Skip to content

Commit

Permalink
deps: upgrade openssl sources to OpenSSL_1_1_1n
Browse files Browse the repository at this point in the history
This updates all sources in deps/openssl/openssl by:
    $ git clone https://github.com/quictls/openssl
    $ cd openssl
    $ git checkout OpenSSL_1_1_1n+quic
    $ cd ../node/deps/openssl
    $ rm -rf openssl
    $ cp -R ../openssl openssl
    $ rm -rf openssl/.git* openssl/.travis*
    $ git add --all openssl
    $ git commit openssl

PR-URL: #42352
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000218.html
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Danielle Adams <[email protected]>
  • Loading branch information
hassaanp authored and richardlau committed Mar 17, 2022
1 parent e10e4fd commit 7a6a870
Show file tree
Hide file tree
Showing 61 changed files with 809 additions and 220 deletions.
37 changes: 37 additions & 0 deletions deps/openssl/openssl/CHANGES
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,43 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.

Changes between 1.1.1m and 1.1.1n [15 Mar 2022]

*) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
for non-prime moduli.

Internally this function is used when parsing certificates that contain
elliptic curve public keys in compressed form or explicit elliptic curve
parameters with a base point encoded in compressed form.

It is possible to trigger the infinite loop by crafting a certificate that
has invalid explicit curve parameters.

Since certificate parsing happens prior to verification of the certificate
signature, any process that parses an externally supplied certificate may
thus be subject to a denial of service attack. The infinite loop can also
be reached when parsing crafted private keys as they can contain explicit
elliptic curve parameters.

Thus vulnerable situations include:

- TLS clients consuming server certificates
- TLS servers consuming client certificates
- Hosting providers taking certificates or private keys from customers
- Certificate authorities parsing certification requests from subscribers
- Anything else which parses ASN.1 elliptic curve parameters

Also any other applications that use the BN_mod_sqrt() where the attacker
can control the parameter values are vulnerable to this DoS issue.
(CVE-2022-0778)
[Tomáš Mráz]

*) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489)
to the list of ciphersuites providing Perfect Forward Secrecy as
required by SECLEVEL >= 3.

[Dmitry Belyavskiy, Nicola Tuveri]

Changes between 1.1.1l and 1.1.1m [14 Dec 2021]

*) Avoid loading of a dynamic engine twice.
Expand Down
9 changes: 8 additions & 1 deletion deps/openssl/openssl/Configurations/10-main.conf
Original file line number Diff line number Diff line change
Expand Up @@ -988,6 +988,13 @@ my %targets = (
perlasm_scheme => "elf",
},

# riscv64 below refers to contemporary RISCV Architecture
# specifications,
"BSD-riscv64" => {
inherit_from => [ "BSD-generic64"],
perlasm_scheme => "linux64",
},

"bsdi-elf-gcc" => {
inherit_from => [ "BASE_unix", asm("x86_elf_asm") ],
CC => "gcc",
Expand Down Expand Up @@ -1765,7 +1772,7 @@ my %targets = (

disable => add('pinshared'),

apps_aux_src => "vms_term_sock.c",
apps_aux_src => "vms_term_sock.c vms_decc_argv.c",
apps_init_src => "vms_decc_init.c",
},

Expand Down
3 changes: 2 additions & 1 deletion deps/openssl/openssl/Configurations/descrip.mms.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -438,7 +438,8 @@ test : tests
DEFINE SRCTOP {- sourcedir() -}
DEFINE BLDTOP {- builddir() -}
DEFINE RESULT_D {- builddir(qw(test test-runs)) -}
DEFINE OPENSSL_ENGINES {- builddir("engines") -}
engines = F$PARSE("{- builddir("engines") -}","A.;",,,"syntax_only") - "A.;"
DEFINE OPENSSL_ENGINES 'engines'
DEFINE OPENSSL_DEBUG_MEMORY "on"
IF "$(VERBOSE)" .NES. "" THEN DEFINE VERBOSE "$(VERBOSE)"
$(PERL) {- sourcefile("test", "run_tests.pl") -} $(TESTS)
Expand Down
22 changes: 11 additions & 11 deletions deps/openssl/openssl/Configure
Original file line number Diff line number Diff line change
Expand Up @@ -3164,25 +3164,25 @@ sub resolve_config {
}
}

foreach (sort keys %all_keys) {
my $previous = $combined_inheritance{$_};
foreach my $key (sort keys %all_keys) {
my $previous = $combined_inheritance{$key};

# Current target doesn't have a value for the current key?
# Assign it the default combiner, the rest of this loop body
# will handle it just like any other coderef.
if (!exists $table{$target}->{$_}) {
$table{$target}->{$_} = $default_combiner;
if (!exists $table{$target}->{$key}) {
$table{$target}->{$key} = $default_combiner;
}

$table{$target}->{$_} = process_values($table{$target}->{$_},
$combined_inheritance{$_},
$target, $_);
unless(defined($table{$target}->{$_})) {
delete $table{$target}->{$_};
$table{$target}->{$key} = process_values($table{$target}->{$key},
$combined_inheritance{$key},
$target, $key);
unless(defined($table{$target}->{$key})) {
delete $table{$target}->{$key};
}
# if ($extra_checks &&
# $previous && !($add_called || $previous ~~ $table{$target}->{$_})) {
# warn "$_ got replaced in $target\n";
# $previous && !($add_called || $previous ~~ $table{$target}->{$key})) {
# warn "$key got replaced in $target\n";
# }
}

Expand Down
5 changes: 5 additions & 0 deletions deps/openssl/openssl/NEWS
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,11 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.

Major changes between OpenSSL 1.1.1m and OpenSSL 1.1.1n [15 Mar 2022]

o Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
forever for non-prime moduli ([CVE-2022-0778])

Major changes between OpenSSL 1.1.1l and OpenSSL 1.1.1m [14 Dec 2021]

o None
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/README-OpenSSL.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@

OpenSSL 1.1.1m 14 Dec 2021
OpenSSL 1.1.1n 15 Mar 2022

Copyright (c) 1998-2021 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ What This Is
This is a fork of [OpenSSL](https://www.openssl.org) to enable QUIC. In addition
to the website, the official source distribution is at
<https://github.com/openssl/openssl>. The OpenSSL `README` can be found at
[README-OpenSSL.md](https://github.com/quictls/openssl/blob/OpenSSL_1_1_1m%2Bquic/README-OpenSSL.md).
[README-OpenSSL.md](https://github.com/quictls/openssl/blob/OpenSSL_1_1_1n%2Bquic/README-OpenSSL.md).

This fork adds APIs that can be used by QUIC implementations for connection
handshakes. Quoting the IETF Working group
Expand Down
10 changes: 7 additions & 3 deletions deps/openssl/openssl/apps/apps.c
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
Expand Down Expand Up @@ -300,9 +300,13 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
int ui_flags = 0;
const char *prompt_info = NULL;
char *prompt;
int pw_min_len = PW_MIN_LENGTH;

if (cb_data != NULL && cb_data->prompt_info != NULL)
prompt_info = cb_data->prompt_info;
if (cb_data != NULL && cb_data->password != NULL
&& *(const char*)cb_data->password != '\0')
pw_min_len = 1;
prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
if (!prompt) {
BIO_printf(bio_err, "Out of memory\n");
Expand All @@ -317,12 +321,12 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
(void)UI_add_user_data(ui, cb_data);

ok = UI_add_input_string(ui, prompt, ui_flags, buf,
PW_MIN_LENGTH, bufsiz - 1);
pw_min_len, bufsiz - 1);

if (ok >= 0 && verify) {
buff = app_malloc(bufsiz, "password buffer");
ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
PW_MIN_LENGTH, bufsiz - 1, buf);
pw_min_len, bufsiz - 1, buf);
}
if (ok >= 0)
do {
Expand Down
6 changes: 2 additions & 4 deletions deps/openssl/openssl/apps/openssl.c
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
Expand Down Expand Up @@ -120,7 +120,6 @@ int main(int argc, char *argv[])
{
FUNCTION f, *fp;
LHASH_OF(FUNCTION) *prog = NULL;
char **copied_argv = NULL;
char *p, *pname;
char buf[1024];
const char *prompt;
Expand All @@ -137,7 +136,7 @@ int main(int argc, char *argv[])
bio_err = dup_bio_err(FORMAT_TEXT);

#if defined(OPENSSL_SYS_VMS) && defined(__DECC)
copied_argv = argv = copy_argv(&argc, argv);
argv = copy_argv(&argc, argv);
#elif defined(_WIN32)
/*
* Replace argv[] with UTF-8 encoded strings.
Expand Down Expand Up @@ -258,7 +257,6 @@ int main(int argc, char *argv[])
}
ret = 1;
end:
OPENSSL_free(copied_argv);
OPENSSL_free(default_config_file);
lh_FUNCTION_free(prog);
OPENSSL_free(arg.argv);
Expand Down
10 changes: 5 additions & 5 deletions deps/openssl/openssl/apps/passwd.c
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
Expand Down Expand Up @@ -407,7 +407,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
n >>= 1;
}
if (!EVP_DigestFinal_ex(md, buf, NULL))
return NULL;
goto err;

for (i = 0; i < 1000; i++) {
if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL))
Expand Down Expand Up @@ -633,7 +633,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt)
n >>= 1;
}
if (!EVP_DigestFinal_ex(md, buf, NULL))
return NULL;
goto err;

/* P sequence */
if (!EVP_DigestInit_ex(md2, sha, NULL))
Expand All @@ -644,7 +644,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt)
goto err;

if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
return NULL;
goto err;

if ((p_bytes = OPENSSL_zalloc(passwd_len)) == NULL)
goto err;
Expand All @@ -661,7 +661,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt)
goto err;

if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
return NULL;
goto err;

if ((s_bytes = OPENSSL_zalloc(salt_len)) == NULL)
goto err;
Expand Down
11 changes: 11 additions & 0 deletions deps/openssl/openssl/apps/s_client.c
Original file line number Diff line number Diff line change
Expand Up @@ -938,6 +938,7 @@ int s_client_main(int argc, char **argv)
struct timeval tv;
#endif
const char *servername = NULL;
char *sname_alloc = NULL;
int noservername = 0;
const char *alpn_in = NULL;
tlsextctx tlsextcbp = { NULL, 0 };
Expand Down Expand Up @@ -1588,6 +1589,15 @@ int s_client_main(int argc, char **argv)
"%s: -proxy argument malformed or ambiguous\n", prog);
goto end;
}
if (servername == NULL && !noservername) {
res = BIO_parse_hostserv(connectstr, &sname_alloc, NULL, BIO_PARSE_PRIO_HOST);
if (!res) {
BIO_printf(bio_err,
"%s: -connect argument malformed or ambiguous\n", prog);
goto end;
}
servername = sname_alloc;
}
} else {
int res = 1;
char *tmp_host = host, *tmp_port = port;
Expand Down Expand Up @@ -3149,6 +3159,7 @@ int s_client_main(int argc, char **argv)
#ifndef OPENSSL_NO_SRP
OPENSSL_free(srp_arg.srppassin);
#endif
OPENSSL_free(sname_alloc);
OPENSSL_free(connectstr);
OPENSSL_free(bindstr);
OPENSSL_free(bindhost);
Expand Down
4 changes: 2 additions & 2 deletions deps/openssl/openssl/apps/s_socket.c
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
Expand Down Expand Up @@ -147,7 +147,7 @@ int init_client(int *sock, const char *host, const char *port,
#endif

if (!BIO_connect(*sock, BIO_ADDRINFO_address(ai),
protocol == IPPROTO_TCP ? BIO_SOCK_NODELAY : 0)) {
BIO_ADDRINFO_protocol(ai) == IPPROTO_TCP ? BIO_SOCK_NODELAY : 0)) {
BIO_closesocket(*sock);
*sock = INVALID_SOCKET;
continue;
Expand Down
66 changes: 66 additions & 0 deletions deps/openssl/openssl/apps/vms_decc_argv.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
/*
* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/

#include <stdlib.h>
#include <openssl/crypto.h>
#include "apps.h" /* for app_malloc() and copy_argv() */

char **newargv = NULL;

static void cleanup_argv(void)
{
OPENSSL_free(newargv);
newargv = NULL;
}

char **copy_argv(int *argc, char *argv[])
{
/*-
* The note below is for historical purpose. On VMS now we always
* copy argv "safely."
*
* 2011-03-22 SMS.
* If we have 32-bit pointers everywhere, then we're safe, and
* we bypass this mess, as on non-VMS systems.
* Problem 1: Compaq/HP C before V7.3 always used 32-bit
* pointers for argv[].
* Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
* everywhere else, we always allocate and use a 64-bit
* duplicate of argv[].
* Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
* to NULL-terminate a 64-bit argv[]. (As this was written, the
* compiler ECO was available only on IA64.)
* Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
* 64-bit argv[argc] for NULL, and, if necessary, use a
* (properly) NULL-terminated (64-bit) duplicate of argv[].
* The same code is used in either case to duplicate argv[].
* Some of these decisions could be handled in preprocessing,
* but the code tends to get even uglier, and the penalty for
* deciding at compile- or run-time is tiny.
*/

int i, count = *argc;
char **p = newargv;

cleanup_argv();

newargv = app_malloc(sizeof(*newargv) * (count + 1), "argv copy");
if (newargv == NULL)
return NULL;

/* Register automatic cleanup on first use */
if (p == NULL)
OPENSSL_atexit(cleanup_argv);

for (i = 0; i < count; i++)
newargv[i] = argv[i];
newargv[i] = NULL;
*argc = i;
return newargv;
}
Loading

0 comments on commit 7a6a870

Please sign in to comment.