From 24db490f2be6cab64aba36142309daf3fb624d34 Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Fri, 8 Feb 2013 08:57:53 +0000
Subject: main/openssl: fix regression

http://marc.info/?t=136018837600003&r=1&w=2
---
 .../0001-Fix-IV-check-and-padding-removal.patch    | 72 ++++++++++++++++++++++
 main/openssl/APKBUILD                              | 24 +++++++-
 2 files changed, 95 insertions(+), 1 deletion(-)
 create mode 100644 main/openssl/0001-Fix-IV-check-and-padding-removal.patch

(limited to 'main')

diff --git a/main/openssl/0001-Fix-IV-check-and-padding-removal.patch b/main/openssl/0001-Fix-IV-check-and-padding-removal.patch
new file mode 100644
index 0000000000..321791251f
--- /dev/null
+++ b/main/openssl/0001-Fix-IV-check-and-padding-removal.patch
@@ -0,0 +1,72 @@
+From 32cc2479b473c49ce869e57fded7e9a77b695c0d Mon Sep 17 00:00:00 2001
+From: "Dr. Stephen Henson" <steve@openssl.org>
+Date: Thu, 7 Feb 2013 21:06:37 +0000
+Subject: [PATCH] Fix IV check and padding removal.
+
+Fix the calculation that checks there is enough room in a record
+after removing padding and optional explicit IV. (by Steve)
+
+For AEAD remove the correct number of padding bytes (by Andy)
+---
+ ssl/s3_cbc.c | 33 ++++++++++++---------------------
+ 1 file changed, 12 insertions(+), 21 deletions(-)
+
+diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
+index ce77acd..0f60507 100644
+--- a/ssl/s3_cbc.c
++++ b/ssl/s3_cbc.c
+@@ -139,31 +139,22 @@ int tls1_cbc_remove_padding(const SSL* s,
+ 			    unsigned mac_size)
+ 	{
+ 	unsigned padding_length, good, to_check, i;
+-	const char has_explicit_iv =
+-		s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION;
+-	const unsigned overhead = 1 /* padding length byte */ +
+-				  mac_size +
+-				  (has_explicit_iv ? block_size : 0);
+-
+-	/* These lengths are all public so we can test them in non-constant
+-	 * time. */
+-	if (overhead > rec->length)
+-		return 0;
+-
+-	/* We can always safely skip the explicit IV. We check at the beginning
+-	 * of this function that the record has at least enough space for the
+-	 * IV, MAC and padding length byte. (These can be checked in
+-	 * non-constant time because it's all public information.) So, if the
+-	 * padding was invalid, then we didn't change |rec->length| and this is
+-	 * safe. If the padding was valid then we know that we have at least
+-	 * overhead+padding_length bytes of space and so this is still safe
+-	 * because overhead accounts for the explicit IV. */
+-	if (has_explicit_iv)
++	const unsigned overhead = 1 /* padding length byte */ + mac_size;
++	/* Check if version requires explicit IV */
++	if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
+ 		{
++		/* These lengths are all public so we can test them in
++		 * non-constant time.
++		 */
++		if (overhead + block_size > rec->length)
++			return 0;
++		/* We can now safely skip explicit IV */
+ 		rec->data += block_size;
+ 		rec->input += block_size;
+ 		rec->length -= block_size;
+ 		}
++	else if (overhead > rec->length)
++		return 0;
+ 
+ 	padding_length = rec->data[rec->length-1];
+ 
+@@ -190,7 +181,7 @@ int tls1_cbc_remove_padding(const SSL* s,
+ 	if (EVP_CIPHER_flags(s->enc_read_ctx->cipher)&EVP_CIPH_FLAG_AEAD_CIPHER)
+ 		{
+ 		/* padding is already verified */
+-		rec->length -= padding_length;
++		rec->length -= padding_length + 1;
+ 		return 1;
+ 		}
+ 
+-- 
+1.8.1.2
+
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index 284fb38196..23871f6aed 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Timo Teras <timo.teras@iki.fi>
 pkgname=openssl
 pkgver=1.0.1d
-pkgrel=0
+pkgrel=1
 pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
 url="http://openssl.org"
 depends=
@@ -20,6 +20,7 @@ source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
 	0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
 	0004-crypto-engine-autoload-padlock-dynamic-engine.patch
 	0005-s_client-ircv3-starttls.patch
+	0001-Fix-IV-check-and-padding-removal.patch
 	openssl-1.0.1-version-eglibc.patch"
 
 _builddir="$srcdir"/$pkgname-$pkgver
@@ -97,4 +98,25 @@ ddb5fc155145d5b852425adaec32234d  0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESH
 d95bbaa38889836afd3c52f3962f3b54  0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
 c32f42451a07267ee5dfb3781fa40c00  0004-crypto-engine-autoload-padlock-dynamic-engine.patch
 c5b1042a3acaf3591f3f5620b7086e12  0005-s_client-ircv3-starttls.patch
+b92ec62a1f3e7fdc65481afff709cd8b  0001-Fix-IV-check-and-padding-removal.patch
 d1f3aaad7c36590f21355682983cd14e  openssl-1.0.1-version-eglibc.patch"
+sha256sums="88a423f9b08a994054583691b968815875580e12df754e881d7cfe9f1bd1f49d  openssl-1.0.1d.tar.gz
+fe844e21b2c42da2d8e9c89350211d70c0829f45532b89b7e492bfde589ee7ed  fix-manpages.patch
+82863c2fed659a7186c7f3905a1853b8bd8060350ad101ce159fa7e7d2ba27e8  openssl-bb-basename.patch
+18dd81fefb39b3328a444774ed10871ed50348ca171d2da9f826f916127b2dae  0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
+39c31c2e33cded09543a2d1fd2e3238e9d11c672ba71a14d13095baad3ec9696  0002-engines-e_padlock-backport-cvs-head-changes.patch
+e59f86fb779d327479fa97506c6d0d2df44b97f8182b45ca2eefebe9bef44b8d  0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+157ec6d17add25b96956abc7c44259c91eebe8a6c1026cdb976b895bf42ec56f  0004-crypto-engine-autoload-padlock-dynamic-engine.patch
+44b553d92e33c48f854a8e15b23830375bc400e987505c74956ac196266f0d46  0005-s_client-ircv3-starttls.patch
+a6a6ff34f2a363e2a6d7d4e44da36df6e3f040539e6822752a68efb7fa956c3c  0001-Fix-IV-check-and-padding-removal.patch
+51146851d8454dcb73138f794ced8bd629658b4a0524c466f61b653fff536c93  openssl-1.0.1-version-eglibc.patch"
+sha512sums="333c915501cc4998ab1d16251790eeb471ee6cbf30afcba9b7eefd3cec6a50e061b4347e60b751fa4afea15700ef629503931f22cec3ed64723ac3372ca7735e  openssl-1.0.1d.tar.gz
+880411d56da49946d24328445728367e0bf13b0fd47954971514bee8cd5613a038ad8aeaf68da2c92f4634deb022febd7b3e37f9bbfc5d2c9c8b3b5ffd971407  fix-manpages.patch
+6c4f4b0c1b606b3e5a8175618c4398923392f9c25ad8d3f5b65b0424fe51e104c4f456d2da590d9f572382225ab320278e88db1585790092450cad60a02819a5  openssl-bb-basename.patch
+ea282b09d4692a29e5a554e19b0798fa921717d4892decc68cba92cad11e85e4064d8ac78d98f6fa8bb45c65fdd1a5d1a6f6755e53102d520e9d8b807c3a7822  0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
+96cdd28d1ad5efd3f5836b4c57c9c6ea8e790fbf919e32a8c4acd3883a3531b8d295053a4aa20e6165600153b141ce7b0a3d1d736fdfc325d59862b845aa4d98  0002-engines-e_padlock-backport-cvs-head-changes.patch
+b403a402debf1890df10d5cac12c5f6cc54be6f9bfd3b9cbc014694c02621d4c488f1215a94ac13f01e4cfc6ab93658cfa4c4ba8b707956dc745bf5648a927cf  0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+3bedc326ca3e5945bc4ec4dccfe596042ee87aaeaf90b5063110a99cc8e38584838d68289907e4a3fcdb8e04635052ad0759c94e1d7070bb317c2066e2506bbe  0004-crypto-engine-autoload-padlock-dynamic-engine.patch
+70cd257bbd5a86685dc2508399e67746b60ed5d581eb84fe4d4fc6af214f31b71e2a58ad758d572976a61f67bf64c37a935a9788db160f75bced75397b9bcce3  0005-s_client-ircv3-starttls.patch
+bc9113ce820deb984094c9f9b5b5a5405eb591f4db0b976ed66d5819ef8eb1556c29d75cd8d23a7cbf3caff52a6b88e653ed280b0b379d48527fcea507cd4583  0001-Fix-IV-check-and-padding-removal.patch
+6db9d9ee62048d27f80e392eda99a46712ee85f1c8fd49f4931be73c880da8b84844a72657f7bceddb7db0026daddd31870d9c5065494f8d359ee8560284fd4a  openssl-1.0.1-version-eglibc.patch"
-- 
cgit v1.2.3