{- output_on() if $config{target} =~ /^mingw/;
output_off() if $config{target} !~ /^mingw/;
"" -}
# Do not edit these manually. Use Configure with --prefix or --openssldir
# to change this! Short explanation in the top comment in Configure
INSTALLTOP_dev={- # $prefix is used in the OPENSSLDIR perl snippet
#
use File::Spec::Win32;
my $prefix_default = "$mingw_installroot/OpenSSL";
our $prefix =
File::Spec::Win32->canonpath($config{prefix}
|| $prefix_default);
our ($prefix_dev, $prefix_dir, $prefix_file) =
File::Spec::Win32->splitpath($prefix, 1);
$prefix =~ s|\\|/|g;
$prefix_dir =~ s|\\|/|g;
$prefix_dev -}
INSTALLTOP_dir={- my $x = File::Spec::Win32->canonpath($prefix_dir);
$x =~ s|\\|/|g;
$x -}
OPENSSLDIR_dev={- #
# The logic here is that if no --openssldir was given,
# OPENSSLDIR will get the value "$mingw_commonroot/SSL".
# If --openssldir was given and the value is an absolute
# path, OPENSSLDIR will get its value without change.
# If the value from --openssldir is a relative path,
# OPENSSLDIR will get $prefix with the --openssldir
# value appended as a subdirectory.
#
use File::Spec::Win32;
our $openssldir =
$config{openssldir} ?
(File::Spec::Win32->file_name_is_absolute($config{openssldir}) ?
File::Spec::Win32->canonpath($config{openssldir})
: File::Spec::Win32->catdir($prefix, $config{openssldir}))
: File::Spec::Win32->canonpath("$mingw_commonroot/SSL");
our ($openssldir_dev, $openssldir_dir, $openssldir_file) =
File::Spec::Win32->splitpath($openssldir, 1);
$openssldir =~ s|\\|/|g;
$openssldir_dir =~ s|\\|/|g;
$openssldir_dev -}
OPENSSLDIR_dir={- my $x = File::Spec::Win32->canonpath($openssldir_dir);
$x =~ s|\\|/|g;
$x -}
LIBDIR={- our $libdir = $config{libdir} || "lib";
File::Spec::Win32->file_name_is_absolute($libdir) ? "" : $libdir -}
ENGINESDIR_dev={- use File::Spec::Win32;
our $enginesdir =
File::Spec::Win32->catdir($prefix,$libdir,
"engines-$sover_dirname");
our ($enginesdir_dev, $enginesdir_dir, $enginesdir_file) =
File::Spec::Win32->splitpath($enginesdir, 1);
$enginesdir =~ s|\\|/|g;
$enginesdir_dir =~ s|\\|/|g;
$enginesdir_dev -}
ENGINESDIR_dir={- my $x = File::Spec::Win32->canonpath($enginesdir_dir);
$x =~ s|\\|/|g;
$x -}
# In a Windows environment, $(DESTDIR) is harder to contatenate with other
# directory variables, because both may contain devices. What we do here is
# to adapt INSTALLTOP, OPENSSLDIR and ENGINESDIR depending on if $(DESTDIR)
# has a value or not, to ensure that concatenation will always work further
# down.
ifneq "$(DESTDIR)" ""
INSTALLTOP=$(INSTALLTOP_dir)
OPENSSLDIR=$(OPENSSLDIR_dir)
ENGINESDIR=$(ENGINESDIR_dir)
else
INSTALLTOP=$(INSTALLTOP_dev)$(INSTALLTOP_dir)
OPENSSLDIR=$(OPENSSLDIR_dev)$(OPENSSLDIR_dir)
ENGINESDIR=$(ENGINESDIR_dev)$(ENGINESDIR_dir)
endif

# $(libdir) is chosen to be compatible with the GNU coding standards
libdir={- File::Spec::Win32->file_name_is_absolute($libdir)
? $libdir : '$(INSTALLTOP)/$(LIBDIR)' -}
{- output_on() if $config{target} !~ /^mingw/; "" -}

MANDIR=$(INSTALLTOP)/share/man
DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)
Expand Down Expand Up @@ -418,13 +516,13 @@ libclean:
clean: libclean
$(RM) $(PROGRAMS) $(TESTPROGS) $(ENGINES) $(SCRIPTS)
$(RM) $(GENERATED_MANDATORY) $(GENERATED)
-$(RM) `find . -name .git -prune -o -name '*{- $depext -}' -print`
-$(RM) `find . -name .git -prune -o -name '*{- $objext -}' -print`
-$(RM) `find . -name '*{- $depext -}' \! -name '.*' -print`
-$(RM) `find . -name '*{- $objext -}' \! -name '.*' -print`
$(RM) core
$(RM) tags TAGS doc-nits
$(RM) -r test/test-runs
$(RM) openssl.pc libcrypto.pc libssl.pc
-$(RM) `find . -name .git -prune -o -type l -print`
-$(RM) `find . -type l \! -name '.*' -print`
$(RM) $(TARFILE)

distclean: clean
Expand All @@ -449,7 +547,7 @@ uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
install_docs: install_man_docs install_html_docs

uninstall_docs: uninstall_man_docs uninstall_html_docs
$(RM) -r -v $(DESTDIR)$(DOCDIR)
$(RM) -r $(DESTDIR)$(DOCDIR)

install_ssldirs:
@$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(OPENSSLDIR)/certs
Expand Down
5 changes: 1 addition & 4 deletions deps/openssl/openssl/Configure
Original file line number Diff line number Diff line change
Expand Up @@ -87,9 +87,6 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lx
# linked openssl executable has rather debugging value than
# production quality.
#
# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
# provided to stack calls. Generates unique stack functions for
# each possible stack type.
# BN_LLONG use the type 'long long' in crypto/bn/bn.h
# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
# Following are set automatically by this script
Expand Down Expand Up @@ -145,13 +142,13 @@ my @gcc_devteam_warn = qw(
# -Wunused-macros -- no, too tricky for BN and _XOPEN_SOURCE etc
# -Wextended-offsetof -- no, needed in CMS ASN1 code
my @clang_devteam_warn = qw(
-Wno-unknown-warning-option
-Wswitch-default
-Wno-parentheses-equality
-Wno-language-extension-token
-Wno-extended-offsetof
-Wconditional-uninitialized
-Wincompatible-pointer-types-discards-qualifiers
-Wno-unknown-warning-option
-Wmissing-variable-declarations
);

Expand Down
Loading

0 comments on commit 17d1d16

Please sign in to comment.