From 8db68e80cf9d7073790f9268f98694a01be47eec Mon Sep 17 00:00:00 2001 From: Baruch Siach Date: Sun, 21 Oct 2018 20:28:04 +0300 Subject: [PATCH 01/12] openssh: bump to version 7.9p1 Drop patch #1. uClibc no longer includes pthreads.h indirectly. Drop patch #2. The sys/param.h header is included indirectly through the local includes.h header since version 6.8p1. Signed-off-by: Baruch Siach Signed-off-by: Peter Korsgaard --- .../0001-fix-pam-uclibc-pthreads-clash.patch | 44 ----------------- .../openssh/0002-fix-howmany-include.patch | 49 ------------------- package/openssh/openssh.hash | 4 +- package/openssh/openssh.mk | 2 +- 4 files changed, 3 insertions(+), 96 deletions(-) delete mode 100644 package/openssh/0001-fix-pam-uclibc-pthreads-clash.patch delete mode 100644 package/openssh/0002-fix-howmany-include.patch diff --git a/package/openssh/0001-fix-pam-uclibc-pthreads-clash.patch b/package/openssh/0001-fix-pam-uclibc-pthreads-clash.patch deleted file mode 100644 index d9bc6e5d0c..0000000000 --- a/package/openssh/0001-fix-pam-uclibc-pthreads-clash.patch +++ /dev/null @@ -1,44 +0,0 @@ -When PAM is enabled, openssh makes its own static versions of pthreads -functions. But when built with a uclibc toolchain, pthreads.h gets -indirectly included. The clashing exported and static definitions of -the pthreads functions then cause a compile error. This patch fixes -the problem by changing the static pthread function names with macros -when the static functions are defined. - -Signed-off-by: Danomi Manchego - -diff -urN openssh-6.1p1.orig/auth-pam.c openssh-6.1p1/auth-pam.c ---- openssh-6.1p1.orig/auth-pam.c 2009-07-12 08:07:21.000000000 -0400 -+++ openssh-6.1p1/auth-pam.c 2012-09-15 19:49:47.677288199 -0400 -@@ -166,6 +166,7 @@ - sigdie("PAM: authentication thread exited uncleanly"); - } - -+#define pthread_exit pthread_exit_AVOID_UCLIBC_PTHREAD_CLASH - /* ARGSUSED */ - static void - pthread_exit(void *value) -@@ -173,6 +174,7 @@ - _exit(0); - } - -+#define pthread_create pthread_create_AVOID_UCLIBC_PTHREAD_CLASH - /* ARGSUSED */ - static int - pthread_create(sp_pthread_t *thread, const void *attr, -@@ -200,6 +202,7 @@ - } - } - -+#define pthread_cancel pthread_cancel_AVOID_UCLIBC_PTHREAD_CLASH - static int - pthread_cancel(sp_pthread_t thread) - { -@@ -207,6 +210,7 @@ - return (kill(thread, SIGTERM)); - } - -+#define pthread_join pthread_join_AVOID_UCLIBC_PTHREAD_CLASH - /* ARGSUSED */ - static int - pthread_join(sp_pthread_t thread, void **value) diff --git a/package/openssh/0002-fix-howmany-include.patch b/package/openssh/0002-fix-howmany-include.patch deleted file mode 100644 index 7a2a8e3202..0000000000 --- a/package/openssh/0002-fix-howmany-include.patch +++ /dev/null @@ -1,49 +0,0 @@ -Update patch from 2fea21799223d41605556858a95b55e69e9960ca to openssh -version 6.8p1 - -Signed-off-by: Gustavo Zacarias - -diff -Nura openssh-6.8p1.orig/openbsd-compat/bsd-poll.c openssh-6.8p1/openbsd-compat/bsd-poll.c ---- openssh-6.8p1.orig/openbsd-compat/bsd-poll.c 2015-03-18 07:11:46.184620677 -0300 -+++ openssh-6.8p1/openbsd-compat/bsd-poll.c 2015-03-18 07:12:29.120094555 -0300 -@@ -19,6 +19,7 @@ - #include "includes.h" - #if !defined(HAVE_POLL) - -+#include - #include - #include - #ifdef HAVE_SYS_SELECT_H -diff -Nura openssh-6.8p1.orig/sshd.c openssh-6.8p1/sshd.c ---- openssh-6.8p1.orig/sshd.c 2015-03-18 07:11:46.187620780 -0300 -+++ openssh-6.8p1/sshd.c 2015-03-18 07:13:11.889562735 -0300 -@@ -44,6 +44,7 @@ - - #include "includes.h" - -+#include - #include - #include - #include -diff -Nura openssh-6.8p1.orig/ssh-keyscan.c openssh-6.8p1/ssh-keyscan.c ---- openssh-6.8p1.orig/ssh-keyscan.c 2015-03-18 07:11:46.180620539 -0300 -+++ openssh-6.8p1/ssh-keyscan.c 2015-03-18 07:13:32.092256248 -0300 -@@ -9,6 +9,7 @@ - - #include "includes.h" - -+#include - #include - #include "openbsd-compat/sys-queue.h" - #include -diff -Nura openssh-6.8p1.orig/ssh-pkcs11-helper.c openssh-6.8p1/ssh-pkcs11-helper.c ---- openssh-6.8p1.orig/ssh-pkcs11-helper.c 2015-03-18 07:11:46.182620608 -0300 -+++ openssh-6.8p1/ssh-pkcs11-helper.c 2015-03-18 07:13:43.620651993 -0300 -@@ -17,6 +17,7 @@ - - #include "includes.h" - -+#include - #include - #ifdef HAVE_SYS_TIME_H - # include diff --git a/package/openssh/openssh.hash b/package/openssh/openssh.hash index 0b31f70ecc..26b143c059 100644 --- a/package/openssh/openssh.hash +++ b/package/openssh/openssh.hash @@ -1,4 +1,4 @@ -# From http://www.openssh.com/txt/release-7.8 (base64 encoded) -sha256 1a484bb15152c183bb2514e112aa30dd34138c3cfb032eee5490a66c507144ca openssh-7.8p1.tar.gz +# From http://www.openssh.com/txt/release-7.9 (base64 encoded) +sha256 6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad openssh-7.9p1.tar.gz # Locally calculated sha256 05a4c25ef464e19656c5259bd4f4da8428efab01044f3541b79fbb3ff209350f LICENCE diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk index bfa616bdd9..bc40481cf5 100644 --- a/package/openssh/openssh.mk +++ b/package/openssh/openssh.mk @@ -4,7 +4,7 @@ # ################################################################################ -OPENSSH_VERSION = 7.8p1 +OPENSSH_VERSION = 7.9p1 OPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable OPENSSH_LICENSE = BSD-3-Clause, BSD-2-Clause, Public Domain OPENSSH_LICENSE_FILES = LICENCE From 7765a297737982e44cf3a27ad9965af55928655e Mon Sep 17 00:00:00 2001 From: Markus Mayer Date: Thu, 20 Dec 2018 09:58:13 -0800 Subject: [PATCH 02/12] package/openssh: use BR2_SYSTEM_DEFAULT_PATH as default PATH We use the configuration option $(BR2_SYSTEM_DEFAULT_PATH) to set the default PATH in OpenSSH sessions. $(BR2_SYSTEM_DEFAULT_PATH) is a Kconfig string. So it is already quoted, which is exactly what we want. Signed-off-by: Markus Mayer Reviewed-by: "Yann E. MORIN" Signed-off-by: Thomas Petazzoni --- package/openssh/openssh.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk index bc40481cf5..e6b3ce7c33 100644 --- a/package/openssh/openssh.mk +++ b/package/openssh/openssh.mk @@ -11,6 +11,7 @@ OPENSSH_LICENSE_FILES = LICENCE OPENSSH_CONF_ENV = LD="$(TARGET_CC)" LDFLAGS="$(TARGET_CFLAGS)" OPENSSH_CONF_OPTS = \ --sysconfdir=/data/etc \ + --with-default-path=$(BR2_SYSTEM_DEFAULT_PATH) \ --disable-lastlog \ --disable-utmp \ --disable-utmpx \ From f24e5e1e74a721d797a672294bc4c7ca5b9442b4 Mon Sep 17 00:00:00 2001 From: Baruch Siach Date: Tue, 15 Jan 2019 13:17:53 +0200 Subject: [PATCH 03/12] package/openssh: add upstream security fix Fixes CVE-2018-20685: The scp client allows server to modify permissions of the target directory by using empty ("D0777 0 \n") or dot ("D0777 0 .\n") directory name. The bug reporter lists a number of related vulnerabilities that are not fixed yet: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt Signed-off-by: Baruch Siach Signed-off-by: Peter Korsgaard --- ...w-empty-incoming-filename-or-ones-th.patch | 39 +++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 package/openssh/0001-upstream-disallow-empty-incoming-filename-or-ones-th.patch diff --git a/package/openssh/0001-upstream-disallow-empty-incoming-filename-or-ones-th.patch b/package/openssh/0001-upstream-disallow-empty-incoming-filename-or-ones-th.patch new file mode 100644 index 0000000000..2b5a958d13 --- /dev/null +++ b/package/openssh/0001-upstream-disallow-empty-incoming-filename-or-ones-th.patch @@ -0,0 +1,39 @@ +From 6010c0303a422a9c5fa8860c061bf7105eb7f8b2 Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" +Date: Fri, 16 Nov 2018 03:03:10 +0000 +Subject: [PATCH] upstream: disallow empty incoming filename or ones that refer + to the + +current directory; based on report/patch from Harry Sintonen + +OpenBSD-Commit-ID: f27651b30eaee2df49540ab68d030865c04f6de9 +Signed-off-by: Baruch Siach +--- +Upstream status (openssh-portable): commit 6010c0303a422 + + scp.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/scp.c b/scp.c +index 60682c68769b..4f3fdcd3db89 100644 +--- a/scp.c ++++ b/scp.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: scp.c,v 1.197 2018/06/01 04:31:48 dtucker Exp $ */ ++/* $OpenBSD: scp.c,v 1.198 2018/11/16 03:03:10 djm Exp $ */ + /* + * scp - secure remote copy. This is basically patched BSD rcp which + * uses ssh to do the data transfer (instead of using rcmd). +@@ -1106,7 +1106,8 @@ sink(int argc, char **argv) + SCREWUP("size out of range"); + size = (off_t)ull; + +- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) { ++ if (*cp == '\0' || strchr(cp, '/') != NULL || ++ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) { + run_err("error: unexpected filename: %s", cp); + exit(1); + } +-- +2.20.1 + From 394726929026ccecd45ba96d25fa84f94ba940b9 Mon Sep 17 00:00:00 2001 From: Chris Lesiak Date: Mon, 17 Dec 2018 22:25:32 +0000 Subject: [PATCH 04/12] package/openssh: Set /var/empty permissions The openssh privilege separation feature, enabled by default, requires that the path /var/empty exists and has certain permissions (not writable by the sshd user). Note that nothing ever gets writting in this directory, so it works fine on a readonly rootfs. See README.privsep included as part of the openssh distribution. Signed-off-by: Chris Lesiak Signed-off-by: Arnout Vandecappelle (Essensium/Mind) --- package/openssh/openssh.mk | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk index e6b3ce7c33..28f5979fcb 100644 --- a/package/openssh/openssh.mk +++ b/package/openssh/openssh.mk @@ -23,6 +23,10 @@ define OPENSSH_USERS sshd -1 sshd -1 * - - - SSH drop priv user endef +define OPENSSH_PERMISSIONS + /var/empty d 755 root root - - - - - +endef + ifeq ($(BR2_TOOLCHAIN_SUPPORTS_PIE),) OPENSSH_CONF_OPTS += --without-pie endif From 2fca0905f4b95e8f6eb6a6057f9f1d7ae797b5ad Mon Sep 17 00:00:00 2001 From: Chris Lesiak Date: Wed, 6 Feb 2019 16:36:39 +0000 Subject: [PATCH 05/12] package/openssh: Add sysusers.d snippet Whether using the new sysusers.d snippet, or adding an entry to /etc/password, set the service's home directory to /var/empty. See README.privsep included as part of the openssh distribution. Signed-off-by: Chris Lesiak Signed-off-by: Arnout Vandecappelle (Essensium/Mind) --- package/openssh/openssh.mk | 16 ++++++++++++---- package/openssh/sshd-sysusers.conf | 1 + 2 files changed, 13 insertions(+), 4 deletions(-) create mode 100644 package/openssh/sshd-sysusers.conf diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk index 28f5979fcb..01978f551b 100644 --- a/package/openssh/openssh.mk +++ b/package/openssh/openssh.mk @@ -19,10 +19,6 @@ OPENSSH_CONF_OPTS = \ --disable-wtmpx \ --disable-strip -define OPENSSH_USERS - sshd -1 sshd -1 * - - - SSH drop priv user -endef - define OPENSSH_PERMISSIONS /var/empty d 755 root root - - - - - endef @@ -61,12 +57,24 @@ else OPENSSH_CONF_OPTS += --without-selinux endif +ifeq ($(BR2_PACKAGE_SYSTEMD_SYSUSERS),y) +define OPENSSH_INSTALL_SYSTEMD_SYSUSERS + $(INSTALL) -m 0644 -D package/openssh/sshd-sysusers.conf \ + $(TARGET_DIR)/usr/lib/sysusers.d/sshd.conf +endef +else +define OPENSSH_USERS + sshd -1 sshd -1 * /var/empty - - SSH drop priv user +endef +endif + define OPENSSH_INSTALL_INIT_SYSTEMD $(INSTALL) -D -m 644 package/openssh/sshd.service \ $(TARGET_DIR)/usr/lib/systemd/system/sshd.service mkdir -p $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants ln -fs ../../../../usr/lib/systemd/system/sshd.service \ $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/sshd.service + $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS) endef define OPENSSH_INSTALL_INIT_SYSV diff --git a/package/openssh/sshd-sysusers.conf b/package/openssh/sshd-sysusers.conf new file mode 100644 index 0000000000..ac77aec065 --- /dev/null +++ b/package/openssh/sshd-sysusers.conf @@ -0,0 +1 @@ +u sshd - "SSH drop priv user" /var/empty From 4695e4a155bb414a3520ea08cdeefb01181961c6 Mon Sep 17 00:00:00 2001 From: Baruch Siach Date: Tue, 12 Feb 2019 14:13:04 +0200 Subject: [PATCH 06/12] openssh: add upstream security fixes CVE-2019-6109: Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c. CVE-2019-6111: Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). Signed-off-by: Baruch Siach Signed-off-by: Peter Korsgaard --- ...e-scp-filenames-via-snmprintf.-To-do.patch | 275 ++++++++++++++++++ ...n-scp-client-that-filenames-sent-dur.patch | 186 ++++++++++++ 2 files changed, 461 insertions(+) create mode 100644 package/openssh/0002-upstream-Sanitize-scp-filenames-via-snmprintf.-To-do.patch create mode 100644 package/openssh/0003-upstream-check-in-scp-client-that-filenames-sent-dur.patch diff --git a/package/openssh/0002-upstream-Sanitize-scp-filenames-via-snmprintf.-To-do.patch b/package/openssh/0002-upstream-Sanitize-scp-filenames-via-snmprintf.-To-do.patch new file mode 100644 index 0000000000..e5d137ef11 --- /dev/null +++ b/package/openssh/0002-upstream-Sanitize-scp-filenames-via-snmprintf.-To-do.patch @@ -0,0 +1,275 @@ +From 5979bdfeca813dd7e997a1edb0f928d77ce70304 Mon Sep 17 00:00:00 2001 +From: "dtucker@openbsd.org" +Date: Wed, 23 Jan 2019 08:01:46 +0000 +Subject: [PATCH] upstream: Sanitize scp filenames via snmprintf. To do this we + move + +the progressmeter formatting outside of signal handler context and have the +atomicio callback called for EINTR too. bz#2434 with contributions from djm +and jjelen at redhat.com, ok djm@ + +OpenBSD-Commit-ID: 1af61c1f70e4f3bd8ab140b9f1fa699481db57d8 +Signed-off-by: Baruch Siach +--- +Upstream status (openssh-portable): backported from commit 8976f1c4b27 +--- + atomicio.c | 20 ++++++++++++++----- + progressmeter.c | 53 ++++++++++++++++++++++--------------------------- + progressmeter.h | 3 ++- + scp.c | 1 + + sftp-client.c | 16 ++++++++------- + 5 files changed, 51 insertions(+), 42 deletions(-) + +diff --git a/atomicio.c b/atomicio.c +index f854a06f5f50..d91bd7621c12 100644 +--- a/atomicio.c ++++ b/atomicio.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: atomicio.c,v 1.28 2016/07/27 23:18:12 djm Exp $ */ ++/* $OpenBSD: atomicio.c,v 1.29 2019/01/23 08:01:46 dtucker Exp $ */ + /* + * Copyright (c) 2006 Damien Miller. All rights reserved. + * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved. +@@ -65,9 +65,14 @@ atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n, + res = (f) (fd, s + pos, n - pos); + switch (res) { + case -1: +- if (errno == EINTR) ++ if (errno == EINTR) { ++ /* possible SIGALARM, update callback */ ++ if (cb != NULL && cb(cb_arg, 0) == -1) { ++ errno = EINTR; ++ return pos; ++ } + continue; +- if (errno == EAGAIN || errno == EWOULDBLOCK) { ++ } else if (errno == EAGAIN || errno == EWOULDBLOCK) { + #ifndef BROKEN_READ_COMPARISON + (void)poll(&pfd, 1, -1); + #endif +@@ -122,9 +127,14 @@ atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd, + res = (f) (fd, iov, iovcnt); + switch (res) { + case -1: +- if (errno == EINTR) ++ if (errno == EINTR) { ++ /* possible SIGALARM, update callback */ ++ if (cb != NULL && cb(cb_arg, 0) == -1) { ++ errno = EINTR; ++ return pos; ++ } + continue; +- if (errno == EAGAIN || errno == EWOULDBLOCK) { ++ } else if (errno == EAGAIN || errno == EWOULDBLOCK) { + #ifndef BROKEN_READV_COMPARISON + (void)poll(&pfd, 1, -1); + #endif +diff --git a/progressmeter.c b/progressmeter.c +index fe9bf52e4c90..add462dde500 100644 +--- a/progressmeter.c ++++ b/progressmeter.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: progressmeter.c,v 1.45 2016/06/30 05:17:05 dtucker Exp $ */ ++/* $OpenBSD: progressmeter.c,v 1.46 2019/01/23 08:01:46 dtucker Exp $ */ + /* + * Copyright (c) 2003 Nils Nordman. All rights reserved. + * +@@ -31,6 +31,7 @@ + + #include + #include ++#include + #include + #include + #include +@@ -39,6 +40,7 @@ + #include "progressmeter.h" + #include "atomicio.h" + #include "misc.h" ++#include "utf8.h" + + #define DEFAULT_WINSIZE 80 + #define MAX_WINSIZE 512 +@@ -61,7 +63,7 @@ static void setscreensize(void); + void refresh_progress_meter(void); + + /* signal handler for updating the progress meter */ +-static void update_progress_meter(int); ++static void sig_alarm(int); + + static double start; /* start progress */ + static double last_update; /* last progress update */ +@@ -74,6 +76,7 @@ static long stalled; /* how long we have been stalled */ + static int bytes_per_second; /* current speed in bytes per second */ + static int win_size; /* terminal window size */ + static volatile sig_atomic_t win_resized; /* for window resizing */ ++static volatile sig_atomic_t alarm_fired; + + /* units for format_size */ + static const char unit[] = " KMGT"; +@@ -126,9 +129,17 @@ refresh_progress_meter(void) + off_t bytes_left; + int cur_speed; + int hours, minutes, seconds; +- int i, len; + int file_len; + ++ if ((!alarm_fired && !win_resized) || !can_output()) ++ return; ++ alarm_fired = 0; ++ ++ if (win_resized) { ++ setscreensize(); ++ win_resized = 0; ++ } ++ + transferred = *counter - (cur_pos ? cur_pos : start_pos); + cur_pos = *counter; + now = monotime_double(); +@@ -158,16 +169,11 @@ refresh_progress_meter(void) + + /* filename */ + buf[0] = '\0'; +- file_len = win_size - 35; ++ file_len = win_size - 36; + if (file_len > 0) { +- len = snprintf(buf, file_len + 1, "\r%s", file); +- if (len < 0) +- len = 0; +- if (len >= file_len + 1) +- len = file_len; +- for (i = len; i < file_len; i++) +- buf[i] = ' '; +- buf[file_len] = '\0'; ++ buf[0] = '\r'; ++ snmprintf(buf+1, sizeof(buf)-1 , &file_len, "%*s", ++ file_len * -1, file); + } + + /* percent of transfer done */ +@@ -228,22 +234,11 @@ refresh_progress_meter(void) + + /*ARGSUSED*/ + static void +-update_progress_meter(int ignore) ++sig_alarm(int ignore) + { +- int save_errno; +- +- save_errno = errno; +- +- if (win_resized) { +- setscreensize(); +- win_resized = 0; +- } +- if (can_output()) +- refresh_progress_meter(); +- +- signal(SIGALRM, update_progress_meter); ++ signal(SIGALRM, sig_alarm); ++ alarm_fired = 1; + alarm(UPDATE_INTERVAL); +- errno = save_errno; + } + + void +@@ -259,10 +254,9 @@ start_progress_meter(const char *f, off_t filesize, off_t *ctr) + bytes_per_second = 0; + + setscreensize(); +- if (can_output()) +- refresh_progress_meter(); ++ refresh_progress_meter(); + +- signal(SIGALRM, update_progress_meter); ++ signal(SIGALRM, sig_alarm); + signal(SIGWINCH, sig_winch); + alarm(UPDATE_INTERVAL); + } +@@ -286,6 +280,7 @@ stop_progress_meter(void) + static void + sig_winch(int sig) + { ++ signal(SIGWINCH, sig_winch); + win_resized = 1; + } + +diff --git a/progressmeter.h b/progressmeter.h +index bf179dca6518..8f6678060195 100644 +--- a/progressmeter.h ++++ b/progressmeter.h +@@ -1,4 +1,4 @@ +-/* $OpenBSD: progressmeter.h,v 1.3 2015/01/14 13:54:13 djm Exp $ */ ++/* $OpenBSD: progressmeter.h,v 1.4 2019/01/23 08:01:46 dtucker Exp $ */ + /* + * Copyright (c) 2002 Nils Nordman. All rights reserved. + * +@@ -24,4 +24,5 @@ + */ + + void start_progress_meter(const char *, off_t, off_t *); ++void refresh_progress_meter(void); + void stop_progress_meter(void); +diff --git a/scp.c b/scp.c +index 4f3fdcd3db89..4a342a63873c 100644 +--- a/scp.c ++++ b/scp.c +@@ -585,6 +585,7 @@ scpio(void *_cnt, size_t s) + off_t *cnt = (off_t *)_cnt; + + *cnt += s; ++ refresh_progress_meter(); + if (limit_kbps > 0) + bandwidth_limit(&bwlimit, s); + return 0; +diff --git a/sftp-client.c b/sftp-client.c +index 4986d6d8d291..2bc698f868bc 100644 +--- a/sftp-client.c ++++ b/sftp-client.c +@@ -101,7 +101,9 @@ sftpio(void *_bwlimit, size_t amount) + { + struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit; + +- bandwidth_limit(bwlimit, amount); ++ refresh_progress_meter(); ++ if (bwlimit != NULL) ++ bandwidth_limit(bwlimit, amount); + return 0; + } + +@@ -121,8 +123,8 @@ send_msg(struct sftp_conn *conn, struct sshbuf *m) + iov[1].iov_base = (u_char *)sshbuf_ptr(m); + iov[1].iov_len = sshbuf_len(m); + +- if (atomiciov6(writev, conn->fd_out, iov, 2, +- conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_out) != ++ if (atomiciov6(writev, conn->fd_out, iov, 2, sftpio, ++ conn->limit_kbps > 0 ? &conn->bwlimit_out : NULL) != + sshbuf_len(m) + sizeof(mlen)) + fatal("Couldn't send packet: %s", strerror(errno)); + +@@ -138,8 +140,8 @@ get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial) + + if ((r = sshbuf_reserve(m, 4, &p)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); +- if (atomicio6(read, conn->fd_in, p, 4, +- conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) != 4) { ++ if (atomicio6(read, conn->fd_in, p, 4, sftpio, ++ conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) != 4) { + if (errno == EPIPE || errno == ECONNRESET) + fatal("Connection closed"); + else +@@ -157,8 +159,8 @@ get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial) + + if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); +- if (atomicio6(read, conn->fd_in, p, msg_len, +- conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) ++ if (atomicio6(read, conn->fd_in, p, msg_len, sftpio, ++ conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) + != msg_len) { + if (errno == EPIPE) + fatal("Connection closed"); +-- +2.20.1 + diff --git a/package/openssh/0003-upstream-check-in-scp-client-that-filenames-sent-dur.patch b/package/openssh/0003-upstream-check-in-scp-client-that-filenames-sent-dur.patch new file mode 100644 index 0000000000..98ce5cd876 --- /dev/null +++ b/package/openssh/0003-upstream-check-in-scp-client-that-filenames-sent-dur.patch @@ -0,0 +1,186 @@ +From f853123eda6b279a87be48e18bbea8dec82a94f2 Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" +Date: Sat, 26 Jan 2019 22:41:28 +0000 +Subject: [PATCH] upstream: check in scp client that filenames sent during + +remote->local directory copies satisfy the wildcard specified by the user. + +This checking provides some protection against a malicious server +sending unexpected filenames, but it comes at a risk of rejecting wanted +files due to differences between client and server wildcard expansion rules. + +For this reason, this also adds a new -T flag to disable the check. + +reported by Harry Sintonen +fix approach suggested by markus@; +has been in snaps for ~1wk courtesy deraadt@ + +OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda +Signed-off-by: Baruch Siach +--- +Upstream status (openssh-portable): backported from commit 8976f1c4b2 +--- + scp.1 | 12 +++++++++++- + scp.c | 37 +++++++++++++++++++++++++++++-------- + 2 files changed, 40 insertions(+), 9 deletions(-) + +diff --git a/scp.1 b/scp.1 +index 0e5cc1b2d675..397e7709195a 100644 +--- a/scp.1 ++++ b/scp.1 +@@ -18,7 +18,7 @@ + .Nd secure copy (remote file copy program) + .Sh SYNOPSIS + .Nm scp +-.Op Fl 346BCpqrv ++.Op Fl 346BCpqrTv + .Op Fl c Ar cipher + .Op Fl F Ar ssh_config + .Op Fl i Ar identity_file +@@ -208,6 +208,16 @@ to use for the encrypted connection. + The program must understand + .Xr ssh 1 + options. ++.It Fl T ++Disable strict filename checking. ++By default when copying files from a remote host to a local directory ++.Nm ++checks that the received filenames match those requested on the command-line ++to prevent the remote end from sending unexpected or unwanted files. ++Because of differences in how various operating systems and shells interpret ++filename wildcards, these checks may cause wanted files to be rejected. ++This option disables these checks at the expense of fully trusting that ++the server will not send unexpected filenames. + .It Fl v + Verbose mode. + Causes +diff --git a/scp.c b/scp.c +index 4a342a63873c..7b0a08efb274 100644 +--- a/scp.c ++++ b/scp.c +@@ -94,6 +94,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -375,14 +376,14 @@ void verifydir(char *); + struct passwd *pwd; + uid_t userid; + int errs, remin, remout; +-int pflag, iamremote, iamrecursive, targetshouldbedirectory; ++int Tflag, pflag, iamremote, iamrecursive, targetshouldbedirectory; + + #define CMDNEEDS 64 + char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ + + int response(void); + void rsource(char *, struct stat *); +-void sink(int, char *[]); ++void sink(int, char *[], const char *); + void source(int, char *[]); + void tolocal(int, char *[]); + void toremote(int, char *[]); +@@ -421,8 +422,9 @@ main(int argc, char **argv) + addargs(&args, "-oRemoteCommand=none"); + addargs(&args, "-oRequestTTY=no"); + +- fflag = tflag = 0; +- while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q12346S:o:F:")) != -1) ++ fflag = Tflag = tflag = 0; ++ while ((ch = getopt(argc, argv, ++ "dfl:prtTvBCc:i:P:q12346S:o:F:")) != -1) { + switch (ch) { + /* User-visible flags. */ + case '1': +@@ -501,9 +503,13 @@ main(int argc, char **argv) + setmode(0, O_BINARY); + #endif + break; ++ case 'T': ++ Tflag = 1; ++ break; + default: + usage(); + } ++ } + argc -= optind; + argv += optind; + +@@ -534,7 +540,7 @@ main(int argc, char **argv) + } + if (tflag) { + /* Receive data. */ +- sink(argc, argv); ++ sink(argc, argv, NULL); + exit(errs != 0); + } + if (argc < 2) +@@ -792,7 +798,7 @@ tolocal(int argc, char **argv) + continue; + } + free(bp); +- sink(1, argv + argc - 1); ++ sink(1, argv + argc - 1, src); + (void) close(remin); + remin = remout = -1; + } +@@ -968,7 +974,7 @@ rsource(char *name, struct stat *statp) + (sizeof(type) != 4 && sizeof(type) != 8)) + + void +-sink(int argc, char **argv) ++sink(int argc, char **argv, const char *src) + { + static BUF buffer; + struct stat stb; +@@ -984,6 +990,7 @@ sink(int argc, char **argv) + unsigned long long ull; + int setimes, targisdir, wrerrno = 0; + char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048]; ++ char *src_copy = NULL, *restrict_pattern = NULL; + struct timeval tv[2]; + + #define atime tv[0] +@@ -1008,6 +1015,17 @@ sink(int argc, char **argv) + (void) atomicio(vwrite, remout, "", 1); + if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) + targisdir = 1; ++ if (src != NULL && !iamrecursive && !Tflag) { ++ /* ++ * Prepare to try to restrict incoming filenames to match ++ * the requested destination file glob. ++ */ ++ if ((src_copy = strdup(src)) == NULL) ++ fatal("strdup failed"); ++ if ((restrict_pattern = strrchr(src_copy, '/')) != NULL) { ++ *restrict_pattern++ = '\0'; ++ } ++ } + for (first = 1;; first = 0) { + cp = buf; + if (atomicio(read, remin, cp, 1) != 1) +@@ -1112,6 +1130,9 @@ sink(int argc, char **argv) + run_err("error: unexpected filename: %s", cp); + exit(1); + } ++ if (restrict_pattern != NULL && ++ fnmatch(restrict_pattern, cp, 0) != 0) ++ SCREWUP("filename does not match request"); + if (targisdir) { + static char *namebuf; + static size_t cursize; +@@ -1149,7 +1170,7 @@ sink(int argc, char **argv) + goto bad; + } + vect[0] = xstrdup(np); +- sink(1, vect); ++ sink(1, vect, src); + if (setimes) { + setimes = 0; + if (utimes(vect[0], tv) < 0) +-- +2.20.1 + From 0429eaf76920107de47d32432705c968d41bcc9b Mon Sep 17 00:00:00 2001 From: Peter Korsgaard Date: Thu, 29 Nov 2018 15:47:40 +0100 Subject: [PATCH 07/12] libopenssl: security bump to version 1.0.2q Fixes the following security vulnerabilities: *) Microarchitecture timing vulnerability in ECC scalar multiplication OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown to be vulnerable to a microarchitecture timing side channel attack. An attacker with sufficient access to mount local timing attacks during ECDSA signature generation could recover the private key. This issue was reported to OpenSSL on 26th October 2018 by Alejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and Nicola Tuveri. (CVE-2018-5407) [Billy Brumley] *) Timing vulnerability in DSA signature generation The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser. (CVE-2018-0734) [Paul Dale] For more information, see the changelog: https://www.openssl.org/news/cl102.txt Signed-off-by: Peter Korsgaard --- package/libopenssl/libopenssl.hash | 8 ++++---- package/libopenssl/libopenssl.mk | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package/libopenssl/libopenssl.hash b/package/libopenssl/libopenssl.hash index 2b1e048751..83fb8bd513 100644 --- a/package/libopenssl/libopenssl.hash +++ b/package/libopenssl/libopenssl.hash @@ -1,7 +1,7 @@ -# From https://www.openssl.org/source/openssl-1.0.2p.tar.gz.sha256 -sha256 50a98e07b1a89eb8f6a99477f262df71c6fa7bef77df4dc83025a2845c827d00 openssl-1.0.2p.tar.gz -# From https://www.openssl.org/source/openssl-1.0.2p.tar.gz.sha1 -sha1 f34b5322e92415755c7d58bf5d0d5cf37666382c openssl-1.0.2p.tar.gz +# From https://www.openssl.org/source/openssl-1.0.2q.tar.gz.sha256 +sha256 5744cfcbcec2b1b48629f7354203bc1e5e9b5466998bbccc5b5fcde3b18eb684 openssl-1.0.2q.tar.gz +# From https://www.openssl.org/source/openssl-1.0.2q.tar.gz.sha1 +sha1 692f5f2f1b114f8adaadaa3e7be8cce1907f38c5 openssl-1.0.2q.tar.gz # Locally computed sha256 eddd8a5123748052c598214487ac178e4bfa4e31ba2ec520c70d59c8c5bfa2e9 openssl-1.0.2a-parallel-install-dirs.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d sha256 147c3eeaad614c044749ea527cb433eae5e2d5cad34a78c6ba61cd967bfbe01f openssl-1.0.2a-parallel-obj-headers.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d diff --git a/package/libopenssl/libopenssl.mk b/package/libopenssl/libopenssl.mk index d8e3dd8b56..ca0521b229 100644 --- a/package/libopenssl/libopenssl.mk +++ b/package/libopenssl/libopenssl.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBOPENSSL_VERSION = 1.0.2p +LIBOPENSSL_VERSION = 1.0.2q LIBOPENSSL_SITE = http://www.openssl.org/source LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz LIBOPENSSL_LICENSE = OpenSSL or SSLeay From 5d8f0d55a3d6c769e3ee53fefc0c55b3710356ae Mon Sep 17 00:00:00 2001 From: Joel Stanley Date: Mon, 10 Dec 2018 20:36:35 +1030 Subject: [PATCH 08/12] package/libopenssl: use HTTPS for URL The host forces HTTPS regardless. This can be seen in the build logs: >>> host-libopenssl 1.0.2q Downloading URL transformed to HTTPS due to an HSTS policy --2018-12-10 09:53:27-- https://www.openssl.org/source/openssl-1.0.2q.tar.gz Signed-off-by: Joel Stanley Signed-off-by: Thomas Petazzoni --- package/libopenssl/libopenssl.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package/libopenssl/libopenssl.mk b/package/libopenssl/libopenssl.mk index ca0521b229..dc15abf66a 100644 --- a/package/libopenssl/libopenssl.mk +++ b/package/libopenssl/libopenssl.mk @@ -5,7 +5,7 @@ ################################################################################ LIBOPENSSL_VERSION = 1.0.2q -LIBOPENSSL_SITE = http://www.openssl.org/source +LIBOPENSSL_SITE = https://www.openssl.org/source LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz LIBOPENSSL_LICENSE = OpenSSL or SSLeay LIBOPENSSL_LICENSE_FILES = LICENSE From ed98bc2fbb6dc65ab44ae82987756b560b8697e9 Mon Sep 17 00:00:00 2001 From: Peter Seiderer Date: Tue, 29 Jan 2019 10:39:19 +0100 Subject: [PATCH 09/12] libopenssl: bump version to 1.1.1a - use BR2_TOOLCHAIN_HAS_UCONTEXT This is used to set -DOPENSSL_NO_ASYNC if needed. - apply the CFLAGS correctly when compiling with -Os (bugfix). - use -latomic when needed This fixes the build for br-sparc-uclibc-2018.05 - don't use madvise() if no MMU Trying to do so results in undefined reference to madvise() as it is not available on uclibc without MMU. The original openssl code checks if a macro used in the madvise call is defined. The problem comes from the fact that the code in crypto/mem_sec.c also includes a kernel header defining the same macro unconditionally. Thus the check is always true in that case. Upstream: https://github.com/openssl/openssl/pull/8089 - don't compile test/fuzzers These binaries introduced with 1.1.x sometimes do not compile. This is the case with the br-arm-cortex-m4-full toolchain - don't build ocsp daemon if no MMU. Patch from Richard Levitte. - correctly enable cryptodev engine Thanks to Arnout Vandecappelle for spotting this. - remove all parallel build patches (openssl build-system changed) - rebased 0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch to apply to Configurations/unix-Makefile.tmpl (Makefile template) - removed 0002-cryptodev-Fix-issue-with-signature-generation.patch (upstream applied) - rebased 0003-Reproducible-build-do-not-leak-compiler-path.patch to apply to crypto/build.info (Makefile template) - fix musl/uclibc build failure, use '-DOPENSSL_NO_ASYNC' - remove legacy enable-tlsext configure option - remove target/host libdir configure options, fixes openssl.pc installation path, fixes wget compile - change legacy INSTALL_PREFIX to DESTDIR - remove 'libraries gets installed read only, so strip fails' workaround (not needed anymore) - change engine directory from /usr/lib/engines to /usr/lib/engines-1.1 - change license file hash, no license change, only the following hint was removed: Actually both licenses are BSD-style Open Source licenses. In case of any license issues related to OpenSSL please contact openssl-core@openssl.org. Signed-off-by: Peter Seiderer Tested-by: Ryan Coe Signed-off-by: Vadim Kochan Signed-off-by: Patrick Havelange Signed-off-by: Peter Korsgaard --- ...building-manpages-if-we-re-not-going.patch | 34 +- ...-Fix-issue-with-signature-generation.patch | 450 ------------------ ...ible-build-do-not-leak-compiler-path.patch | 31 +- ...ENSSL_NO_MADVISE-to-disable-call-to-.patch | 27 ++ ...the-same-HAVE_FORK-NO_FORK-as-in-spe.patch | 46 ++ package/libopenssl/libopenssl.hash | 15 +- package/libopenssl/libopenssl.mk | 59 ++- 7 files changed, 147 insertions(+), 515 deletions(-) delete mode 100644 package/libopenssl/0002-cryptodev-Fix-issue-with-signature-generation.patch create mode 100644 package/libopenssl/0004-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch create mode 100644 package/libopenssl/0005-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch diff --git a/package/libopenssl/0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch b/package/libopenssl/0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch index 10d2b7526c..f20b6f0834 100644 --- a/package/libopenssl/0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch +++ b/package/libopenssl/0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch @@ -1,27 +1,31 @@ -From 389efb564fa1453a9da835393eec9006bfae2a52 Mon Sep 17 00:00:00 2001 +From d8f104bffb0c4acb8c5fcdf49628f7d02ed48f7f Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Sat, 16 May 2015 18:53:51 +0200 -Subject: Dont waste time building manpages if we're not going to use em. +Subject: [PATCH] Dont waste time building manpages if we're not going to use + em. Signed-off-by: Ryan Barnett [Gustavo: update for parallel-build] + +[rebased on openssl-1.1.0h] +Signed-off-by: Peter Seiderer --- - Makefile.org | 2 +- + Configurations/unix-Makefile.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/Makefile.org b/Makefile.org -index 60f07cc..976ceaf 100644 ---- a/Makefile.org -+++ b/Makefile.org -@@ -527,7 +527,7 @@ dist: - dist_pem_h: - (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) +diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl +index 40cf2c3..777d9ca 100644 +--- a/Configurations/unix-Makefile.tmpl ++++ b/Configurations/unix-Makefile.tmpl +@@ -268,7 +268,7 @@ list-tests: + @echo "Tests are not supported with your chosen Configure options" + @ : {- output_on() if !$disabled{tests}; "" -} --install: install_docs install_sw -+install: install_sw +-install: install_sw install_ssldirs install_docs ++install: install_sw install_ssldirs + + uninstall: uninstall_docs uninstall_sw - install_sw: - @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ -- -1.9.1 +2.16.3 diff --git a/package/libopenssl/0002-cryptodev-Fix-issue-with-signature-generation.patch b/package/libopenssl/0002-cryptodev-Fix-issue-with-signature-generation.patch deleted file mode 100644 index 47295500c0..0000000000 --- a/package/libopenssl/0002-cryptodev-Fix-issue-with-signature-generation.patch +++ /dev/null @@ -1,450 +0,0 @@ -From 90fd7e8f1a316cda86ee442b43fcd7d5e5baeede Mon Sep 17 00:00:00 2001 -From: Gustavo Zacarias -Date: Sat, 16 May 2015 18:55:08 +0200 -Subject: cryptodev: Fix issue with signature generation - -Forward port of 0001-cryptodev-Fix-issue-with-signature-generation.patch -from http://rt.openssl.org/Ticket/Display.html?id=2770&user=guest&pass=guest -It was originally targetted at 1.0.2-beta3. - -Without this patch digest acceleration via cryptodev is broken. - -Signed-off-by: Gustavo Zacarias -Signed-off-by: Ryan Barnett ---- - crypto/engine/eng_cryptodev.c | 195 +++++++++++++++++++++++++++++++----------- - 1 file changed, 146 insertions(+), 49 deletions(-) - -diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c -index 926d95c..7021d9a 100644 ---- a/crypto/engine/eng_cryptodev.c -+++ b/crypto/engine/eng_cryptodev.c -@@ -2,6 +2,7 @@ - * Copyright (c) 2002 Bob Beck - * Copyright (c) 2002 Theo de Raadt - * Copyright (c) 2002 Markus Friedl -+ * Copyright (c) 2012 Nikos Mavrogiannopoulos - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without -@@ -72,7 +73,6 @@ struct dev_crypto_state { - struct session_op d_sess; - int d_fd; - # ifdef USE_CRYPTODEV_DIGESTS -- char dummy_mac_key[HASH_MAX_LEN]; - unsigned char digest_res[HASH_MAX_LEN]; - char *mac_data; - int mac_len; -@@ -189,8 +189,10 @@ static struct { - static struct { - int id; - int nid; -- int keylen; -+ int digestlen; - } digests[] = { -+#if 0 -+ /* HMAC is not supported */ - { - CRYPTO_MD5_HMAC, NID_hmacWithMD5, 16 - }, -@@ -198,15 +200,15 @@ static struct { - CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, 20 - }, - { -- CRYPTO_RIPEMD160_HMAC, NID_ripemd160, 16 -- /* ? */ -+ CRYPTO_SHA2_256_HMAC, NID_hmacWithSHA256, 32 - }, - { -- CRYPTO_MD5_KPDK, NID_undef, 0 -+ CRYPTO_SHA2_384_HMAC, NID_hmacWithSHA384, 48 - }, - { -- CRYPTO_SHA1_KPDK, NID_undef, 0 -+ CRYPTO_SHA2_512_HMAC, NID_hmacWithSHA512, 64 - }, -+#endif - { - CRYPTO_MD5, NID_md5, 16 - }, -@@ -214,6 +216,15 @@ static struct { - CRYPTO_SHA1, NID_sha1, 20 - }, - { -+ CRYPTO_SHA2_256, NID_sha256, 32 -+ }, -+ { -+ CRYPTO_SHA2_384, NID_sha384, 48 -+ }, -+ { -+ CRYPTO_SHA2_512, NID_sha512, 64 -+ }, -+ { - 0, NID_undef, 0 - }, - }; -@@ -288,13 +299,14 @@ static int get_cryptodev_ciphers(const int **cnids) - static int nids[CRYPTO_ALGORITHM_MAX]; - struct session_op sess; - int fd, i, count = 0; -+ unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN]; - - if ((fd = get_dev_crypto()) < 0) { - *cnids = NULL; - return (0); - } - memset(&sess, 0, sizeof(sess)); -- sess.key = (caddr_t) "123456789abcdefghijklmno"; -+ sess.key = (void*)fake_key; - - for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { - if (ciphers[i].nid == NID_undef) -@@ -327,18 +339,19 @@ static int get_cryptodev_digests(const int **cnids) - static int nids[CRYPTO_ALGORITHM_MAX]; - struct session_op sess; - int fd, i, count = 0; -+ unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN]; - - if ((fd = get_dev_crypto()) < 0) { - *cnids = NULL; - return (0); - } - memset(&sess, 0, sizeof(sess)); -- sess.mackey = (caddr_t) "123456789abcdefghijklmno"; -+ sess.mackey = fake_key; - for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { - if (digests[i].nid == NID_undef) - continue; - sess.mac = digests[i].id; -- sess.mackeylen = digests[i].keylen; -+ sess.mackeylen = 8; - sess.cipher = 0; - if (ioctl(fd, CIOCGSESSION, &sess) != -1 && - ioctl(fd, CIOCFSESSION, &sess.ses) != -1) -@@ -424,14 +437,14 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - cryp.ses = sess->ses; - cryp.flags = 0; - cryp.len = inl; -- cryp.src = (caddr_t) in; -- cryp.dst = (caddr_t) out; -+ cryp.src = (void*) in; -+ cryp.dst = (void*) out; - cryp.mac = 0; - - cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; - - if (ctx->cipher->iv_len) { -- cryp.iv = (caddr_t) ctx->iv; -+ cryp.iv = (void*) ctx->iv; - if (!ctx->encrypt) { - iiv = in + inl - ctx->cipher->iv_len; - memcpy(save_iv, iiv, ctx->cipher->iv_len); -@@ -483,7 +496,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - if ((state->d_fd = get_dev_crypto()) < 0) - return (0); - -- sess->key = (caddr_t) key; -+ sess->key = (void*)key; - sess->keylen = ctx->key_len; - sess->cipher = cipher; - -@@ -749,16 +762,6 @@ static int digest_nid_to_cryptodev(int nid) - return (0); - } - --static int digest_key_length(int nid) --{ -- int i; -- -- for (i = 0; digests[i].id; i++) -- if (digests[i].nid == nid) -- return digests[i].keylen; -- return (0); --} -- - static int cryptodev_digest_init(EVP_MD_CTX *ctx) - { - struct dev_crypto_state *state = ctx->md_data; -@@ -769,7 +772,6 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx) - printf("cryptodev_digest_init: Can't get digest \n"); - return (0); - } -- - memset(state, 0, sizeof(struct dev_crypto_state)); - - if ((state->d_fd = get_dev_crypto()) < 0) { -@@ -777,8 +779,8 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx) - return (0); - } - -- sess->mackey = state->dummy_mac_key; -- sess->mackeylen = digest_key_length(ctx->digest->type); -+ sess->mackey = NULL; -+ sess->mackeylen = 0; - sess->mac = digest; - - if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) { -@@ -794,8 +796,8 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx) - static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data, - size_t count) - { -- struct crypt_op cryp; - struct dev_crypto_state *state = ctx->md_data; -+ struct crypt_op cryp; - struct session_op *sess = &state->d_sess; - - if (!data || state->d_fd < 0) { -@@ -804,7 +806,7 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data, - } - - if (!count) { -- return (0); -+ return (1); - } - - if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) { -@@ -828,9 +830,9 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data, - cryp.ses = sess->ses; - cryp.flags = 0; - cryp.len = count; -- cryp.src = (caddr_t) data; -+ cryp.src = (void*) data; - cryp.dst = NULL; -- cryp.mac = (caddr_t) state->digest_res; -+ cryp.mac = (void*) state->digest_res; - if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) { - printf("cryptodev_digest_update: digest failed\n"); - return (0); -@@ -844,8 +846,6 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md) - struct dev_crypto_state *state = ctx->md_data; - struct session_op *sess = &state->d_sess; - -- int ret = 1; -- - if (!md || state->d_fd < 0) { - printf("cryptodev_digest_final: illegal input\n"); - return (0); -@@ -859,7 +859,7 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md) - cryp.len = state->mac_len; - cryp.src = state->mac_data; - cryp.dst = NULL; -- cryp.mac = (caddr_t) md; -+ cryp.mac = (void*)md; - if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) { - printf("cryptodev_digest_final: digest failed\n"); - return (0); -@@ -870,7 +870,7 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md) - - memcpy(md, state->digest_res, ctx->digest->md_size); - -- return (ret); -+ return 1; - } - - static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx) -@@ -921,8 +921,8 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) - - digest = digest_nid_to_cryptodev(to->digest->type); - -- sess->mackey = dstate->dummy_mac_key; -- sess->mackeylen = digest_key_length(to->digest->type); -+ sess->mackey = NULL; -+ sess->mackeylen = 0; - sess->mac = digest; - - dstate->d_fd = get_dev_crypto(); -@@ -947,32 +947,116 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) - - const EVP_MD cryptodev_sha1 = { - NID_sha1, -- NID_undef, -+ NID_sha1WithRSAEncryption, - SHA_DIGEST_LENGTH, -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif - EVP_MD_FLAG_ONESHOT, - cryptodev_digest_init, - cryptodev_digest_update, - cryptodev_digest_final, - cryptodev_digest_copy, - cryptodev_digest_cleanup, -- EVP_PKEY_NULL_method, -+ EVP_PKEY_RSA_method, - SHA_CBLOCK, -- sizeof(struct dev_crypto_state), -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), - }; - --const EVP_MD cryptodev_md5 = { -+static const EVP_MD cryptodev_sha256 = { -+ NID_sha256, -+ NID_sha256WithRSAEncryption, -+ SHA256_DIGEST_LENGTH, -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif -+ EVP_MD_FLAG_ONESHOT, -+ cryptodev_digest_init, -+ cryptodev_digest_update, -+ cryptodev_digest_final, -+ cryptodev_digest_copy, -+ cryptodev_digest_cleanup, -+ EVP_PKEY_RSA_method, -+ SHA256_CBLOCK, -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), -+}; -+ -+static const EVP_MD cryptodev_sha224 = { -+ NID_sha224, -+ NID_sha224WithRSAEncryption, -+ SHA224_DIGEST_LENGTH, -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif -+ EVP_MD_FLAG_ONESHOT, -+ cryptodev_digest_init, -+ cryptodev_digest_update, -+ cryptodev_digest_final, -+ cryptodev_digest_copy, -+ cryptodev_digest_cleanup, -+ EVP_PKEY_RSA_method, -+ SHA256_CBLOCK, -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), -+}; -+ -+static const EVP_MD cryptodev_sha384 = { -+ NID_sha384, -+ NID_sha384WithRSAEncryption, -+ SHA384_DIGEST_LENGTH, -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif -+ EVP_MD_FLAG_ONESHOT, -+ cryptodev_digest_init, -+ cryptodev_digest_update, -+ cryptodev_digest_final, -+ cryptodev_digest_copy, -+ cryptodev_digest_cleanup, -+ EVP_PKEY_RSA_method, -+ SHA512_CBLOCK, -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), -+}; -+ -+static const EVP_MD cryptodev_sha512 = { -+ NID_sha512, -+ NID_sha512WithRSAEncryption, -+ SHA512_DIGEST_LENGTH, -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif -+ EVP_MD_FLAG_ONESHOT, -+ cryptodev_digest_init, -+ cryptodev_digest_update, -+ cryptodev_digest_final, -+ cryptodev_digest_copy, -+ cryptodev_digest_cleanup, -+ EVP_PKEY_RSA_method, -+ SHA512_CBLOCK, -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), -+}; -+ -+static const EVP_MD cryptodev_md5 = { - NID_md5, -- NID_undef, -+ NID_md5WithRSAEncryption, - 16 /* MD5_DIGEST_LENGTH */ , -+#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT) -+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE| -+ EVP_MD_FLAG_DIGALGID_ABSENT| -+#endif - EVP_MD_FLAG_ONESHOT, - cryptodev_digest_init, - cryptodev_digest_update, - cryptodev_digest_final, - cryptodev_digest_copy, - cryptodev_digest_cleanup, -- EVP_PKEY_NULL_method, -+ EVP_PKEY_RSA_method, - 64 /* MD5_CBLOCK */ , -- sizeof(struct dev_crypto_state), -+ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), - }; - - # endif /* USE_CRYPTODEV_DIGESTS */ -@@ -992,6 +1076,18 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, - case NID_sha1: - *digest = &cryptodev_sha1; - break; -+ case NID_sha224: -+ *digest = &cryptodev_sha224; -+ break; -+ case NID_sha256: -+ *digest = &cryptodev_sha256; -+ break; -+ case NID_sha384: -+ *digest = &cryptodev_sha384; -+ break; -+ case NID_sha512: -+ *digest = &cryptodev_sha512; -+ break; - default: - # endif /* USE_CRYPTODEV_DIGESTS */ - *digest = NULL; -@@ -1022,7 +1118,7 @@ static int bn2crparam(const BIGNUM *a, struct crparam *crp) - return (1); - memset(b, 0, bytes); - -- crp->crp_p = (caddr_t) b; -+ crp->crp_p = (void*) b; - crp->crp_nbits = bits; - - for (i = 0, j = 0; i < a->top; i++) { -@@ -1277,7 +1373,7 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, - kop.crk_op = CRK_DSA_SIGN; - - /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ -- kop.crk_param[0].crp_p = (caddr_t) dgst; -+ kop.crk_param[0].crp_p = (void*)dgst; - kop.crk_param[0].crp_nbits = dlen * 8; - if (bn2crparam(dsa->p, &kop.crk_param[1])) - goto err; -@@ -1317,7 +1413,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, - kop.crk_op = CRK_DSA_VERIFY; - - /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ -- kop.crk_param[0].crp_p = (caddr_t) dgst; -+ kop.crk_param[0].crp_p = (void*)dgst; - kop.crk_param[0].crp_nbits = dlen * 8; - if (bn2crparam(dsa->p, &kop.crk_param[1])) - goto err; -@@ -1398,9 +1494,10 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) - goto err; - kop.crk_iparams = 3; - -- kop.crk_param[3].crp_p = (caddr_t) key; -- kop.crk_param[3].crp_nbits = keylen * 8; -+ kop.crk_param[3].crp_p = (void*) key; -+ kop.crk_param[3].crp_nbits = keylen; - kop.crk_oparams = 1; -+ dhret = keylen / 8; - - if (ioctl(fd, CIOCKEY, &kop) == -1) { - const DH_METHOD *meth = DH_OpenSSL(); -@@ -1470,7 +1567,7 @@ void ENGINE_load_cryptodev(void) - put_dev_crypto(fd); - - if (!ENGINE_set_id(engine, "cryptodev") || -- !ENGINE_set_name(engine, "BSD cryptodev engine") || -+ !ENGINE_set_name(engine, "cryptodev engine") || - !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || - !ENGINE_set_digests(engine, cryptodev_engine_digests) || - !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || --- -1.9.1 - diff --git a/package/libopenssl/0003-Reproducible-build-do-not-leak-compiler-path.patch b/package/libopenssl/0003-Reproducible-build-do-not-leak-compiler-path.patch index eff72c548a..820c2addf1 100644 --- a/package/libopenssl/0003-Reproducible-build-do-not-leak-compiler-path.patch +++ b/package/libopenssl/0003-Reproducible-build-do-not-leak-compiler-path.patch @@ -1,26 +1,29 @@ -From 875fcad2ad84877763cba86c1265b57679b878b0 Mon Sep 17 00:00:00 2001 +From b70be8c65365a8fc564226360d45adbbb29fc0af Mon Sep 17 00:00:00 2001 From: Peter Seiderer Date: Tue, 24 Oct 2017 16:58:32 +0200 Subject: [PATCH] Reproducible build: do not leak compiler path +Signed-off-by: Peter Seiderer + +[Rebased on openssl-1.1.1.a] Signed-off-by: Peter Seiderer --- - crypto/Makefile | 2 +- + crypto/build.info | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/crypto/Makefile b/crypto/Makefile -index 7869996..7e63291 100644 ---- a/crypto/Makefile -+++ b/crypto/Makefile -@@ -55,7 +55,7 @@ top: - all: shared +diff --git a/crypto/build.info b/crypto/build.info +index 2c619c6..49ca6ab 100644 +--- a/crypto/build.info ++++ b/crypto/build.info +@@ -10,7 +10,7 @@ EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \ + ppccpuid.pl pariscid.pl alphacpuid.pl arm64cpuid.pl armv4cpuid.pl - buildinf.h: ../Makefile -- $(PERL) $(TOP)/util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)" >buildinf.h -+ $(PERL) $(TOP)/util/mkbuildinf.pl "$$(basename $(CC)) $(CFLAGS)" "$(PLATFORM)" >buildinf.h + DEPEND[cversion.o]=buildinf.h +-GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC) $(LIB_CFLAGS) $(CPPFLAGS_Q)" "$(PLATFORM)" ++GENERATE[buildinf.h]=../util/mkbuildinf.pl "$$(basename $(CC)) $(LIB_CFLAGS) $(CPPFLAGS_Q)" "$(PLATFORM)" + DEPEND[buildinf.h]=../configdata.pm - x86cpuid.s: x86cpuid.pl perlasm/x86asm.pl - $(PERL) x86cpuid.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@ + GENERATE[uplink-x86.s]=../ms/uplink-x86.pl $(PERLASM_SCHEME) -- -2.11.0 +2.20.1 diff --git a/package/libopenssl/0004-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch b/package/libopenssl/0004-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch new file mode 100644 index 0000000000..c51a3cd684 --- /dev/null +++ b/package/libopenssl/0004-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch @@ -0,0 +1,27 @@ +From 1281ffc7959bd2070563e17a52ee4424196d885c Mon Sep 17 00:00:00 2001 +From: Patrick Havelange +Date: Wed, 23 Jan 2019 12:21:21 +0100 +Subject: [PATCH] Introduce the OPENSSL_NO_MADVISE to disable call to madvise() + +Upstream: https://github.com/openssl/openssl/pull/8089 +Signed-off-by: Patrick Havelange +--- + crypto/mem_sec.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c +index 9e0f670..32c7282 100644 +--- a/crypto/mem_sec.c ++++ b/crypto/mem_sec.c +@@ -485,7 +485,7 @@ static int sh_init(size_t size, int minsize) + if (mlock(sh.arena, sh.arena_size) < 0) + ret = 2; + #endif +-#ifdef MADV_DONTDUMP ++#if defined(MADV_DONTDUMP) && !defined(OPENSSL_NO_MADVISE) + if (madvise(sh.arena, sh.arena_size, MADV_DONTDUMP) < 0) + ret = 2; + #endif +-- +2.17.1 + diff --git a/package/libopenssl/0005-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch b/package/libopenssl/0005-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch new file mode 100644 index 0000000000..83989fe742 --- /dev/null +++ b/package/libopenssl/0005-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch @@ -0,0 +1,46 @@ +From 4c992673890f1d1ecb9aa46112b2ca80db016b67 Mon Sep 17 00:00:00 2001 +From: Richard Levitte +Date: Mon, 12 Nov 2018 18:16:27 +0100 +Subject: [PATCH] apps/ocsp.c Use the same HAVE_FORK / NO_FORK as in speed.c + +This allows the user to override our defaults if needed, and in a +consistent manner. + +Partial fix for #7607 + +Upstream: https://github.com/openssl/openssl/pull/7624 +Signed-off-by: Patrick Havelange +--- + apps/ocsp.c | 16 +++++++++++++++- + 1 file changed, 15 insertions(+), 1 deletion(-) + +diff --git a/apps/ocsp.c b/apps/ocsp.c +index 7fd78624bb..315b072932 100644 +--- a/apps/ocsp.c ++++ b/apps/ocsp.c +@@ -36,7 +36,21 @@ NON_EMPTY_TRANSLATION_UNIT + # include + # include + +-# if defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_NO_SOCK) \ ++#ifndef HAVE_FORK ++# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) ++# define HAVE_FORK 0 ++# else ++# define HAVE_FORK 1 ++# endif ++#endif ++ ++#if HAVE_FORK ++# undef NO_FORK ++#else ++# define NO_FORK ++#endif ++ ++# if !defined(NO_FORK) && !defined(OPENSSL_NO_SOCK) \ + && !defined(OPENSSL_NO_POSIX_IO) + # define OCSP_DAEMON + # include +-- +2.17.1 + diff --git a/package/libopenssl/libopenssl.hash b/package/libopenssl/libopenssl.hash index 83fb8bd513..568d7e8b52 100644 --- a/package/libopenssl/libopenssl.hash +++ b/package/libopenssl/libopenssl.hash @@ -1,10 +1,5 @@ -# From https://www.openssl.org/source/openssl-1.0.2q.tar.gz.sha256 -sha256 5744cfcbcec2b1b48629f7354203bc1e5e9b5466998bbccc5b5fcde3b18eb684 openssl-1.0.2q.tar.gz -# From https://www.openssl.org/source/openssl-1.0.2q.tar.gz.sha1 -sha1 692f5f2f1b114f8adaadaa3e7be8cce1907f38c5 openssl-1.0.2q.tar.gz -# Locally computed -sha256 eddd8a5123748052c598214487ac178e4bfa4e31ba2ec520c70d59c8c5bfa2e9 openssl-1.0.2a-parallel-install-dirs.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d -sha256 147c3eeaad614c044749ea527cb433eae5e2d5cad34a78c6ba61cd967bfbe01f openssl-1.0.2a-parallel-obj-headers.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d -sha256 30cb49489de5041841a74da9155cd4fabfbce33237262ba7cd23974314ae2956 openssl-1.0.2a-parallel-symlinking.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d -sha256 deaf6f3af41874ecc6d63841ea14b8e6c71cea81d4a511a754bc90c9a993147f openssl-1.0.2d-parallel-build.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d -sha256 c8f60f4842bbad0353f5d81620e72b168b5638ca3a0a999f5da113b22491612e LICENSE +# From https://www.openssl.org/source/openssl-1.1.1a.tar.gz.sha256 +sha256 fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41 openssl-1.1.1a.tar.gz + +# License files +sha256 350c7817af2ef980d3f3922bc5e0bb6a9d9f6cc21e784a699bcd2a31c74a84b1 LICENSE diff --git a/package/libopenssl/libopenssl.mk b/package/libopenssl/libopenssl.mk index dc15abf66a..0bfc74ed0e 100644 --- a/package/libopenssl/libopenssl.mk +++ b/package/libopenssl/libopenssl.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBOPENSSL_VERSION = 1.0.2q +LIBOPENSSL_VERSION = 1.1.1a LIBOPENSSL_SITE = https://www.openssl.org/source LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz LIBOPENSSL_LICENSE = OpenSSL or SSLeay @@ -15,11 +15,6 @@ HOST_LIBOPENSSL_DEPENDENCIES = host-zlib LIBOPENSSL_TARGET_ARCH = generic32 LIBOPENSSL_CFLAGS = $(TARGET_CFLAGS) LIBOPENSSL_PROVIDES = openssl -LIBOPENSSL_PATCH = \ - https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2d-parallel-build.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d \ - https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2a-parallel-obj-headers.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d \ - https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2a-parallel-install-dirs.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d \ - https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d # relocation truncated to fit: R_68K_GOT16O ifeq ($(BR2_m68k_cf),y) @@ -27,14 +22,31 @@ LIBOPENSSL_CFLAGS += -mxgot endif ifeq ($(BR2_USE_MMU),) -LIBOPENSSL_CFLAGS += -DHAVE_FORK=0 +LIBOPENSSL_CFLAGS += -DHAVE_FORK=0 -DOPENSSL_NO_MADVISE endif ifeq ($(BR2_PACKAGE_HAS_CRYPTODEV),y) -LIBOPENSSL_CFLAGS += -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS LIBOPENSSL_DEPENDENCIES += cryptodev endif +# fixes the following build failures: +# +# - musl +# ./libcrypto.so: undefined reference to `getcontext' +# ./libcrypto.so: undefined reference to `setcontext' +# ./libcrypto.so: undefined reference to `makecontext' +# +# - uclibc: +# crypto/async/arch/../arch/async_posix.h:32:5: error: unknown type name ‘ucontext_t’ +# + +ifeq ($(BR2_TOOLCHAIN_USES_MUSL),y) +LIBOPENSSL_CFLAGS += -DOPENSSL_NO_ASYNC +endif +ifeq ($(BR2_TOOLCHAIN_HAS_UCONTEXT),) +LIBOPENSSL_CFLAGS += -DOPENSSL_NO_ASYNC +endif + # Some architectures are optimized in OpenSSL # Doesn't work for thumb-only (Cortex-M?) ifeq ($(BR2_ARM_CPU_HAS_ARM),y) @@ -65,11 +77,13 @@ define HOST_LIBOPENSSL_CONFIGURE_CMDS ./config \ --prefix=$(HOST_DIR) \ --openssldir=$(HOST_DIR)/etc/ssl \ - --libdir=/lib \ + no-tests \ + no-fuzz-libfuzzer \ + no-fuzz-afl \ shared \ zlib-dynamic \ ) - $(SED) "s#-O[0-9]#$(HOST_CFLAGS)#" $(@D)/Makefile + $(SED) "s#-O[0-9s]#$(HOST_CFLAGS)#" $(@D)/Makefile endef define LIBOPENSSL_CONFIGURE_CMDS @@ -80,18 +94,21 @@ define LIBOPENSSL_CONFIGURE_CMDS linux-$(LIBOPENSSL_TARGET_ARCH) \ --prefix=/usr \ --openssldir=/etc/ssl \ - --libdir=/lib \ + $(if $(BR2_TOOLCHAIN_HAS_LIBATOMIC),-latomic) \ $(if $(BR2_TOOLCHAIN_HAS_THREADS),threads,no-threads) \ $(if $(BR2_STATIC_LIBS),no-shared,shared) \ + $(if $(BR2_PACKAGE_HAS_CRYPTODEV),enable-devcryptoeng) \ no-rc5 \ enable-camellia \ enable-mdc2 \ - enable-tlsext \ + no-tests \ + no-fuzz-libfuzzer \ + no-fuzz-afl \ $(if $(BR2_STATIC_LIBS),zlib,zlib-dynamic) \ $(if $(BR2_STATIC_LIBS),no-dso) \ ) $(SED) "s#-march=[-a-z0-9] ##" -e "s#-mcpu=[-a-z0-9] ##g" $(@D)/Makefile - $(SED) "s#-O[0-9]#$(LIBOPENSSL_CFLAGS)#" $(@D)/Makefile + $(SED) "s#-O[0-9s]#$(LIBOPENSSL_CFLAGS)#" $(@D)/Makefile $(SED) "s# build_tests##" $(@D)/Makefile endef @@ -112,7 +129,7 @@ define LIBOPENSSL_BUILD_CMDS endef define LIBOPENSSL_INSTALL_STAGING_CMDS - $(TARGET_MAKE_ENV) $(MAKE) -C $(@D) INSTALL_PREFIX=$(STAGING_DIR) install + $(TARGET_MAKE_ENV) $(MAKE) -C $(@D) DESTDIR=$(STAGING_DIR) install endef define HOST_LIBOPENSSL_INSTALL_CMDS @@ -120,7 +137,7 @@ define HOST_LIBOPENSSL_INSTALL_CMDS endef define LIBOPENSSL_INSTALL_TARGET_CMDS - $(TARGET_MAKE_ENV) $(MAKE) -C $(@D) INSTALL_PREFIX=$(TARGET_DIR) install + $(TARGET_MAKE_ENV) $(MAKE) -C $(@D) DESTDIR=$(TARGET_DIR) install rm -rf $(TARGET_DIR)/usr/lib/ssl rm -f $(TARGET_DIR)/usr/bin/c_rehash endef @@ -135,16 +152,6 @@ endef LIBOPENSSL_POST_INSTALL_STAGING_HOOKS += LIBOPENSSL_FIXUP_STATIC_PKGCONFIG endif -ifneq ($(BR2_STATIC_LIBS),y) -# libraries gets installed read only, so strip fails -define LIBOPENSSL_INSTALL_FIXUPS_SHARED - chmod +w $(TARGET_DIR)/usr/lib/engines/lib*.so - for i in $(addprefix $(TARGET_DIR)/usr/lib/,libcrypto.so.* libssl.so.*); \ - do chmod +w $$i; done -endef -LIBOPENSSL_POST_INSTALL_TARGET_HOOKS += LIBOPENSSL_INSTALL_FIXUPS_SHARED -endif - ifeq ($(BR2_PACKAGE_PERL),) define LIBOPENSSL_REMOVE_PERL_SCRIPTS $(RM) -f $(TARGET_DIR)/etc/ssl/misc/{CA.pl,tsget} @@ -162,7 +169,7 @@ endif ifneq ($(BR2_PACKAGE_LIBOPENSSL_ENGINES),y) define LIBOPENSSL_REMOVE_LIBOPENSSL_ENGINES - rm -rf $(TARGET_DIR)/usr/lib/engines + rm -rf $(TARGET_DIR)/usr/lib/engines-1.1 endef LIBOPENSSL_POST_INSTALL_TARGET_HOOKS += LIBOPENSSL_REMOVE_LIBOPENSSL_ENGINES endif From ebff0151218d32a5dc3f14196b8b0a7286f0dd36 Mon Sep 17 00:00:00 2001 From: Matt Weber Date: Fri, 8 Feb 2019 12:46:59 -0600 Subject: [PATCH 10/12] package/libopenssl: m68x use SMALL_FOOTPRINT mode OPENSSL_SMALL_FOOTPRINT mode selects alternate paths in the sha512 and blake2 algorithms which resolves a assembler issue like the following. /tmp/ccfnLhKQ.s: Assembler messages: /tmp/ccfnLhKQ.s:11167: Error: value -32790 out of range make[2]: *** [crypto/blake2/blake2b.o] Error 1 This issue was found after the OpenSSL1.1.x bump. Fixes http://autobuild.buildroot.net/results/533e817695cde321b725145112cfd83c092d9d75 Upstream ticket https://github.com/openssl/openssl/issues/8190 Signed-off-by: Matthew Weber Signed-off-by: Peter Korsgaard --- package/libopenssl/libopenssl.mk | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/package/libopenssl/libopenssl.mk b/package/libopenssl/libopenssl.mk index 0bfc74ed0e..a845f1da53 100644 --- a/package/libopenssl/libopenssl.mk +++ b/package/libopenssl/libopenssl.mk @@ -16,9 +16,11 @@ LIBOPENSSL_TARGET_ARCH = generic32 LIBOPENSSL_CFLAGS = $(TARGET_CFLAGS) LIBOPENSSL_PROVIDES = openssl -# relocation truncated to fit: R_68K_GOT16O ifeq ($(BR2_m68k_cf),y) +# relocation truncated to fit: R_68K_GOT16O LIBOPENSSL_CFLAGS += -mxgot +# resolves an assembler "out of range error" with blake2 and sha512 algorithms +LIBOPENSSL_CFLAGS += -DOPENSSL_SMALL_FOOTPRINT endif ifeq ($(BR2_USE_MMU),) From 2f2f2b9fabbef7bed5214d5de50ccb66d24f726e Mon Sep 17 00:00:00 2001 From: Bernd Kuhls Date: Sat, 9 Feb 2019 11:11:38 +0100 Subject: [PATCH 11/12] package/libopenssl: renumber patches Signed-off-by: Bernd Kuhls Signed-off-by: Peter Korsgaard --- ...ch => 0002-Reproducible-build-do-not-leak-compiler-path.patch} | 0 ...03-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch} | 0 ...04-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch} | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename package/libopenssl/{0003-Reproducible-build-do-not-leak-compiler-path.patch => 0002-Reproducible-build-do-not-leak-compiler-path.patch} (100%) rename package/libopenssl/{0004-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch => 0003-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch} (100%) rename package/libopenssl/{0005-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch => 0004-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch} (100%) diff --git a/package/libopenssl/0003-Reproducible-build-do-not-leak-compiler-path.patch b/package/libopenssl/0002-Reproducible-build-do-not-leak-compiler-path.patch similarity index 100% rename from package/libopenssl/0003-Reproducible-build-do-not-leak-compiler-path.patch rename to package/libopenssl/0002-Reproducible-build-do-not-leak-compiler-path.patch diff --git a/package/libopenssl/0004-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch b/package/libopenssl/0003-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch similarity index 100% rename from package/libopenssl/0004-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch rename to package/libopenssl/0003-Introduce-the-OPENSSL_NO_MADVISE-to-disable-call-to-.patch diff --git a/package/libopenssl/0005-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch b/package/libopenssl/0004-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch similarity index 100% rename from package/libopenssl/0005-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch rename to package/libopenssl/0004-apps-ocsp.c-Use-the-same-HAVE_FORK-NO_FORK-as-in-spe.patch From 633e90970fff3d6c5b864acd4b78948ac3819146 Mon Sep 17 00:00:00 2001 From: Bernd Kuhls Date: Sat, 9 Feb 2019 17:19:53 +0100 Subject: [PATCH 12/12] package/libopenssl: add runtime fixes for tor For details see https://bugs.archlinux.org/task/61623 Signed-off-by: Bernd Kuhls Signed-off-by: Peter Korsgaard --- ...uce-stack-usage-in-tls13_hkdf_expand.patch | 62 +++ ...me-SSL_export_keying_material-issues.patch | 426 ++++++++++++++++++ 2 files changed, 488 insertions(+) create mode 100644 package/libopenssl/0005-Revert-Reduce-stack-usage-in-tls13_hkdf_expand.patch create mode 100644 package/libopenssl/0006-Fix-some-SSL_export_keying_material-issues.patch diff --git a/package/libopenssl/0005-Revert-Reduce-stack-usage-in-tls13_hkdf_expand.patch b/package/libopenssl/0005-Revert-Reduce-stack-usage-in-tls13_hkdf_expand.patch new file mode 100644 index 0000000000..104fa476a2 --- /dev/null +++ b/package/libopenssl/0005-Revert-Reduce-stack-usage-in-tls13_hkdf_expand.patch @@ -0,0 +1,62 @@ +From 56e0f123dc17cb99f50efbae4bbbab77f360818f Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Mon, 3 Dec 2018 18:14:57 +0000 +Subject: [PATCH] Revert "Reduce stack usage in tls13_hkdf_expand" + +This reverts commit ec0c5f5693e39c5a013f81e6dd9dfd09ec65162d. + +SSL_export_keying_material() may use longer label lengths. + +Fixes #7712 + +Reviewed-by: Tim Hudson +(Merged from https://github.com/openssl/openssl/pull/7755) + +(cherry picked from commit ed371b8cbac0d0349667558c061c1ae380cf75eb) +Signed-off-by: Bernd Kuhls +--- + ssl/tls13_enc.c | 16 ++++------------ + 1 file changed, 4 insertions(+), 12 deletions(-) + +diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c +index b6825d20c2..f7ab0fa470 100644 +--- a/ssl/tls13_enc.c ++++ b/ssl/tls13_enc.c +@@ -13,14 +13,7 @@ + #include + #include + +-/* +- * RFC 8446, 7.1 Key Schedule, says: +- * Note: With common hash functions, any label longer than 12 characters +- * requires an additional iteration of the hash function to compute. +- * The labels in this specification have all been chosen to fit within +- * this limit. +- */ +-#define TLS13_MAX_LABEL_LEN 12 ++#define TLS13_MAX_LABEL_LEN 246 + + /* Always filled with zeros */ + static const unsigned char default_zeros[EVP_MAX_MD_SIZE]; +@@ -36,15 +29,14 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, + const unsigned char *data, size_t datalen, + unsigned char *out, size_t outlen) + { +- static const unsigned char label_prefix[] = "tls13 "; ++ const unsigned char label_prefix[] = "tls13 "; + EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); + int ret; + size_t hkdflabellen; + size_t hashlen; + /* +- * 2 bytes for length of derived secret + 1 byte for length of combined +- * prefix and label + bytes for the label itself + 1 byte length of hash +- * + bytes for the hash itself ++ * 2 bytes for length of whole HkdfLabel + 1 byte for length of combined ++ * prefix and label + bytes for the label itself + bytes for the hash + */ + unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) + + + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN +-- +2.20.1 + diff --git a/package/libopenssl/0006-Fix-some-SSL_export_keying_material-issues.patch b/package/libopenssl/0006-Fix-some-SSL_export_keying_material-issues.patch new file mode 100644 index 0000000000..242ec7a8cd --- /dev/null +++ b/package/libopenssl/0006-Fix-some-SSL_export_keying_material-issues.patch @@ -0,0 +1,426 @@ +From db860ea3dcf56a1993c66da22bd44460d7ac4914 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Tue, 4 Dec 2018 08:37:04 +0000 +Subject: [PATCH] Fix some SSL_export_keying_material() issues + +Fix some issues in tls13_hkdf_expand() which impact the above function +for TLSv1.3. In particular test that we can use the maximum label length +in TLSv1.3. + +Reviewed-by: Tim Hudson +(Merged from https://github.com/openssl/openssl/pull/7755) + +(cherry picked from commit 0fb2815b873304d145ed00283454fc9f3bd35e6b) +Signed-off-by: Bernd Kuhls +--- + doc/man3/SSL_export_keying_material.pod | 3 +- + ssl/ssl_locl.h | 2 +- + ssl/statem/extensions.c | 2 +- + ssl/statem/statem_clnt.c | 2 +- + ssl/statem/statem_srvr.c | 2 +- + ssl/tls13_enc.c | 73 +++++++++++++++++-------- + test/sslapitest.c | 48 ++++++++++++---- + test/tls13secretstest.c | 2 +- + 8 files changed, 92 insertions(+), 42 deletions(-) + +diff --git a/doc/man3/SSL_export_keying_material.pod b/doc/man3/SSL_export_keying_material.pod +index abebf911fc..4c81a60ffb 100644 +--- a/doc/man3/SSL_export_keying_material.pod ++++ b/doc/man3/SSL_export_keying_material.pod +@@ -59,7 +59,8 @@ B