update for 2.1.10

The API/ABI for the LibreSSL 2.1.x series is now fixed, so we can safely
enable libtls it by default. This is useful for new OpenNTPD and
OpenSMTPD releases as well.

ok deraadt@ beck@ sthen@

ChangeLog

@@ -28,6 +28,80 @@ history is also available from Git.
 
 LibreSSL Portable Release Notes:
 
+This release primarily addresses a number of security issues in coordination
+with the OpenSSL project.
+
+2.1.10
+
+	* Deprecated the SSL_OP_SINGLE_DH_USE flag
+
+2.1.9 - Reliability Update
+
+	* Fixes from OpenSSL 1.0.1q
+	 - CVE-2015-3194 - NULL pointer dereference in client side certificate
+	                   validation.
+	 - CVE-2015-3195 - Memory leak in PKCS7 - not reachable from TLS/SSL
+
+	* The following OpenSSL CVEs did not apply to LibreSSL
+	 - CVE-2015-3193 - Carry propagating bug in the x86_64 Montgomery squaring
+	                   procedure.
+	 - CVE-2015-3196 - Double free race condition of the identify hint data.
+
+	 See https://marc.info/?l=openbsd-announce&m=144925068504102
+
+2.1.8 - Security Update
+
+	* Fixes for a memory leak and out-of-bounds access in OBJ_obj2txt
+	  reported by Qualys Security.
+	 - CVE-2015-5333 - memory leak in OBJ_obj2txt
+	 - CVE-2015-5334 - 1-byte buffer overflow in OBJ_obj2txt
+
+	 See http://www.openwall.com/lists/oss-security/2015/10/16/1
+
+2.1.7 - Security Update
+
+	* Fixes for the following issues are integrated into LibreSSL 2.1.7:
+	 - CVE-2015-1788 - Malformed ECParameters causes infinite loop
+	 - CVE-2015-1789 - Exploitable out-of-bounds read in X509_cmp_time
+	 - CVE-2015-1792 - CMS verify infinite loop with unknown hash function
+
+	* The following CVEs did not apply to LibreSSL or were fixed in
+	  earlier releases:
+	 - CVE-2015-4000 - DHE man-in-the-middle protection (Logjam)
+	 - CVE-2015-1790 - PKCS7 crash with missing EnvelopedContent
+	 - CVE-2014-8176 - Invalid free in DTLS
+
+	* Fixes for the following CVEs are still in review for LibreSSL
+	 - CVE-2015-1791 - Race condition handling NewSessionTicket
+
+2.1.6 - Security update
+
+	* Fixes for the following issues are integrated into LibreSSL 2.1.6:
+	  - CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
+	  - CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
+	  - CVE-2015-0287 - ASN.1 structure reuse memory corruption
+	  - CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref
+	  - CVE-2015-0289 - PKCS7 NULL pointer dereferences
+
+	* The fix for CVE-2015-0207 - Segmentation fault in DTLSv1_listen
+	  is integrated for safety, but LibreSSL is not vulnerable.
+
+	* Libtls is now built by default. The --enable-libtls
+	  configuration option is no longer required.
+	  The libtls API is now stable for the 2.1.x series.
+
+2.1.5 - Bug fixes and a security update
+	* Fix incorrect comparison function in openssl(1) certhash command.
+	  Thanks to Christian Neukirchen / Void Linux.
+
+	* Windows port improvements and bug fixes.
+	  - Removed a dependency on libgcc in 32-bit dynamic libraries.
+	  - Correct a hang in openssl(1) reading from stdin on an connection.
+	  - Initialize winsock in openssl(1) earlier, allow 'openssl ocsp' and
+	    any other network-related commands to function properly.
+
+	* Reject all server DH keys smaller than 1024 bits.
+
 2.1.4 - Security and feature updates
 	* Improvements to libtls:
 	  - a new API for loading CA chains directly from memory instead of a

Makefile.am

@@ -2,10 +2,6 @@ SUBDIRS = crypto ssl tls include apps tests man
 ACLOCAL_AMFLAGS = -I m4
 
 pkgconfigdir = $(libdir)/pkgconfig
-pkgconfig_DATA = libcrypto.pc libssl.pc openssl.pc
+pkgconfig_DATA = libcrypto.pc libssl.pc libtls.pc openssl.pc
-
-if ENABLE_LIBTLS
-pkgconfig_DATA += libtls.pc
-endif
 
 EXTRA_DIST = README README.windows VERSION config scripts

OPENBSD_BRANCH

@@ -1 +1 @@
-master
+OPENBSD_5_7

VERSION

@@ -1 +1 @@
-2.1.4
+2.1.10

apps/poll_win.c

@@ -44,6 +44,8 @@ conn_has_oob_data(int fd)
 static int
 is_socket(int fd)
 {
+	if (fd < 3)
+		return 0;
 	WSANETWORKEVENTS events;
 	return (WSAEnumNetworkEvents((SOCKET)fd, NULL, &events) == 0);
 }
@@ -160,10 +162,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 	nfds_t i;
 	int timespent_ms, looptime_ms;
 
-#define FD_IS_SOCKET (1 << 0)
-	int fd_state[FD_SETSIZE];
-	int num_fds;
-
 	/*
 	 * select machinery
 	 */
@@ -190,14 +188,12 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 	FD_ZERO(&rfds);
 	FD_ZERO(&wfds);
 	FD_ZERO(&efds);
-	num_fds = 0;
 	num_sockets = 0;
 	num_handles = 0;
 
 	for (i = 0; i < nfds; i++) {
-		if ((int)pfds[i].fd < 0) {
+		if ((int)pfds[i].fd < 0)
 			continue;
-		}
 
 		if (is_socket(pfds[i].fd)) {
 			if (num_sockets >= FD_SETSIZE) {
@@ -205,8 +201,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 				return -1;
 			}
 
-			fd_state[num_fds] = FD_IS_SOCKET;
-
 			FD_SET(pfds[i].fd, &efds);
 
 			if (pfds[i].events &
@@ -229,8 +223,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 			handles[num_handles++] =
 			    (HANDLE)_get_osfhandle(pfds[i].fd);
 		}
-
-		num_fds++;
 	}
 
 	/*
@@ -254,21 +246,22 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 	 * than simply triggering if there is space available.
 	 */
 	timespent_ms = 0;
-	wait_rc = 0;
+	wait_rc = WAIT_FAILED;
 
-	if (timeout_ms < 0) {
+	if (timeout_ms < 0)
 		timeout_ms = INFINITE;
-	}
 	looptime_ms = timeout_ms > 100 ? 100 : timeout_ms;
 
 	do {
 		struct timeval tv = {0, looptime_ms * 1000};
+		int handle_signaled = 0;
 
 		/*
 		 * Check if any file handles have signaled
 		 */
 		if (num_handles) {
-			wait_rc = WaitForMultipleObjects(num_handles, handles, FALSE, 0);
+			wait_rc = WaitForMultipleObjects(num_handles, handles,
+					FALSE, 0);
 			if (wait_rc == WAIT_FAILED) {
 				/*
 				 * The documentation for WaitForMultipleObjects
@@ -285,18 +278,20 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 		/*
 		 * If we signaled on a file handle, don't wait on the sockets.
 		 */
-		if (wait_rc >= WAIT_OBJECT_0)
+		if (wait_rc >= WAIT_OBJECT_0 &&
+		    (wait_rc <= WAIT_OBJECT_0 + num_handles - 1)) {
 			tv.tv_usec = 0;
+			handle_signaled = 1;
+		}
 
 		/*
 		 * Check if any sockets have signaled
 		 */
 		rc = select(0, &rfds, &wfds, &efds, &tv);
-		if (rc == SOCKET_ERROR) {
+		if (!handle_signaled && rc == SOCKET_ERROR)
 			return wsa_select_errno(WSAGetLastError());
-		}
 
-		if (wait_rc >= WAIT_OBJECT_0 || (num_sockets && rc > 0))
+		if (handle_signaled || (num_sockets && rc > 0))
 			break;
 
 		timespent_ms += looptime_ms;
@@ -305,14 +300,14 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 
 	rc = 0;
 	num_handles = 0;
-	num_fds = 0;
 	for (i = 0; i < nfds; i++) {
 		pfds[i].revents = 0;
 
 		if ((int)pfds[i].fd < 0)
 			continue;
 
-		if (fd_state[num_fds] & FD_IS_SOCKET) {
+		if (is_socket(pfds[i].fd)) {
+
 			pfds[i].revents = compute_select_revents(pfds[i].fd,
 			    pfds[i].events, &rfds, &wfds, &efds);
 
@@ -323,8 +318,6 @@ poll(struct pollfd *pfds, nfds_t nfds, int timeout_ms)
 			num_handles++;
 		}
 
-		num_fds++;
-
 		if (pfds[i].revents)
 			rc++;
 	}

configure.ac

@@ -9,8 +9,8 @@ AC_CONFIG_MACRO_DIR([m4])
 
 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
 
-AC_SUBST([USER_CFLAGS], "-O2 $CFLAGS")
+AC_SUBST([USER_CFLAGS], "$CFLAGS")
-CFLAGS="$CFLAGS -Wall -std=gnu99 -g"
+CFLAGS="-Wall -std=gnu99 -g -O2"
 
 case $host_os in
 	*darwin*)
@@ -41,7 +41,8 @@ case $host_os in
 		;;
 	*mingw*)
 		HOST_OS=win
-		CFLAGS="$CFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600 -DOPENSSL_NO_SPEED -DNO_SYSLOG -D__USE_MINGW_ANSI_STDIO"
+		CFLAGS="$CFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600 -DOPENSSL_NO_SPEED -DNO_SYSLOG -D__USE_MINGW_ANSI_STDIO -static-libgcc"
+		LDFLAGS="$LDFLAGS -static-libgcc"
 		AC_SUBST([PLATFORM_LDADD], ['-lws2_32'])
 		;;
 	*solaris*)
@@ -284,10 +285,14 @@ AC_ARG_ENABLE([asm],
 AM_CONDITIONAL([OPENSSL_NO_ASM], [test "x$enable_asm" = "xno"])
 
 old_cflags=$CFLAGS
-CFLAGS="$old_cflags -I$srcdir/include"
+CFLAGS="$USER_CFLAGS -I$srcdir/include"
+AC_MSG_CHECKING([if BSWAP4 builds without __STRICT_ALIGNMENT])
 AC_TRY_COMPILE([#include "$srcdir/crypto/modes/modes_lcl.h"],
 	       [int a = 0; BSWAP4(a);],
-	       BSWAP4=yes, BSWAP4=no)
+	       AC_MSG_RESULT([yes])
+	       BSWAP4=yes,
+	       AC_MSG_RESULT([no])
+	       BSWAP4=no)
 CFLAGS="$old_cflags"
 
 case $host_cpu in
@@ -296,7 +301,7 @@ case $host_cpu in
 		;;
 	*arm*)
 		AS_IF([test "x$BSWAP4" = "xyes"],,
-		    CFLAGS="$old_cflags -D__STRICT_ALIGNMENT")
+		    CFLAGS="$CFLAGS -D__STRICT_ALIGNMENT")
 		;;
 esac
 
@@ -305,11 +310,6 @@ AM_CONDITIONAL([HOST_ASM_ELF_X86_64],
 AM_CONDITIONAL([HOST_ASM_MACOSX_X86_64],
     [test "x$HOST_ABI" = "xmacosx" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"])
 
-AC_ARG_ENABLE([libtls],
-	AS_HELP_STRING([--enable-libtls], [Enable building the libtls library]))
-AM_CONDITIONAL([ENABLE_LIBTLS], [test "x$enable_libtls" = xyes])
-AM_COND_IF([ENABLE_LIBTLS], [AC_CONFIG_FILES([libtls.pc])])
-
 LT_INIT
 
 AC_CONFIG_FILES([
@@ -324,6 +324,7 @@ AC_CONFIG_FILES([
 	man/Makefile
 	libcrypto.pc
 	libssl.pc
+	libtls.pc
 	openssl.pc
 ])
 

dist-win.sh

@@ -8,6 +8,7 @@ DIST=libressl-$VERSION-windows
 
 rm -fr $DIST
 mkdir -p $DIST
+autoreconf -i
 
 for ARCH in X86 X64; do
 
@@ -21,7 +22,7 @@ for ARCH in X86 X64; do
 
 	echo Building for $HOST
 
-	CC=$HOST-gcc ./configure --host=$HOST --enable-libtls
+	CC=$HOST-gcc ./configure --host=$HOST
 	make clean
 	PATH=$PATH:/usr/$HOST/sys-root/mingw/bin \
 	   make -j 4 check

dist.sh

@@ -3,5 +3,5 @@ set -e
 
 rm -f man/*.1 man/*.3
 ./autogen.sh
-./configure --enable-libtls
+./configure
 make distcheck

gen-coverage-report.sh

@@ -20,7 +20,7 @@ find -name '*.gcda' -o -name '*.gcno' -delete
 rm -fr $DESTDIR
 
 echo "Configuring to build with code coverage support"
-./configure --enable-libtls CFLAGS='-O0 -fprofile-arcs -ftest-coverage'
+./configure CFLAGS='-O0 -fprofile-arcs -ftest-coverage'
 
 echo "Running all code paths"
 make clean

include/Makefile.am

@@ -28,6 +28,4 @@ noinst_HEADERS += sys/times.h
 noinst_HEADERS += sys/types.h
 noinst_HEADERS += sys/uio.h
 
-if ENABLE_LIBTLS
 include_HEADERS = tls.h
-endif

patches/win_bio_sock_init.diff

@@ -0,0 +1,44 @@
+diff --git a/src/usr.bin/openssl/openssl.c b/src/usr.bin/openssl/openssl.c
+index e7dd11c..cfd4593 100644
+--- a/src/usr.bin/openssl/openssl.c
++++ b/src/usr.bin/openssl/openssl.c
+@@ -253,6 +253,11 @@ main(int argc, char **argv)
+ 	arg.data = NULL;
+ 	arg.count = 0;
+ 
++	if (BIO_sock_init() != 1) {
++		fprintf(stderr, "BIO_sock_init failed\n");
++		exit(1);
++	}
++
+ 	bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+ 	if (bio_err == NULL) {
+ 		fprintf(stderr, "openssl: failed to initialise bio_err\n");
+diff --git a/src/usr.bin/openssl/s_socket.c b/src/usr.bin/openssl/s_socket.c
+index 3b96b1a..2ce31eb 100644
+--- a/src/usr.bin/openssl/s_socket.c
++++ b/src/usr.bin/openssl/s_socket.c
+@@ -85,11 +85,6 @@ init_client(int *sock, char *host, char *port, int type, int af)
+ 	struct addrinfo hints, *ai_top, *ai;
+ 	int i, s;
+ 
+-	if (BIO_sock_init() != 1) {
+-		BIO_printf(bio_err, "BIO_sock_init failed\n");
+-		return (0);
+-	}
+-
+ 	memset(&hints, '\0', sizeof(hints));
+ 	hints.ai_family = af;
+ 	hints.ai_socktype = type;
+@@ -181,11 +176,6 @@ init_server_long(int *sock, int port, char *ip, int type)
+ 	struct sockaddr_in server;
+ 	int s = -1;
+ 
+-	if (BIO_sock_init() != 1) {
+-		BIO_printf(bio_err, "BIO_sock_init failed\n");
+-		return (0);
+-	}
+-
+ 	memset((char *) &server, 0, sizeof(server));
+ 	server.sin_family = AF_INET;
+ 	server.sin_port = htons((unsigned short) port);

scripts/travis

@@ -4,7 +4,7 @@ set -e
 ./autogen.sh
 
 if [ "x$ARCH" = "xnative" ]; then
-	./configure --enable-libtls
+	./configure
 	if [ `uname` = "Darwin" ]; then
 		# OS X runs out of resources if we run 'make -j check'
 		make check
@@ -28,6 +28,6 @@ else
 		export PATH=$PATH:/opt/$ARCH/bin
 	fi
 
-	./configure --host=$CPU-w64-mingw32 --enable-libtls
+	./configure --host=$CPU-w64-mingw32
 	make -j
 fi

tls/Makefile.am

@@ -1,6 +1,5 @@
 include $(top_srcdir)/Makefile.am.common
 
-if ENABLE_LIBTLS
 lib_LTLIBRARIES = libtls.la
 
 EXTRA_DIST = VERSION
@@ -20,5 +19,3 @@ noinst_HEADERS = tls_internal.h
 if !HAVE_STRSEP
 libtls_la_SOURCES += strsep.c
 endif
-
-endif

update.sh

@@ -18,15 +18,15 @@ fi
  git pull --rebase)
 
 # setup source paths
-dir=`pwd`
+CWD=`pwd`
-libc_src=$dir/openbsd/src/lib/libc
+libc_src=$CWD/openbsd/src/lib/libc
-libc_regress=$dir/openbsd/src/regress/lib/libc
+libc_regress=$CWD/openbsd/src/regress/lib/libc
-libcrypto_src=$dir/openbsd/src/lib/libcrypto
+libcrypto_src=$CWD/openbsd/src/lib/libcrypto
-libcrypto_regress=$dir/openbsd/src/regress/lib/libcrypto
+libcrypto_regress=$CWD/openbsd/src/regress/lib/libcrypto
-libssl_src=$dir/openbsd/src/lib/libssl
+libssl_src=$CWD/openbsd/src/lib/libssl
-libssl_regress=$dir/openbsd/src/regress/lib/libssl
+libssl_regress=$CWD/openbsd/src/regress/lib/libssl
-libtls_src=$dir/openbsd/src/lib/libtls
+libtls_src=$CWD/openbsd/src/lib/libtls
-openssl_app_src=$dir/openbsd/src/usr.bin/openssl
+openssl_app_src=$CWD/openbsd/src/usr.bin/openssl
 
 # load library versions
 source $libcrypto_src/crypto/shlib_version
@@ -184,6 +184,8 @@ for i in `awk '/SOURCES|HEADERS/ { print $3 }' apps/Makefile.am` ; do
 		$CP $openssl_app_src/$i apps
 	fi
 done
+# patch for openssl(1) oscp on windows
+(cd apps; patch -p4 < $CWD/patches/win_bio_sock_init.diff)
 
 # copy libssl source
 echo "copying libssl source"
@@ -302,9 +304,7 @@ echo "copying manpages"
 	$CP $openssl_app_src/openssl.1 .
 	echo "dist_man_MANS += openssl.1" >> Makefile.am
 	$CP $libtls_src/tls_init.3 .
-	echo "if ENABLE_LIBTLS" >> Makefile.am
 	echo "dist_man_MANS += tls_init.3" >> Makefile.am
-	echo "endif" >> Makefile.am
 
 	# convert remaining POD manpages
 	for i in `ls -1 $libssl_src/src/doc/crypto/*.pod | sort`; do
@@ -326,23 +326,19 @@ echo "copying manpages"
 		echo "	ln -f \$(DESTDIR)\$(mandir)/man3/$1 \\" >> Makefile.am
 		echo "    \$(DESTDIR)\$(mandir)/man3/$2" >> Makefile.am
 	done
-	echo "if ENABLE_LIBTLS" >> Makefile.am
 	for i in $TLS_MLINKS; do
 		IFS=","; set $i; unset IFS
 		echo "	ln -f \$(DESTDIR)\$(mandir)/man3/$1 \\" >> Makefile.am
 		echo "    \$(DESTDIR)\$(mandir)/man3/$2" >> Makefile.am
 	done
-	echo "endif" >> Makefile.am
 	echo "" >> Makefile.am
 	echo "uninstall-local:" >> Makefile.am
 	for i in $SSL_MLINKS; do
 		IFS=","; set $i; unset IFS
 		echo "	-rm -f \$(DESTDIR)\$(mandir)/man3/$2" >> Makefile.am
 	done
-	echo "if ENABLE_LIBTLS" >> Makefile.am
 	for i in $TLS_MLINKS; do
 		IFS=","; set $i; unset IFS
 		echo "	rm -f \$(DESTDIR)\$(mandir)/man3/$2" >> Makefile.am
 	done
-	echo "endif" >> Makefile.am
 )