aboutsummaryrefslogtreecommitdiff
path: root/share/security/patches/SA-03:06/openssl.patch
diff options
context:
space:
mode:
Diffstat (limited to 'share/security/patches/SA-03:06/openssl.patch')
-rw-r--r--share/security/patches/SA-03:06/openssl.patch135
1 files changed, 0 insertions, 135 deletions
diff --git a/share/security/patches/SA-03:06/openssl.patch b/share/security/patches/SA-03:06/openssl.patch
deleted file mode 100644
index 7081d256b8..0000000000
--- a/share/security/patches/SA-03:06/openssl.patch
+++ /dev/null
@@ -1,135 +0,0 @@
-Index: crypto/openssl/crypto/rsa/rsa_eay.c
-===================================================================
-RCS file: /home/ncvs/src/crypto/openssl/crypto/rsa/rsa_eay.c,v
-retrieving revision 1.10
-diff -u -r1.10 rsa_eay.c
---- crypto/openssl/crypto/rsa/rsa_eay.c 19 Feb 2003 23:24:16 -0000 1.10
-+++ crypto/openssl/crypto/rsa/rsa_eay.c 20 Mar 2003 14:01:30 -0000
-@@ -195,6 +195,25 @@
- return(r);
- }
-
-+static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx)
-+ {
-+ int ret = 1;
-+ CRYPTO_w_lock(CRYPTO_LOCK_RSA);
-+ /* Check again inside the lock - the macro's check is racey */
-+ if(rsa->blinding == NULL)
-+ ret = RSA_blinding_on(rsa, ctx);
-+ CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
-+ return ret;
-+ }
-+
-+#define BLINDING_HELPER(rsa, ctx, err_instr) \
-+ do { \
-+ if(((rsa)->flags & RSA_FLAG_BLINDING) && \
-+ ((rsa)->blinding == NULL) && \
-+ !rsa_eay_blinding(rsa, ctx)) \
-+ err_instr \
-+ } while(0)
-+
- /* signing */
- static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding)
-@@ -239,8 +258,8 @@
- goto err;
- }
-
-- if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
-- RSA_blinding_on(rsa,ctx);
-+ BLINDING_HELPER(rsa, ctx, goto err;);
-+
- if (rsa->flags & RSA_FLAG_BLINDING)
- if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
-
-@@ -318,8 +337,8 @@
- goto err;
- }
-
-- if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
-- RSA_blinding_on(rsa,ctx);
-+ BLINDING_HELPER(rsa, ctx, goto err;);
-+
- if (rsa->flags & RSA_FLAG_BLINDING)
- if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
-
-Index: crypto/openssl/crypto/rsa/rsa_lib.c
-===================================================================
-RCS file: /home/ncvs/src/crypto/openssl/crypto/rsa/rsa_lib.c,v
-retrieving revision 1.8
-diff -u -r1.8 rsa_lib.c
---- crypto/openssl/crypto/rsa/rsa_lib.c 19 Feb 2003 23:24:16 -0000 1.8
-+++ crypto/openssl/crypto/rsa/rsa_lib.c 20 Mar 2003 14:01:30 -0000
-@@ -72,7 +72,13 @@
-
- RSA *RSA_new(void)
- {
-- return(RSA_new_method(NULL));
-+ RSA *r=RSA_new_method(NULL);
-+
-+#ifndef OPENSSL_NO_FORCE_RSA_BLINDING
-+ r->flags|=RSA_FLAG_BLINDING;
-+#endif
-+
-+ return r;
- }
-
- void RSA_set_default_method(const RSA_METHOD *meth)
-Index: crypto/openssl/ssl/s3_srvr.c
-===================================================================
-RCS file: /home/ncvs/src/crypto/openssl/ssl/s3_srvr.c,v
-retrieving revision 1.1.1.10
-diff -u -r1.1.1.10 s3_srvr.c
---- crypto/openssl/ssl/s3_srvr.c 28 Jan 2003 21:38:47 -0000 1.1.1.10
-+++ crypto/openssl/ssl/s3_srvr.c 20 Mar 2003 14:01:31 -0000
-@@ -1447,7 +1447,7 @@
- if (i != SSL_MAX_MASTER_KEY_LENGTH)
- {
- al=SSL_AD_DECODE_ERROR;
-- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
-+ /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); */
- }
-
- if ((al == -1) && !((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
-@@ -1463,30 +1463,29 @@
- (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))
- {
- al=SSL_AD_DECODE_ERROR;
-- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER);
-- goto f_err;
-+ /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */
-+
-+ /* The Klima-Pokorny-Rosa extension of Bleichenbacher's attack
-+ * (http://eprint.iacr.org/2003/052/) exploits the version
-+ * number check as a "bad version oracle" -- an alert would
-+ * reveal that the plaintext corresponding to some ciphertext
-+ * made up by the adversary is properly formatted except
-+ * that the version number is wrong. To avoid such attacks,
-+ * we should treat this just like any other decryption error. */
-+ p[0] = (char)(int) "CAN-2003-0131 patch 2003-03-19";
- }
- }
-
- if (al != -1)
- {
--#if 0
-- goto f_err;
--#else
- /* Some decryption failure -- use random value instead as countermeasure
- * against Bleichenbacher's attack on PKCS #1 v1.5 RSA padding
-- * (see RFC 2246, section 7.4.7.1).
-- * But note that due to length and protocol version checking, the
-- * attack is impractical anyway (see section 5 in D. Bleichenbacher:
-- * "Chosen Ciphertext Attacks Against Protocols Based on the RSA
-- * Encryption Standard PKCS #1", CRYPTO '98, LNCS 1462, pp. 1-12).
-- */
-+ * (see RFC 2246, section 7.4.7.1). */
- ERR_clear_error();
- i = SSL_MAX_MASTER_KEY_LENGTH;
- p[0] = s->client_version >> 8;
- p[1] = s->client_version & 0xff;
- RAND_pseudo_bytes(p+2, i-2); /* should be RAND_bytes, but we cannot work around a failure */
--#endif
- }
-
- s->session->master_key_length=
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-24 12:09:14 +0000