svn commit: r308204 - in releng: 10.1 10.1/crypto/openssl/ssl 10.1/sys/conf 10.2 10.2/crypto/openssl/ssl 10.2/sys/conf
Xin LI
delphij at FreeBSD.org
Wed Nov 2 07:24:18 UTC 2016
Author: delphij
Date: Wed Nov 2 07:24:14 2016
New Revision: 308204
URL: https://svnweb.freebsd.org/changeset/base/308204
Log:
Fix OpenSSL remote DoS vulnerability. [SA-16:35]
Security: FreeBSD-SA-16:35.openssl
Approved by: so
Modified:
releng/10.1/UPDATING
releng/10.1/crypto/openssl/ssl/d1_pkt.c
releng/10.1/crypto/openssl/ssl/s3_pkt.c
releng/10.1/crypto/openssl/ssl/ssl.h
releng/10.1/crypto/openssl/ssl/ssl3.h
releng/10.1/crypto/openssl/ssl/ssl_locl.h
releng/10.1/sys/conf/newvers.sh
releng/10.2/UPDATING
releng/10.2/crypto/openssl/ssl/d1_pkt.c
releng/10.2/crypto/openssl/ssl/s3_pkt.c
releng/10.2/crypto/openssl/ssl/ssl.h
releng/10.2/crypto/openssl/ssl/ssl3.h
releng/10.2/crypto/openssl/ssl/ssl_locl.h
releng/10.2/sys/conf/newvers.sh
Modified: releng/10.1/UPDATING
==============================================================================
--- releng/10.1/UPDATING Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.1/UPDATING Wed Nov 2 07:24:14 2016 (r308204)
@@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITH
stable/10, and then rebuild without this option. The bootstrap process from
older version of current is a bit fragile.
+20161102 p42 FreeBSD-SA-16:35.openssl
+
+ Fix OpenSSL remote DoS vulnerability. [SA-16:35]
+
20161025 p41 FreeBSD-SA-16:15.sysarch [revised]
Fix incorrect argument validation in sysarch(2). [SA-16:15]
Modified: releng/10.1/crypto/openssl/ssl/d1_pkt.c
==============================================================================
--- releng/10.1/crypto/openssl/ssl/d1_pkt.c Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.1/crypto/openssl/ssl/d1_pkt.c Wed Nov 2 07:24:14 2016 (r308204)
@@ -924,6 +924,13 @@ int dtls1_read_bytes(SSL *s, int type, u
goto start;
}
+ /*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+ if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+ s->s3->alert_count = 0;
+
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1190,6 +1197,14 @@ int dtls1_read_bytes(SSL *s, int type, u
if (alert_level == SSL3_AL_WARNING) {
s->s3->warn_alert = alert_descr;
+
+ s->s3->alert_count++;
+ if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+ goto f_err;
+ }
+
if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
#ifndef OPENSSL_NO_SCTP
/*
Modified: releng/10.1/crypto/openssl/ssl/s3_pkt.c
==============================================================================
--- releng/10.1/crypto/openssl/ssl/s3_pkt.c Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.1/crypto/openssl/ssl/s3_pkt.c Wed Nov 2 07:24:14 2016 (r308204)
@@ -1057,6 +1057,13 @@ int ssl3_read_bytes(SSL *s, int type, un
return (ret);
}
+ /*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+ if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+ s->s3->alert_count = 0;
+
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1271,6 +1278,14 @@ int ssl3_read_bytes(SSL *s, int type, un
if (alert_level == SSL3_AL_WARNING) {
s->s3->warn_alert = alert_descr;
+
+ s->s3->alert_count++;
+ if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+ goto f_err;
+ }
+
if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
return (0);
Modified: releng/10.1/crypto/openssl/ssl/ssl.h
==============================================================================
--- releng/10.1/crypto/openssl/ssl/ssl.h Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.1/crypto/openssl/ssl/ssl.h Wed Nov 2 07:24:14 2016 (r308204)
@@ -2713,6 +2713,7 @@ void ERR_load_SSL_strings(void);
# define SSL_R_TLS_HEARTBEAT_PENDING 366
# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+# define SSL_R_TOO_MANY_WARN_ALERTS 409
# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
# define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
Modified: releng/10.1/crypto/openssl/ssl/ssl3.h
==============================================================================
--- releng/10.1/crypto/openssl/ssl/ssl3.h Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.1/crypto/openssl/ssl/ssl3.h Wed Nov 2 07:24:14 2016 (r308204)
@@ -585,6 +585,8 @@ typedef struct ssl3_state_st {
char is_probably_safari;
# endif /* !OPENSSL_NO_EC */
# endif /* !OPENSSL_NO_TLSEXT */
+ /* Count of the number of consecutive warning alerts received */
+ unsigned int alert_count;
} SSL3_STATE;
# endif
Modified: releng/10.1/crypto/openssl/ssl/ssl_locl.h
==============================================================================
--- releng/10.1/crypto/openssl/ssl/ssl_locl.h Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.1/crypto/openssl/ssl/ssl_locl.h Wed Nov 2 07:24:14 2016 (r308204)
@@ -389,6 +389,8 @@
*/
# define SSL_MAX_DIGEST 6
+# define MAX_WARN_ALERT_COUNT 5
+
# define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
# define TLS1_PRF_DGST_SHIFT 10
Modified: releng/10.1/sys/conf/newvers.sh
==============================================================================
--- releng/10.1/sys/conf/newvers.sh Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.1/sys/conf/newvers.sh Wed Nov 2 07:24:14 2016 (r308204)
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="10.1"
-BRANCH="RELEASE-p41"
+BRANCH="RELEASE-p42"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
Modified: releng/10.2/UPDATING
==============================================================================
--- releng/10.2/UPDATING Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.2/UPDATING Wed Nov 2 07:24:14 2016 (r308204)
@@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITH
stable/10, and then rebuild without this option. The bootstrap process from
older version of current is a bit fragile.
+20161102 p25 FreeBSD-SA-16:35.openssl
+
+ Fix OpenSSL remote DoS vulnerability. [SA-16:35]
+
20161025 p24 FreeBSD-SA-16:15.sysarch [revised]
Fix incorrect argument validation in sysarch(2). [SA-16:15]
Modified: releng/10.2/crypto/openssl/ssl/d1_pkt.c
==============================================================================
--- releng/10.2/crypto/openssl/ssl/d1_pkt.c Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.2/crypto/openssl/ssl/d1_pkt.c Wed Nov 2 07:24:14 2016 (r308204)
@@ -924,6 +924,13 @@ int dtls1_read_bytes(SSL *s, int type, u
goto start;
}
+ /*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+ if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+ s->s3->alert_count = 0;
+
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1190,6 +1197,14 @@ int dtls1_read_bytes(SSL *s, int type, u
if (alert_level == SSL3_AL_WARNING) {
s->s3->warn_alert = alert_descr;
+
+ s->s3->alert_count++;
+ if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+ goto f_err;
+ }
+
if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
#ifndef OPENSSL_NO_SCTP
/*
Modified: releng/10.2/crypto/openssl/ssl/s3_pkt.c
==============================================================================
--- releng/10.2/crypto/openssl/ssl/s3_pkt.c Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.2/crypto/openssl/ssl/s3_pkt.c Wed Nov 2 07:24:14 2016 (r308204)
@@ -1057,6 +1057,13 @@ int ssl3_read_bytes(SSL *s, int type, un
return (ret);
}
+ /*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+ if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+ s->s3->alert_count = 0;
+
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1271,6 +1278,14 @@ int ssl3_read_bytes(SSL *s, int type, un
if (alert_level == SSL3_AL_WARNING) {
s->s3->warn_alert = alert_descr;
+
+ s->s3->alert_count++;
+ if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+ goto f_err;
+ }
+
if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
return (0);
Modified: releng/10.2/crypto/openssl/ssl/ssl.h
==============================================================================
--- releng/10.2/crypto/openssl/ssl/ssl.h Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.2/crypto/openssl/ssl/ssl.h Wed Nov 2 07:24:14 2016 (r308204)
@@ -2713,6 +2713,7 @@ void ERR_load_SSL_strings(void);
# define SSL_R_TLS_HEARTBEAT_PENDING 366
# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+# define SSL_R_TOO_MANY_WARN_ALERTS 409
# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
# define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
Modified: releng/10.2/crypto/openssl/ssl/ssl3.h
==============================================================================
--- releng/10.2/crypto/openssl/ssl/ssl3.h Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.2/crypto/openssl/ssl/ssl3.h Wed Nov 2 07:24:14 2016 (r308204)
@@ -585,6 +585,8 @@ typedef struct ssl3_state_st {
char is_probably_safari;
# endif /* !OPENSSL_NO_EC */
# endif /* !OPENSSL_NO_TLSEXT */
+ /* Count of the number of consecutive warning alerts received */
+ unsigned int alert_count;
} SSL3_STATE;
# endif
Modified: releng/10.2/crypto/openssl/ssl/ssl_locl.h
==============================================================================
--- releng/10.2/crypto/openssl/ssl/ssl_locl.h Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.2/crypto/openssl/ssl/ssl_locl.h Wed Nov 2 07:24:14 2016 (r308204)
@@ -389,6 +389,8 @@
*/
# define SSL_MAX_DIGEST 6
+# define MAX_WARN_ALERT_COUNT 5
+
# define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
# define TLS1_PRF_DGST_SHIFT 10
Modified: releng/10.2/sys/conf/newvers.sh
==============================================================================
--- releng/10.2/sys/conf/newvers.sh Wed Nov 2 07:23:36 2016 (r308203)
+++ releng/10.2/sys/conf/newvers.sh Wed Nov 2 07:24:14 2016 (r308204)
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="10.2"
-BRANCH="RELEASE-p24"
+BRANCH="RELEASE-p25"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
More information about the svn-src-all
mailing list