[jackhill/guix/guix.git] / gnu / packages / patches / openssl-CVE-2019-1559.patch

From e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Fri, 14 Dec 2018 07:28:30 +0000
Subject: [PATCH] Go into the error state if a fatal alert is sent or received

If an application calls SSL_shutdown after a fatal alert has occured and
then behaves different based on error codes from that function then the
application may be vulnerable to a padding oracle.

CVE-2019-1559

Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 ssl/d1_pkt.c |  1 +
 ssl/s3_pkt.c | 10 +++++++---
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 23aa9db..c7fe977 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -1309,6 +1309,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
             ERR_add_error_data(2, "SSL alert number ", tmp);
             s->shutdown |= SSL_RECEIVED_SHUTDOWN;
             SSL_CTX_remove_session(s->session_ctx, s->session);
+            s->state = SSL_ST_ERR;
             return (0);
         } else {
             al = SSL_AD_ILLEGAL_PARAMETER;
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 6527df8..830b723 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1500,6 +1500,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
             ERR_add_error_data(2, "SSL alert number ", tmp);
             s->shutdown |= SSL_RECEIVED_SHUTDOWN;
             SSL_CTX_remove_session(s->session_ctx, s->session);
+            s->state = SSL_ST_ERR;
             return (0);
         } else {
             al = SSL_AD_ILLEGAL_PARAMETER;
@@ -1719,9 +1720,12 @@ int ssl3_send_alert(SSL *s, int level, int desc)
                                           * protocol_version alerts */
     if (desc < 0)
         return -1;
-    /* If a fatal one, remove from cache */
-    if ((level == 2) && (s->session != NULL))
-        SSL_CTX_remove_session(s->session_ctx, s->session);
+    /* If a fatal one, remove from cache and go into the error state */
+    if (level == SSL3_AL_FATAL) {
+        if (s->session != NULL)
+            SSL_CTX_remove_session(s->session_ctx, s->session);
+        s->state = SSL_ST_ERR;
+    }
 
     s->s3->alert_dispatch = 1;
     s->s3->send_alert[0] = level;
-- 
2.7.4
Commit	Line	Data
a92c6b1a TGR	1	From e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e Mon Sep 17 00:00:00 2001
	2	From: Matt Caswell <matt@openssl.org>
	3	Date: Fri, 14 Dec 2018 07:28:30 +0000
	4	Subject: [PATCH] Go into the error state if a fatal alert is sent or received
	5
	6	If an application calls SSL_shutdown after a fatal alert has occured and
	7	then behaves different based on error codes from that function then the
	8	application may be vulnerable to a padding oracle.
	9
	10	CVE-2019-1559
	11
	12	Reviewed-by: Richard Levitte <levitte@openssl.org>
	13	---
	14	ssl/d1_pkt.c \| 1 +
	15	ssl/s3_pkt.c \| 10 +++++++---
	16	2 files changed, 8 insertions(+), 3 deletions(-)
	17
	18	diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
	19	index 23aa9db..c7fe977 100644
	20	--- a/ssl/d1_pkt.c
	21	+++ b/ssl/d1_pkt.c
	22	@@ -1309,6 +1309,7 @@ int dtls1_read_bytes(SSL s, int type, unsigned char buf, int len, int peek)
	23	ERR_add_error_data(2, "SSL alert number ", tmp);
	24	s->shutdown \|= SSL_RECEIVED_SHUTDOWN;
	25	SSL_CTX_remove_session(s->session_ctx, s->session);
	26	+ s->state = SSL_ST_ERR;
	27	return (0);
	28	} else {
	29	al = SSL_AD_ILLEGAL_PARAMETER;
	30	diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
	31	index 6527df8..830b723 100644
	32	--- a/ssl/s3_pkt.c
	33	+++ b/ssl/s3_pkt.c
	34	@@ -1500,6 +1500,7 @@ int ssl3_read_bytes(SSL s, int type, unsigned char buf, int len, int peek)
	35	ERR_add_error_data(2, "SSL alert number ", tmp);
	36	s->shutdown \|= SSL_RECEIVED_SHUTDOWN;
	37	SSL_CTX_remove_session(s->session_ctx, s->session);
	38	+ s->state = SSL_ST_ERR;
	39	return (0);
	40	} else {
	41	al = SSL_AD_ILLEGAL_PARAMETER;
	42	@@ -1719,9 +1720,12 @@ int ssl3_send_alert(SSL *s, int level, int desc)
	43	* protocol_version alerts */
	44	if (desc < 0)
	45	return -1;
	46	- /* If a fatal one, remove from cache */
	47	- if ((level == 2) && (s->session != NULL))
	48	- SSL_CTX_remove_session(s->session_ctx, s->session);
	49	+ /* If a fatal one, remove from cache and go into the error state */
	50	+ if (level == SSL3_AL_FATAL) {
	51	+ if (s->session != NULL)
	52	+ SSL_CTX_remove_session(s->session_ctx, s->session);
	53	+ s->state = SSL_ST_ERR;
	54	+ }
	55
	56	s->s3->alert_dispatch = 1;
	57	s->s3->send_alert[0] = level;
	58	--
	59	2.7.4
	60