1 files changed, 109 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/0001-Fix-for-CVE-2014-0224.patch b/meta/recipes-connectivity/openssl/openssl/0001-Fix-for-CVE-2014-0224.patch
new file mode 100644
index 0000000000..9e55a30843
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/0001-Fix-for-CVE-2014-0224.patch
@@ -0,0 +1,109 @@
+From a91be10833e61bcdc9002de28489405101c52650 Mon Sep 17 00:00:00 2001
+From: "Dr. Stephen Henson" <steve@openssl.org>
+Date: Fri, 16 May 2014 12:49:48 +0100
+Subject: [PATCH] Fix for CVE-2014-0224
+Upstream-Status: Backport
+Only accept change cipher spec when it is expected instead of at any
+time. This prevents premature setting of session keys before the master
+secret is determined which an attacker could use as a MITM attack.
+Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for reporting this issue
+and providing the initial fix this patch is based on.
+(cherry picked from commit bc8923b1ec9c467755cd86f7848c50ee8812e441)
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ ssl/s3_clnt.c |    2 ++
+ ssl/s3_pkt.c  |    9 +++++++++
+ ssl/s3_srvr.c |    5 +++++
+ ssl/ssl3.h    |    1 +
+ 4 files changed, 17 insertions(+)
+diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
+index 5fc9069..34efff8 100644
+--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
+@@ -599,6 +599,7 @@ int ssl3_connect(SSL *s)
+                case SSL3_ST_CR_FINISHED_A:
+                case SSL3_ST_CR_FINISHED_B:
+ 
+                       s->s3->flags |= SSL3_FLAGS_CCS_OK;
+                        ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
+                                SSL3_ST_CR_FINISHED_B);
+                        if (ret <= 0) goto end;
+@@ -1051,6 +1052,7 @@ int ssl3_get_server_hello(SSL *s)
+                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+                goto f_err;
+                }
+           s->s3->flags |= SSL3_FLAGS_CCS_OK;
+            s->hit=1;
+            }
+        else    /* a miss or crap from the other end */
+diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
+index 34eb2b4..fb9720f 100644
+--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
+@@ -1593,6 +1593,15 @@ start:
+                        goto f_err;
+                        }
+ 
+               if (!(s->s3->flags & SSL3_FLAGS_CCS_OK))
+                       {
+                       al=SSL_AD_UNEXPECTED_MESSAGE;
+                       SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_CCS_RECEIVED_EARLY);
+                       goto f_err;
+                       }
+
+               s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
+
+                rr->length=0;
+ 
+                if (s->msg_callback)
+diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
+index 72fd3e4..31bfe47 100644
+--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
+@@ -708,6 +708,7 @@ int ssl3_accept(SSL *s)
+                case SSL3_ST_SR_CERT_VRFY_A:
+                case SSL3_ST_SR_CERT_VRFY_B:
+ 
+                       s->s3->flags |= SSL3_FLAGS_CCS_OK;
+                        /* we should decide if we expected this one */
+                        ret=ssl3_get_cert_verify(s);
+                        if (ret <= 0) goto end;
+@@ -735,6 +736,7 @@ int ssl3_accept(SSL *s)
+ 
+                case SSL3_ST_SR_FINISHED_A:
+                case SSL3_ST_SR_FINISHED_B:
+                       s->s3->flags |= SSL3_FLAGS_CCS_OK;
+                        ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
+                                SSL3_ST_SR_FINISHED_B);
+                        if (ret <= 0) goto end;
+@@ -805,7 +807,10 @@ int ssl3_accept(SSL *s)
+                                s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
+ #else
+                                if (s->s3->next_proto_neg_seen)
+                                       {
+                                       s->s3->flags |= SSL3_FLAGS_CCS_OK;
+                                        s->s3->tmp.next_state=SSL3_ST_SR_NEXT_PROTO_A;
+                                       }
+                                else
+                                        s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
+ #endif
+diff --git a/ssl/ssl3.h b/ssl/ssl3.h
+index 8bd201e..82dd76c 100644
+--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
+@@ -428,6 +428,7 @@ typedef struct ssl3_buffer_st
+ #define TLS1_FLAGS_TLS_PADDING_BUG             0x0008
+ #define TLS1_FLAGS_SKIP_CERT_VERIFY            0x0010
+ #define TLS1_FLAGS_KEEP_HANDSHAKE              0x0020
+#define SSL3_FLAGS_CCS_OK                      0x0080
+  
+ /* SSL3_FLAGS_SGC_RESTART_DONE is set when we
+  * restart a handshake because of MS SGC and so prevents us
+-- 
+1.7.10.4

diff --git a/meta/recipes-connectivity/openssl/openssl/0001-Fix-for-CVE-2014-0224.patch b/meta/recipes-connectivity/openssl/openssl/0001-Fix-for-CVE-2014-0224.patch new file mode 100644 index 0000000000..9e55a30843 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/0001-Fix-for-CVE-2014-0224.patch
@@ -0,0 +1,109 @@
	1	From a91be10833e61bcdc9002de28489405101c52650 Mon Sep 17 00:00:00 2001
	2	From: "Dr. Stephen Henson" <steve@openssl.org>
	3	Date: Fri, 16 May 2014 12:49:48 +0100
	4	Subject: [PATCH] Fix for CVE-2014-0224
	5
	6	Upstream-Status: Backport
	7
	8	Only accept change cipher spec when it is expected instead of at any
	9	time. This prevents premature setting of session keys before the master
	10	secret is determined which an attacker could use as a MITM attack.
	11
	12	Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for reporting this issue
	13	and providing the initial fix this patch is based on.
	14	(cherry picked from commit bc8923b1ec9c467755cd86f7848c50ee8812e441)
	15
	16	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
	17	---
	18	ssl/s3_clnt.c \| 2 ++
	19	ssl/s3_pkt.c \| 9 +++++++++
	20	ssl/s3_srvr.c \| 5 +++++
	21	ssl/ssl3.h \| 1 +
	22	4 files changed, 17 insertions(+)
	23
	24	diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
	25	index 5fc9069..34efff8 100644
	26	--- a/ssl/s3_clnt.c
	27	+++ b/ssl/s3_clnt.c
	28	@@ -599,6 +599,7 @@ int ssl3_connect(SSL *s)
	29	case SSL3_ST_CR_FINISHED_A:
	30	case SSL3_ST_CR_FINISHED_B:
	31
	32	+ s->s3->flags \|= SSL3_FLAGS_CCS_OK;
	33	ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
	34	SSL3_ST_CR_FINISHED_B);
	35	if (ret <= 0) goto end;
	36	@@ -1051,6 +1052,7 @@ int ssl3_get_server_hello(SSL *s)
	37	SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
	38	goto f_err;
	39	}
	40	+ s->s3->flags \|= SSL3_FLAGS_CCS_OK;
	41	s->hit=1;
	42	}
	43	else /* a miss or crap from the other end */
	44	diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
	45	index 34eb2b4..fb9720f 100644
	46	--- a/ssl/s3_pkt.c
	47	+++ b/ssl/s3_pkt.c
	48	@@ -1593,6 +1593,15 @@ start:
	49	goto f_err;
	50	}
	51
	52	+ if (!(s->s3->flags & SSL3_FLAGS_CCS_OK))
	53	+ {
	54	+ al=SSL_AD_UNEXPECTED_MESSAGE;
	55	+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_CCS_RECEIVED_EARLY);
	56	+ goto f_err;
	57	+ }
	58	+
	59	+ s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
	60	+
	61	rr->length=0;
	62
	63	if (s->msg_callback)
	64	diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
	65	index 72fd3e4..31bfe47 100644
	66	--- a/ssl/s3_srvr.c
	67	+++ b/ssl/s3_srvr.c
	68	@@ -708,6 +708,7 @@ int ssl3_accept(SSL *s)
	69	case SSL3_ST_SR_CERT_VRFY_A:
	70	case SSL3_ST_SR_CERT_VRFY_B:
	71
	72	+ s->s3->flags \|= SSL3_FLAGS_CCS_OK;
	73	/* we should decide if we expected this one */
	74	ret=ssl3_get_cert_verify(s);
	75	if (ret <= 0) goto end;
	76	@@ -735,6 +736,7 @@ int ssl3_accept(SSL *s)
	77
	78	case SSL3_ST_SR_FINISHED_A:
	79	case SSL3_ST_SR_FINISHED_B:
	80	+ s->s3->flags \|= SSL3_FLAGS_CCS_OK;
	81	ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
	82	SSL3_ST_SR_FINISHED_B);
	83	if (ret <= 0) goto end;
	84	@@ -805,7 +807,10 @@ int ssl3_accept(SSL *s)
	85	s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
	86	#else
	87	if (s->s3->next_proto_neg_seen)
	88	+ {
	89	+ s->s3->flags \|= SSL3_FLAGS_CCS_OK;
	90	s->s3->tmp.next_state=SSL3_ST_SR_NEXT_PROTO_A;
	91	+ }
	92	else
	93	s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
	94	#endif
	95	diff --git a/ssl/ssl3.h b/ssl/ssl3.h
	96	index 8bd201e..82dd76c 100644
	97	--- a/ssl/ssl3.h
	98	+++ b/ssl/ssl3.h
	99	@@ -428,6 +428,7 @@ typedef struct ssl3_buffer_st
	100	#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
	101	#define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
	102	#define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
	103	+#define SSL3_FLAGS_CCS_OK 0x0080
	104
	105	/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
	106	* restart a handshake because of MS SGC and so prevents us
	107	--
	108	1.7.10.4
	109