From a5fa80e2a069e35331af10369d810b4daa63635b Mon Sep 17 00:00:00 2001
From: Igor Pashev <igor.pashev@nexenta.com>
Date: Fri, 26 Oct 2012 17:19:15 +0400
Subject: openssl 0.9.8 mostly done

---
 openssl0.9.8/patches/CVE-2011-4619.patch | 104 +++++++++++++++++++++++++++++++
 1 file changed, 104 insertions(+)
 create mode 100644 openssl0.9.8/patches/CVE-2011-4619.patch

(limited to 'openssl0.9.8/patches/CVE-2011-4619.patch')

diff --git a/openssl0.9.8/patches/CVE-2011-4619.patch b/openssl0.9.8/patches/CVE-2011-4619.patch
new file mode 100644
index 0000000..9e51777
--- /dev/null
+++ b/openssl0.9.8/patches/CVE-2011-4619.patch
@@ -0,0 +1,104 @@
+Index: openssl-0.9.8o/ssl/s3_srvr.c
+===================================================================
+--- openssl-0.9.8o.orig/ssl/s3_srvr.c	2012-03-13 21:44:39.000000000 +0100
++++ openssl-0.9.8o/ssl/s3_srvr.c	2012-03-13 21:44:42.000000000 +0100
+@@ -235,6 +235,7 @@
+ 				}
+ 
+ 			s->init_num=0;
++			s->s3->flags &= ~SSL3_FLAGS_SGC_RESTART_DONE;
+ 
+ 			if (s->state != SSL_ST_RENEGOTIATE)
+ 				{
+@@ -709,6 +710,13 @@
+ 	s->s3->tmp.reuse_message = 1;
+ 	if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
+ 		{
++		/* We only allow the client to restart the handshake once per
++		 * negotiation. */
++		if (s->s3->flags & SSL3_FLAGS_SGC_RESTART_DONE)
++			{
++			SSLerr(SSL_F_SSL3_CHECK_CLIENT_HELLO, SSL_R_MULTIPLE_SGC_RESTARTS);
++			return -1;
++			}
+ 		/* Throw away what we have done so far in the current handshake,
+ 		 * which will now be aborted. (A full SSL_clear would be too much.) */
+ #ifndef OPENSSL_NO_DH
+@@ -725,6 +733,7 @@
+ 			s->s3->tmp.ecdh = NULL;
+ 			}
+ #endif
++		s->s3->flags |= SSL3_FLAGS_SGC_RESTART_DONE;
+ 		return 2;
+ 		}
+ 	return 1;
+Index: openssl-0.9.8o/ssl/ssl.h
+===================================================================
+--- openssl-0.9.8o.orig/ssl/ssl.h	2012-03-13 21:44:39.000000000 +0100
++++ openssl-0.9.8o/ssl/ssl.h	2012-03-13 21:44:42.000000000 +0100
+@@ -1739,6 +1739,7 @@
+ #define SSL_F_SSL3_CALLBACK_CTRL			 233
+ #define SSL_F_SSL3_CHANGE_CIPHER_STATE			 129
+ #define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM		 130
++#define SSL_F_SSL3_CHECK_CLIENT_HELLO			 292
+ #define SSL_F_SSL3_CLIENT_HELLO				 131
+ #define SSL_F_SSL3_CONNECT				 132
+ #define SSL_F_SSL3_CTRL					 213
+@@ -1974,6 +1975,7 @@
+ #define SSL_R_MISSING_TMP_RSA_KEY			 172
+ #define SSL_R_MISSING_TMP_RSA_PKEY			 173
+ #define SSL_R_MISSING_VERIFY_MESSAGE			 174
++#define SSL_R_MULTIPLE_SGC_RESTARTS			 325
+ #define SSL_R_NON_SSLV2_INITIAL_PACKET			 175
+ #define SSL_R_NO_CERTIFICATES_RETURNED			 176
+ #define SSL_R_NO_CERTIFICATE_ASSIGNED			 177
+Index: openssl-0.9.8o/ssl/ssl3.h
+===================================================================
+--- openssl-0.9.8o.orig/ssl/ssl3.h	2012-03-13 21:44:39.000000000 +0100
++++ openssl-0.9.8o/ssl/ssl3.h	2012-03-13 21:44:42.000000000 +0100
+@@ -333,6 +333,17 @@
+ #define SSL3_FLAGS_DELAY_CLIENT_FINISHED	0x0002
+ #define SSL3_FLAGS_POP_BUFFER			0x0004
+ #define TLS1_FLAGS_TLS_PADDING_BUG		0x0008
++ 
++/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
++ * restart a handshake because of MS SGC and so prevents us
++ * from restarting the handshake in a loop. It's reset on a
++ * renegotiation, so effectively limits the client to one restart
++ * per negotiation. This limits the possibility of a DDoS
++ * attack where the client handshakes in a loop using SGC to
++ * restart. Servers which permit renegotiation can still be
++ * effected, but we can't prevent that.
++ */
++#define SSL3_FLAGS_SGC_RESTART_DONE		0x0040
+ 
+ typedef struct ssl3_state_st
+ 	{
+Index: openssl-0.9.8o/ssl/ssl_err.c
+===================================================================
+--- openssl-0.9.8o.orig/ssl/ssl_err.c	2012-03-13 21:44:39.000000000 +0100
++++ openssl-0.9.8o/ssl/ssl_err.c	2012-03-13 21:44:42.000000000 +0100
+@@ -1,6 +1,6 @@
+ /* ssl/ssl_err.c */
+ /* ====================================================================
+- * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
++ * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
+  *
+  * Redistribution and use in source and binary forms, with or without
+  * modification, are permitted provided that the following conditions
+@@ -137,6 +137,7 @@
+ {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL),	"SSL3_CALLBACK_CTRL"},
+ {ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE),	"SSL3_CHANGE_CIPHER_STATE"},
+ {ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM),	"SSL3_CHECK_CERT_AND_ALGORITHM"},
++{ERR_FUNC(SSL_F_SSL3_CHECK_CLIENT_HELLO),	"SSL3_CHECK_CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO),	"SSL3_CLIENT_HELLO"},
+ {ERR_FUNC(SSL_F_SSL3_CONNECT),	"SSL3_CONNECT"},
+ {ERR_FUNC(SSL_F_SSL3_CTRL),	"SSL3_CTRL"},
+@@ -375,6 +376,7 @@
+ {ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY)   ,"missing tmp rsa key"},
+ {ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY)  ,"missing tmp rsa pkey"},
+ {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE),"missing verify message"},
++{ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS) ,"multiple sgc restarts"},
+ {ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET),"non sslv2 initial packet"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED),"no certificates returned"},
+ {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED),"no certificate assigned"},
-- 
cgit v1.2.3