Skip to content

Commit

Permalink
deps: upgrade openssl sources to OpenSSL_1_1_1p+quic
Browse files Browse the repository at this point in the history
This updates all sources in deps/openssl/openssl by:
    $ git clone https://github.com/quictls/openssl
    $ cd openssl
    $ git checkout OpenSSL_1_1_1p+quic
    $ cd ../node/deps/openssl
    $ rm -rf openssl
    $ cp -R ../openssl openssl
    $ rm -rf openssl/.git* openssl/.travis*
    $ git add --all openssl
    $ git commit openssl

PR-URL: nodejs/node#43535
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-June/000228.html
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Danielle Adams <[email protected]>
  • Loading branch information
RafaelGSS authored and guangwong committed Oct 10, 2022
1 parent 3be8841 commit c416845
Show file tree
Hide file tree
Showing 56 changed files with 1,312 additions and 840 deletions.
44 changes: 35 additions & 9 deletions deps/openssl/openssl/CHANGES
Original file line number Diff line number Diff line change
Expand Up @@ -7,18 +7,44 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.

Changes between 1.1.1o and 1.1.1p [21 Jun 2022]

*) In addition to the c_rehash shell command injection identified in
CVE-2022-1292, further bugs where the c_rehash script does not
properly sanitise shell metacharacters to prevent command injection have been
fixed.

When the CVE-2022-1292 was fixed it was not discovered that there
are other places in the script where the file names of certificates
being hashed were possibly passed to a command executed through the shell.

This script is distributed by some operating systems in a manner where
it is automatically executed. On such operating systems, an attacker
could execute arbitrary commands with the privileges of the script.

Use of the c_rehash script is considered obsolete and should be replaced
by the OpenSSL rehash command line tool.
(CVE-2022-2068)
[Daniel Fiala, Tomáš Mráz]

*) When OpenSSL TLS client is connecting without any supported elliptic
curves and TLS-1.3 protocol is disabled the connection will no longer fail
if a ciphersuite that does not use a key exchange based on elliptic
curves can be negotiated.
[Tomáš Mráz]

Changes between 1.1.1n and 1.1.1o [3 May 2022]

*) Fixed a bug in the c_rehash script which was not properly sanitising shell
metacharacters to prevent command injection. This script is distributed by
some operating systems in a manner where it is automatically executed. On
such operating systems, an attacker could execute arbitrary commands with the
privileges of the script.

Use of the c_rehash script is considered obsolete and should be replaced
by the OpenSSL rehash command line tool.
(CVE-2022-1292)
[Tomáš Mráz]
metacharacters to prevent command injection. This script is distributed
by some operating systems in a manner where it is automatically executed.
On such operating systems, an attacker could execute arbitrary commands
with the privileges of the script.

Use of the c_rehash script is considered obsolete and should be replaced
by the OpenSSL rehash command line tool.
(CVE-2022-1292)
[Tomáš Mráz]

Changes between 1.1.1m and 1.1.1n [15 Mar 2022]

Expand Down
7 changes: 7 additions & 0 deletions deps/openssl/openssl/Configurations/10-main.conf
Original file line number Diff line number Diff line change
Expand Up @@ -995,6 +995,13 @@ my %targets = (
perlasm_scheme => "linux64",
},

"BSD-aarch64" => {
inherit_from => [ "BSD-generic64", asm("aarch64_asm") ],
lib_cppflags => add("-DL_ENDIAN"),
bn_ops => "SIXTY_FOUR_BIT_LONG",
perlasm_scheme => "linux64",
},

"bsdi-elf-gcc" => {
inherit_from => [ "BASE_unix", asm("x86_elf_asm") ],
CC => "gcc",
Expand Down
6 changes: 6 additions & 0 deletions deps/openssl/openssl/NEWS
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.

Major changes between OpenSSL 1.1.1o and OpenSSL 1.1.1p [21 Jun 2022]

o Fixed additional bugs in the c_rehash script which was not properly
sanitising shell metacharacters to prevent command injection
(CVE-2022-2068)

Major changes between OpenSSL 1.1.1n and OpenSSL 1.1.1o [3 May 2022]

o Fixed a bug in the c_rehash script which was not properly sanitising
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/README-OpenSSL.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@

OpenSSL 1.1.1o 3 May 2022
OpenSSL 1.1.1p 21 Jun 2022

Copyright (c) 1998-2022 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ What This Is
This is a fork of [OpenSSL](https://www.openssl.org) to enable QUIC. In addition
to the website, the official source distribution is at
<https://github.com/openssl/openssl>. The OpenSSL `README` can be found at
[README-OpenSSL.md](https://github.com/quictls/openssl/blob/OpenSSL_1_1_1o%2Bquic/README-OpenSSL.md).
[README-OpenSSL.md](https://github.com/quictls/openssl/blob/OpenSSL_1_1_1p%2Bquic/README-OpenSSL.md).

This fork adds APIs that can be used by QUIC implementations for connection
handshakes. Quoting the IETF Working group
Expand Down
49 changes: 44 additions & 5 deletions deps/openssl/openssl/apps/s_server.c
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
Expand Down Expand Up @@ -2236,6 +2236,30 @@ static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
SSL_CTX_sess_get_cache_size(ssl_ctx));
}

static long int count_reads_callback(BIO *bio, int cmd, const char *argp,
int argi, long int argl, long int ret)
{
unsigned int *p_counter = (unsigned int *)BIO_get_callback_arg(bio);

switch (cmd) {
case BIO_CB_READ: /* No break here */
case BIO_CB_GETS:
if (p_counter != NULL)
++*p_counter;
break;
default:
break;
}

if (s_debug) {
BIO_set_callback_arg(bio, (char *)bio_s_out);
ret = bio_dump_callback(bio, cmd, argp, argi, argl, ret);
BIO_set_callback_arg(bio, (char *)p_counter);
}

return ret;
}

static int sv_body(int s, int stype, int prot, unsigned char *context)
{
char *buf = NULL;
Expand Down Expand Up @@ -2353,10 +2377,7 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
SSL_set_accept_state(con);
/* SSL_set_fd(con,s); */

if (s_debug) {
BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
}
BIO_set_callback(SSL_get_rbio(con), count_reads_callback);
if (s_msg) {
#ifndef OPENSSL_NO_SSL_TRACE
if (s_msg == 2)
Expand Down Expand Up @@ -2648,7 +2669,25 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
*/
if ((!async || !SSL_waiting_for_async(con))
&& !SSL_is_init_finished(con)) {
/*
* Count number of reads during init_ssl_connection.
* It helps us to distinguish configuration errors from errors
* caused by a client.
*/
unsigned int read_counter = 0;

BIO_set_callback_arg(SSL_get_rbio(con), (char *)&read_counter);
i = init_ssl_connection(con);
BIO_set_callback_arg(SSL_get_rbio(con), NULL);

/*
* If initialization fails without reads, then
* there was a fatal error in configuration.
*/
if (i <= 0 && read_counter == 0) {
ret = -1;
goto err;
}

if (i < 0) {
ret = 0;
Expand Down
3 changes: 2 additions & 1 deletion deps/openssl/openssl/config
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#!/bin/sh
# Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 1998-2022 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
Expand Down Expand Up @@ -709,6 +709,7 @@ case "$GUESSOS" in
ia64-*-*bsd*) OUT="BSD-ia64" ;;
x86_64-*-dragonfly*) OUT="BSD-x86_64" ;;
amd64-*-*bsd*) OUT="BSD-x86_64" ;;
arm64-*-*bsd*) OUT="BSD-aarch64" ;;
*86*-*-*bsd*) # mimic ld behaviour when it's looking for libc...
if [ -L /usr/lib/libc.so ]; then # [Free|Net]BSD
libc=/usr/lib/libc.so
Expand Down
Loading

0 comments on commit c416845

Please sign in to comment.