[Pkg-openssl-changes] r523 - in openssl/branches/squeeze/debian: . patches
Kurt Roeckx
kroeckx at alioth.debian.org
Sat Jan 14 21:26:12 UTC 2012
Author: kroeckx
Date: 2012-01-14 21:26:12 +0000 (Sat, 14 Jan 2012)
New Revision: 523
Added:
openssl/branches/squeeze/debian/patches/CVE-2011-4108.patch
openssl/branches/squeeze/debian/patches/CVE-2011-4109.patch
openssl/branches/squeeze/debian/patches/CVE-2011-4576.patch
openssl/branches/squeeze/debian/patches/CVE-2011-4577.patch
openssl/branches/squeeze/debian/patches/CVE-2011-4619.patch
openssl/branches/squeeze/debian/patches/dtls-fragment-alert.patch
Modified:
openssl/branches/squeeze/debian/changelog
openssl/branches/squeeze/debian/patches/series
Log:
* Fix CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4619
and CVE-2011-4577
* Send alert instead of assertion failure for incorrectly formatted DTLS
fragments. (Closes: #645805)
Modified: openssl/branches/squeeze/debian/changelog
===================================================================
--- openssl/branches/squeeze/debian/changelog 2012-01-14 21:21:00 UTC (rev 522)
+++ openssl/branches/squeeze/debian/changelog 2012-01-14 21:26:12 UTC (rev 523)
@@ -1,3 +1,12 @@
+openssl (0.9.8o-4squeeze5) squeeze-security; urgency=low
+
+ * Fix CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4619
+ and CVE-2011-4577
+ * Send alert instead of assertion failure for incorrectly formatted DTLS
+ fragments. (Closes: #645805)
+
+ -- Kurt Roeckx <kurt at roeckx.be> Sat, 14 Jan 2012 22:23:53 +0100
+
openssl (0.9.8o-4squeeze4) squeeze-security; urgency=high
* Non-maintainer upload by the Security Team.
Added: openssl/branches/squeeze/debian/patches/CVE-2011-4108.patch
===================================================================
--- openssl/branches/squeeze/debian/patches/CVE-2011-4108.patch (rev 0)
+++ openssl/branches/squeeze/debian/patches/CVE-2011-4108.patch 2012-01-14 21:26:12 UTC (rev 523)
@@ -0,0 +1,67 @@
+diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
+index e4f47e9..83702e5 100644
+--- a/ssl/d1_pkt.c
++++ b/ssl/d1_pkt.c
+@@ -335,6 +335,7 @@ dtls1_process_record(SSL *s)
+ SSL3_RECORD *rr;
+ unsigned int mac_size;
+ unsigned char md[EVP_MAX_MD_SIZE];
++ int decryption_failed_or_bad_record_mac = 0;
+
+
+ rr= &(s->s3->rrec);
+@@ -369,13 +370,10 @@ dtls1_process_record(SSL *s)
+ enc_err = s->method->ssl3_enc->enc(s,0);
+ if (enc_err <= 0)
+ {
+- /* decryption failed, silently discard message */
+- if (enc_err < 0)
+- {
+- rr->length = 0;
+- s->packet_length = 0;
+- }
+- goto err;
++ /* To minimize information leaked via timing, we will always
++ * perform all computations before discarding the message.
++ */
++ decryption_failed_or_bad_record_mac = 1;
+ }
+
+ #ifdef TLS_DEBUG
+@@ -401,7 +399,7 @@ if ( (sess == NULL) ||
+ SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
+ goto f_err;
+ #else
+- goto err;
++ decryption_failed_or_bad_record_mac = 1;
+ #endif
+ }
+ /* check the MAC for rr->input (it's in mac_size bytes at the tail) */
+@@ -412,17 +410,25 @@ if ( (sess == NULL) ||
+ SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ #else
+- goto err;
++ decryption_failed_or_bad_record_mac = 1;
+ #endif
+ }
+ rr->length-=mac_size;
+ s->method->ssl3_enc->mac(s,md,0);
+ if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
+ {
+- goto err;
++ decryption_failed_or_bad_record_mac = 1;
+ }
+ }
+
++ if (decryption_failed_or_bad_record_mac)
++ {
++ /* decryption failed, silently discard message */
++ rr->length = 0;
++ s->packet_length = 0;
++ goto err;
++ }
++
+ /* r->length is now just compressed */
+ if (s->expand != NULL)
+ {
Added: openssl/branches/squeeze/debian/patches/CVE-2011-4109.patch
===================================================================
--- openssl/branches/squeeze/debian/patches/CVE-2011-4109.patch (rev 0)
+++ openssl/branches/squeeze/debian/patches/CVE-2011-4109.patch 2012-01-14 21:26:12 UTC (rev 523)
@@ -0,0 +1,60 @@
+diff --git a/crypto/x509v3/pcy_map.c b/crypto/x509v3/pcy_map.c
+index f28796e..acd2ede 100644
+--- a/crypto/x509v3/pcy_map.c
++++ b/crypto/x509v3/pcy_map.c
+@@ -70,8 +70,6 @@ static int ref_cmp(const X509_POLICY_REF * const *a,
+
+ static void policy_map_free(X509_POLICY_REF *map)
+ {
+- if (map->subjectDomainPolicy)
+- ASN1_OBJECT_free(map->subjectDomainPolicy);
+ OPENSSL_free(map);
+ }
+
+@@ -95,6 +93,7 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
+ {
+ POLICY_MAPPING *map;
+ X509_POLICY_REF *ref = NULL;
++ ASN1_OBJECT *subjectDomainPolicyRef;
+ X509_POLICY_DATA *data;
+ X509_POLICY_CACHE *cache = x->policy_cache;
+ int i;
+@@ -153,13 +152,16 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
+ if (!sk_ASN1_OBJECT_push(data->expected_policy_set,
+ map->subjectDomainPolicy))
+ goto bad_mapping;
++ /* map->subjectDomainPolicy will be freed when
++ * cache->data is freed. Set it to NULL to avoid double-free. */
++ subjectDomainPolicyRef = map->subjectDomainPolicy;
++ map->subjectDomainPolicy = NULL;
+
+ ref = OPENSSL_malloc(sizeof(X509_POLICY_REF));
+ if (!ref)
+ goto bad_mapping;
+
+- ref->subjectDomainPolicy = map->subjectDomainPolicy;
+- map->subjectDomainPolicy = NULL;
++ ref->subjectDomainPolicy = subjectDomainPolicyRef;
+ ref->data = data;
+
+ if (!sk_X509_POLICY_REF_push(cache->maps, ref))
+diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
+index 89f84bf..92ad0a2 100644
+--- a/crypto/x509v3/pcy_tree.c
++++ b/crypto/x509v3/pcy_tree.c
+@@ -612,6 +612,10 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
+ case 2:
+ return 1;
+
++ /* Some internal error */
++ case -1:
++ return -1;
++
+ /* Some internal error */
+ case 0:
+ return 0;
+@@ -691,4 +695,3 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
+ return 0;
+
+ }
+-
Added: openssl/branches/squeeze/debian/patches/CVE-2011-4576.patch
===================================================================
--- openssl/branches/squeeze/debian/patches/CVE-2011-4576.patch (rev 0)
+++ openssl/branches/squeeze/debian/patches/CVE-2011-4576.patch 2012-01-14 21:26:12 UTC (rev 523)
@@ -0,0 +1,14 @@
+diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
+index 1539a4c..759231d 100644
+--- a/ssl/s3_enc.c
++++ b/ssl/s3_enc.c
+@@ -479,6 +479,9 @@ int ssl3_enc(SSL *s, int send)
+
+ /* we need to add 'i-1' padding bytes */
+ l+=i;
++ /* the last of these zero bytes will be overwritten
++ * with the padding length. */
++ memset(&rec->input[rec->length], 0, i);
+ rec->length+=i;
+ rec->input[l-1]=(i-1);
+ }
Added: openssl/branches/squeeze/debian/patches/CVE-2011-4577.patch
===================================================================
--- openssl/branches/squeeze/debian/patches/CVE-2011-4577.patch (rev 0)
+++ openssl/branches/squeeze/debian/patches/CVE-2011-4577.patch 2012-01-14 21:26:12 UTC (rev 523)
@@ -0,0 +1,188 @@
+diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c
+index d27a707..c0e1d2d 100644
+--- a/crypto/x509v3/v3_addr.c
++++ b/crypto/x509v3/v3_addr.c
+@@ -142,12 +142,13 @@ unsigned int v3_addr_get_afi(const IPAddressFamily *f)
+ * Expand the bitstring form of an address into a raw byte array.
+ * At the moment this is coded for simplicity, not speed.
+ */
+-static void addr_expand(unsigned char *addr,
++static int addr_expand(unsigned char *addr,
+ const ASN1_BIT_STRING *bs,
+ const int length,
+ const unsigned char fill)
+ {
+- OPENSSL_assert(bs->length >= 0 && bs->length <= length);
++ if (bs->length < 0 || bs->length > length)
++ return 0;
+ if (bs->length > 0) {
+ memcpy(addr, bs->data, bs->length);
+ if ((bs->flags & 7) != 0) {
+@@ -159,6 +160,7 @@ static void addr_expand(unsigned char *addr,
+ }
+ }
+ memset(addr + bs->length, fill, length - bs->length);
++ return 1;
+ }
+
+ /*
+@@ -181,15 +183,13 @@ static int i2r_address(BIO *out,
+ return 0;
+ switch (afi) {
+ case IANA_AFI_IPV4:
+- if (bs->length > 4)
++ if (!addr_expand(addr, bs, 4, fill))
+ return 0;
+- addr_expand(addr, bs, 4, fill);
+ BIO_printf(out, "%d.%d.%d.%d", addr[0], addr[1], addr[2], addr[3]);
+ break;
+ case IANA_AFI_IPV6:
+- if (bs->length > 16)
++ if (!addr_expand(addr, bs, 16, fill))
+ return 0;
+- addr_expand(addr, bs, 16, fill);
+ for (n = 16; n > 1 && addr[n-1] == 0x00 && addr[n-2] == 0x00; n -= 2)
+ ;
+ for (i = 0; i < n; i += 2)
+@@ -315,6 +315,12 @@ static int i2r_IPAddrBlocks(X509V3_EXT_METHOD *method,
+ /*
+ * Sort comparison function for a sequence of IPAddressOrRange
+ * elements.
++ *
++ * There's no sane answer we can give if addr_expand() fails, and an
++ * assertion failure on externally supplied data is seriously uncool,
++ * so we just arbitrarily declare that if given invalid inputs this
++ * function returns -1. If this messes up your preferred sort order
++ * for garbage input, tough noogies.
+ */
+ static int IPAddressOrRange_cmp(const IPAddressOrRange *a,
+ const IPAddressOrRange *b,
+@@ -327,22 +333,26 @@ static int IPAddressOrRange_cmp(const IPAddressOrRange *a,
+
+ switch (a->type) {
+ case IPAddressOrRange_addressPrefix:
+- addr_expand(addr_a, a->u.addressPrefix, length, 0x00);
++ if (!addr_expand(addr_a, a->u.addressPrefix, length, 0x00))
++ return -1;
+ prefixlen_a = addr_prefixlen(a->u.addressPrefix);
+ break;
+ case IPAddressOrRange_addressRange:
+- addr_expand(addr_a, a->u.addressRange->min, length, 0x00);
++ if (!addr_expand(addr_a, a->u.addressRange->min, length, 0x00))
++ return -1;
+ prefixlen_a = length * 8;
+ break;
+ }
+
+ switch (b->type) {
+ case IPAddressOrRange_addressPrefix:
+- addr_expand(addr_b, b->u.addressPrefix, length, 0x00);
++ if (!addr_expand(addr_b, b->u.addressPrefix, length, 0x00))
++ return -1;
+ prefixlen_b = addr_prefixlen(b->u.addressPrefix);
+ break;
+ case IPAddressOrRange_addressRange:
+- addr_expand(addr_b, b->u.addressRange->min, length, 0x00);
++ if (!addr_expand(addr_b, b->u.addressRange->min, length, 0x00))
++ return -1;
+ prefixlen_b = length * 8;
+ break;
+ }
+@@ -658,22 +668,22 @@ int v3_addr_add_range(IPAddrBlocks *addr,
+ /*
+ * Extract min and max values from an IPAddressOrRange.
+ */
+-static void extract_min_max(IPAddressOrRange *aor,
++static int extract_min_max(IPAddressOrRange *aor,
+ unsigned char *min,
+ unsigned char *max,
+ int length)
+ {
+- OPENSSL_assert(aor != NULL && min != NULL && max != NULL);
++ if (aor == NULL || min == NULL || max == NULL)
++ return 0;
+ switch (aor->type) {
+ case IPAddressOrRange_addressPrefix:
+- addr_expand(min, aor->u.addressPrefix, length, 0x00);
+- addr_expand(max, aor->u.addressPrefix, length, 0xFF);
+- return;
++ return (addr_expand(min, aor->u.addressPrefix, length, 0x00) &&
++ addr_expand(max, aor->u.addressPrefix, length, 0xFF));
+ case IPAddressOrRange_addressRange:
+- addr_expand(min, aor->u.addressRange->min, length, 0x00);
+- addr_expand(max, aor->u.addressRange->max, length, 0xFF);
+- return;
++ return (addr_expand(min, aor->u.addressRange->min, length, 0x00) &&
++ addr_expand(max, aor->u.addressRange->max, length, 0xFF));
+ }
++ return 0;
+ }
+
+ /*
+@@ -689,9 +699,10 @@ int v3_addr_get_range(IPAddressOrRange *aor,
+ if (aor == NULL || min == NULL || max == NULL ||
+ afi_length == 0 || length < afi_length ||
+ (aor->type != IPAddressOrRange_addressPrefix &&
+- aor->type != IPAddressOrRange_addressRange))
++ aor->type != IPAddressOrRange_addressRange) ||
++ !extract_min_max(aor, min, max, afi_length))
+ return 0;
+- extract_min_max(aor, min, max, afi_length);
++
+ return afi_length;
+ }
+
+@@ -773,8 +784,9 @@ int v3_addr_is_canonical(IPAddrBlocks *addr)
+ IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
+ IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, j + 1);
+
+- extract_min_max(a, a_min, a_max, length);
+- extract_min_max(b, b_min, b_max, length);
++ if (!extract_min_max(a, a_min, a_max, length) ||
++ !extract_min_max(b, b_min, b_max, length))
++ return 0;
+
+ /*
+ * Punt misordered list, overlapping start, or inverted range.
+@@ -809,7 +821,8 @@ int v3_addr_is_canonical(IPAddrBlocks *addr)
+ {
+ IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
+ if (a != NULL && a->type == IPAddressOrRange_addressRange) {
+- extract_min_max(a, a_min, a_max, length);
++ if (!extract_min_max(a, a_min, a_max, length))
++ return 0;
+ if (memcmp(a_min, a_max, length) > 0 ||
+ range_should_be_prefix(a_min, a_max, length) >= 0)
+ return 0;
+@@ -845,8 +858,9 @@ static int IPAddressOrRanges_canonize(IPAddressOrRanges *aors,
+ unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
+ unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
+
+- extract_min_max(a, a_min, a_max, length);
+- extract_min_max(b, b_min, b_max, length);
++ if (!extract_min_max(a, a_min, a_max, length) ||
++ !extract_min_max(b, b_min, b_max, length))
++ return 0;
+
+ /*
+ * Punt inverted ranges.
+@@ -1132,13 +1146,15 @@ static int addr_contains(IPAddressOrRanges *parent,
+
+ p = 0;
+ for (c = 0; c < sk_IPAddressOrRange_num(child); c++) {
+- extract_min_max(sk_IPAddressOrRange_value(child, c),
+- c_min, c_max, length);
++ if (!extract_min_max(sk_IPAddressOrRange_value(child, c),
++ c_min, c_max, length))
++ return -1;
+ for (;; p++) {
+ if (p >= sk_IPAddressOrRange_num(parent))
+ return 0;
+- extract_min_max(sk_IPAddressOrRange_value(parent, p),
+- p_min, p_max, length);
++ if (!extract_min_max(sk_IPAddressOrRange_value(parent, p),
++ p_min, p_max, length))
++ return 0;
+ if (memcmp(p_max, c_max, length) < 0)
+ continue;
+ if (memcmp(p_min, c_min, length) > 0)
Added: openssl/branches/squeeze/debian/patches/CVE-2011-4619.patch
===================================================================
--- openssl/branches/squeeze/debian/patches/CVE-2011-4619.patch (rev 0)
+++ openssl/branches/squeeze/debian/patches/CVE-2011-4619.patch 2012-01-14 21:26:12 UTC (rev 523)
@@ -0,0 +1,105 @@
+diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
+index 4850a9a..f610212 100644
+--- a/ssl/s3_srvr.c
++++ b/ssl/s3_srvr.c
+@@ -235,6 +235,7 @@ int ssl3_accept(SSL *s)
+ }
+
+ s->init_num=0;
++ s->s3->flags &= ~SSL3_FLAGS_SGC_RESTART_DONE;
+
+ if (s->state != SSL_ST_RENEGOTIATE)
+ {
+@@ -697,6 +698,14 @@ int ssl3_check_client_hello(SSL *s)
+ int ok;
+ long n;
+
++ /* We only allow the client to restart the handshake once per
++ * negotiation. */
++ if (s->s3->flags & SSL3_FLAGS_SGC_RESTART_DONE)
++ {
++ SSLerr(SSL_F_SSL3_CHECK_CLIENT_HELLO, SSL_R_MULTIPLE_SGC_RESTARTS);
++ return -1;
++ }
++
+ /* this function is called when we really expect a Certificate message,
+ * so permit appropriate message length */
+ n=s->method->ssl_get_message(s,
+@@ -725,6 +734,7 @@ int ssl3_check_client_hello(SSL *s)
+ s->s3->tmp.ecdh = NULL;
+ }
+ #endif
++ s->s3->flags |= SSL3_FLAGS_SGC_RESTART_DONE;
+ return 2;
+ }
+ return 1;
+diff --git a/ssl/ssl.h b/ssl/ssl.h
+index 7d4e46e..590a369 100644
+--- a/ssl/ssl.h
++++ b/ssl/ssl.h
+@@ -1739,6 +1739,7 @@ void ERR_load_SSL_strings(void);
+ #define SSL_F_SSL3_CALLBACK_CTRL 233
+ #define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
+ #define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
++#define SSL_F_SSL3_CHECK_CLIENT_HELLO 292
+ #define SSL_F_SSL3_CLIENT_HELLO 131
+ #define SSL_F_SSL3_CONNECT 132
+ #define SSL_F_SSL3_CTRL 213
+@@ -1974,6 +1975,7 @@ void ERR_load_SSL_strings(void);
+ #define SSL_R_MISSING_TMP_RSA_KEY 172
+ #define SSL_R_MISSING_TMP_RSA_PKEY 173
+ #define SSL_R_MISSING_VERIFY_MESSAGE 174
++#define SSL_R_MULTIPLE_SGC_RESTARTS 325
+ #define SSL_R_NON_SSLV2_INITIAL_PACKET 175
+ #define SSL_R_NO_CERTIFICATES_RETURNED 176
+ #define SSL_R_NO_CERTIFICATE_ASSIGNED 177
+diff --git a/ssl/ssl3.h b/ssl/ssl3.h
+index 2f579c2..b9a85ef 100644
+--- a/ssl/ssl3.h
++++ b/ssl/ssl3.h
+@@ -333,6 +333,17 @@ typedef struct ssl3_buffer_st
+ #define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
+ #define SSL3_FLAGS_POP_BUFFER 0x0004
+ #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
++
++/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
++ * restart a handshake because of MS SGC and so prevents us
++ * from restarting the handshake in a loop. It's reset on a
++ * renegotiation, so effectively limits the client to one restart
++ * per negotiation. This limits the possibility of a DDoS
++ * attack where the client handshakes in a loop using SGC to
++ * restart. Servers which permit renegotiation can still be
++ * effected, but we can't prevent that.
++ */
++#define SSL3_FLAGS_SGC_RESTART_DONE 0x0040
+
+ typedef struct ssl3_state_st
+ {
+diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
+index 7eb5202..bd52c98 100644
+--- a/ssl/ssl_err.c
++++ b/ssl/ssl_err.c
+@@ -1,6 +1,6 @@
+ /* ssl/ssl_err.c */
+ /* ====================================================================
+- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
++ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+@@ -137,6 +137,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
+ {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "SSL3_CALLBACK_CTRL"},
+ {ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE), "SSL3_CHANGE_CIPHER_STATE"},
+ {ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM), "SSL3_CHECK_CERT_AND_ALGORITHM"},
++{ERR_FUNC(SSL_F_SSL3_CHECK_CLIENT_HELLO), "SSL3_CHECK_CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO), "SSL3_CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_SSL3_CONNECT), "SSL3_CONNECT"},
+ {ERR_FUNC(SSL_F_SSL3_CTRL), "SSL3_CTRL"},
+@@ -375,6 +376,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
+ {ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY) ,"missing tmp rsa key"},
+ {ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY) ,"missing tmp rsa pkey"},
+ {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE),"missing verify message"},
++{ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS) ,"multiple sgc restarts"},
+ {ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET),"non sslv2 initial packet"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED),"no certificates returned"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED),"no certificate assigned"},
Added: openssl/branches/squeeze/debian/patches/dtls-fragment-alert.patch
===================================================================
--- openssl/branches/squeeze/debian/patches/dtls-fragment-alert.patch (rev 0)
+++ openssl/branches/squeeze/debian/patches/dtls-fragment-alert.patch 2012-01-14 21:26:12 UTC (rev 523)
@@ -0,0 +1,33 @@
+diff --git a/ssl/d1_both.c b/ssl/d1_both.c
+index 1c4158d..85f4d83 100644
+--- a/ssl/d1_both.c
++++ b/ssl/d1_both.c
+@@ -793,7 +793,13 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
+ *ok = 0;
+ return i;
+ }
+- OPENSSL_assert(i == DTLS1_HM_HEADER_LENGTH);
++ /* Handshake fails if message header is incomplete */
++ if (i != DTLS1_HM_HEADER_LENGTH)
++ {
++ al=SSL_AD_UNEXPECTED_MESSAGE;
++ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_UNEXPECTED_MESSAGE);
++ goto f_err;
++ }
+
+ /* parse the message fragment header */
+ dtls1_get_message_header(wire, &msg_hdr);
+@@ -865,7 +871,12 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
+
+ /* XDTLS: an incorrectly formatted fragment should cause the
+ * handshake to fail */
+- OPENSSL_assert(i == (int)frag_len);
++ if (i != (int)frag_len)
++ {
++ al=SSL3_AD_ILLEGAL_PARAMETER;
++ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL3_AD_ILLEGAL_PARAMETER);
++ goto f_err;
++ }
+
+ *ok = 1;
+
Modified: openssl/branches/squeeze/debian/patches/series
===================================================================
--- openssl/branches/squeeze/debian/patches/series 2012-01-14 21:21:00 UTC (rev 522)
+++ openssl/branches/squeeze/debian/patches/series 2012-01-14 21:26:12 UTC (rev 523)
@@ -26,3 +26,9 @@
block_digicert_malaysia.patch
CVE-2011-1945.patch
CVE-2011-3210.patch
+CVE-2011-4108.patch
+CVE-2011-4109.patch
+CVE-2011-4619.patch
+CVE-2011-4576.patch
+CVE-2011-4577.patch
+dtls-fragment-alert.patch
More information about the Pkg-openssl-changes
mailing list