From 96c1644d0d474bc451fdf3c4efea70eef49b8e57 Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Sun, 6 Nov 2016 07:33:27 -0800 Subject: openssl: Security fix CVE-2016-8610 affects openssl < 1.0.2i (From OE-Core rev: 0256b61cdafe540edb3cec2a34429e24b037cfae) Signed-off-by: Armin Kuster Signed-off-by: Richard Purdie --- .../openssl/openssl/CVE-2016-8610.patch | 124 +++++++++++++++++++++ .../recipes-connectivity/openssl/openssl_1.0.2h.bb | 1 + 2 files changed, 125 insertions(+) create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-8610.patch diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2016-8610.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2016-8610.patch new file mode 100644 index 0000000000..c2af589bba --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2016-8610.patch @@ -0,0 +1,124 @@ +From 22646a075e75991b4e8f5d67171e45a6aead5b48 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Wed, 21 Sep 2016 14:48:16 +0100 +Subject: [PATCH] Don't allow too many consecutive warning alerts + +Certain warning alerts are ignored if they are received. This can mean that +no progress will be made if one peer continually sends those warning alerts. +Implement a count so that we abort the connection if we receive too many. + +Issue reported by Shi Lei. + +Reviewed-by: Rich Salz + +Upstream-Status: Backport +CVE: CVE-2016-8610 +Signed-off-by: Armin Kuster + +--- + ssl/d1_pkt.c | 15 +++++++++++++++ + ssl/s3_pkt.c | 15 +++++++++++++++ + ssl/ssl.h | 1 + + ssl/ssl_locl.h | 4 ++++ + 4 files changed, 35 insertions(+) + +Index: openssl-1.0.2h/ssl/d1_pkt.c +=================================================================== +--- openssl-1.0.2h.orig/ssl/d1_pkt.c ++++ openssl-1.0.2h/ssl/d1_pkt.c +@@ -928,6 +928,13 @@ int dtls1_read_bytes(SSL *s, int type, u + goto start; + } + ++ /* ++ * Reset the count of consecutive warning alerts if we've got a non-empty ++ * record that isn't an alert. ++ */ ++ if (rr->type != SSL3_RT_ALERT && rr->length != 0) ++ s->cert->alert_count = 0; ++ + /* we now have a packet which can be read and processed */ + + if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec, +@@ -1194,6 +1201,14 @@ int dtls1_read_bytes(SSL *s, int type, u + + if (alert_level == SSL3_AL_WARNING) { + s->s3->warn_alert = alert_descr; ++ ++ s->cert->alert_count++; ++ if (s->cert->alert_count == MAX_WARN_ALERT_COUNT) { ++ al = SSL_AD_UNEXPECTED_MESSAGE; ++ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS); ++ goto f_err; ++ } ++ + if (alert_descr == SSL_AD_CLOSE_NOTIFY) { + #ifndef OPENSSL_NO_SCTP + /* +Index: openssl-1.0.2h/ssl/s3_pkt.c +=================================================================== +--- openssl-1.0.2h.orig/ssl/s3_pkt.c ++++ openssl-1.0.2h/ssl/s3_pkt.c +@@ -1229,6 +1229,13 @@ int ssl3_read_bytes(SSL *s, int type, un + return (ret); + } + ++ /* ++ * Reset the count of consecutive warning alerts if we've got a non-empty ++ * record that isn't an alert. ++ */ ++ if (rr->type != SSL3_RT_ALERT && rr->length != 0) ++ s->cert->alert_count = 0; ++ + /* we now have a packet which can be read and processed */ + + if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec, +@@ -1443,6 +1450,14 @@ int ssl3_read_bytes(SSL *s, int type, un + + if (alert_level == SSL3_AL_WARNING) { + s->s3->warn_alert = alert_descr; ++ ++ s->cert->alert_count++; ++ if (s->cert->alert_count == MAX_WARN_ALERT_COUNT) { ++ al = SSL_AD_UNEXPECTED_MESSAGE; ++ SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS); ++ goto f_err; ++ } ++ + if (alert_descr == SSL_AD_CLOSE_NOTIFY) { + s->shutdown |= SSL_RECEIVED_SHUTDOWN; + return (0); +Index: openssl-1.0.2h/ssl/ssl.h +=================================================================== +--- openssl-1.0.2h.orig/ssl/ssl.h ++++ openssl-1.0.2h/ssl/ssl.h +@@ -3115,6 +3115,7 @@ void ERR_load_SSL_strings(void); + # define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157 + # define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233 + # define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234 ++# define SSL_R_TOO_MANY_WARN_ALERTS 409 + # define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235 + # define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236 + # define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313 +Index: openssl-1.0.2h/ssl/ssl_locl.h +=================================================================== +--- openssl-1.0.2h.orig/ssl/ssl_locl.h ++++ openssl-1.0.2h/ssl/ssl_locl.h +@@ -585,6 +585,8 @@ typedef struct { + */ + # define SSL_EXT_FLAG_SENT 0x2 + ++# define MAX_WARN_ALERT_COUNT 5 ++ + typedef struct { + custom_ext_method *meths; + size_t meths_count; +@@ -692,6 +694,8 @@ typedef struct cert_st { + unsigned char *alpn_proposed; /* server */ + unsigned int alpn_proposed_len; + int alpn_sent; /* client */ ++ /* Count of the number of consecutive warning alerts received */ ++ unsigned int alert_count; + } CERT; + + typedef struct sess_cert_st { diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb index 94a986775c..26bc6be2f4 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb @@ -50,6 +50,7 @@ SRC_URI += "file://configure-targets.patch \ file://CVE-2016-6304.patch \ file://CVE-2016-6306.patch \ file://CVE-2016-2179.patch \ + file://CVE-2016-8610.patch \ " SRC_URI[md5sum] = "9392e65072ce4b614c1392eefc1f23d0" -- cgit v1.2.3-54-g00ecf