From owner-svn-src-all@FreeBSD.ORG Thu Dec 3 09:18:41 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7E9AB10656AA; Thu, 3 Dec 2009 09:18:41 +0000 (UTC) (envelope-from cperciva@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 698C18FC2E; Thu, 3 Dec 2009 09:18:41 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id nB39IfqP061870; Thu, 3 Dec 2009 09:18:41 GMT (envelope-from cperciva@svn.freebsd.org) Received: (from cperciva@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id nB39IeLA061834; Thu, 3 Dec 2009 09:18:40 GMT (envelope-from cperciva@svn.freebsd.org) Message-Id: <200912030918.nB39IeLA061834@svn.freebsd.org> From: Colin Percival Date: Thu, 3 Dec 2009 09:18:40 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r200054 - head/crypto/openssl/ssl head/etc/mtree head/usr.sbin/freebsd-update releng/6.3 releng/6.3/crypto/openssl/ssl releng/6.3/etc/mtree releng/6.3/usr.sbin/freebsd-update releng/6.4... X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2009 09:18:41 -0000 Author: cperciva Date: Thu Dec 3 09:18:40 2009 New Revision: 200054 URL: http://svn.freebsd.org/changeset/base/200054 Log: Disable SSL renegotiation in order to protect against a serious protocol flaw. [09:15] Correctly handle failures from unsetenv resulting from a corrupt environment in rtld-elf. [09:16] Fix permissions in freebsd-update in order to prevent leakage of sensitive files. [09:17] Approved by: so (cperciva) Security: FreeBSD-SA-09:15.ssl Security: FreeBSD-SA-09:16.rtld Security: FreeBSD-SA-09:17.freebsd-udpate Modified: releng/6.3/UPDATING releng/6.3/crypto/openssl/ssl/s3_lib.c releng/6.3/crypto/openssl/ssl/s3_pkt.c releng/6.3/crypto/openssl/ssl/s3_srvr.c releng/6.3/etc/mtree/BSD.var.dist releng/6.3/usr.sbin/freebsd-update/freebsd-update.sh releng/6.4/UPDATING releng/6.4/crypto/openssl/ssl/s3_lib.c releng/6.4/crypto/openssl/ssl/s3_pkt.c releng/6.4/crypto/openssl/ssl/s3_srvr.c releng/6.4/etc/mtree/BSD.var.dist releng/6.4/usr.sbin/freebsd-update/freebsd-update.sh releng/7.1/UPDATING releng/7.1/crypto/openssl/ssl/s3_lib.c releng/7.1/crypto/openssl/ssl/s3_pkt.c releng/7.1/crypto/openssl/ssl/s3_srvr.c releng/7.1/etc/mtree/BSD.var.dist releng/7.1/libexec/rtld-elf/rtld.c releng/7.1/usr.sbin/freebsd-update/freebsd-update.sh releng/7.2/UPDATING releng/7.2/crypto/openssl/ssl/s3_lib.c releng/7.2/crypto/openssl/ssl/s3_pkt.c releng/7.2/crypto/openssl/ssl/s3_srvr.c releng/7.2/etc/mtree/BSD.var.dist releng/7.2/libexec/rtld-elf/rtld.c releng/7.2/usr.sbin/freebsd-update/freebsd-update.sh releng/8.0/UPDATING releng/8.0/crypto/openssl/ssl/s3_lib.c releng/8.0/crypto/openssl/ssl/s3_pkt.c releng/8.0/crypto/openssl/ssl/s3_srvr.c releng/8.0/etc/mtree/BSD.var.dist releng/8.0/libexec/rtld-elf/rtld.c releng/8.0/usr.sbin/freebsd-update/freebsd-update.sh Changes in other areas also in this revision: Modified: head/crypto/openssl/ssl/s3_lib.c head/crypto/openssl/ssl/s3_pkt.c head/crypto/openssl/ssl/s3_srvr.c head/etc/mtree/BSD.var.dist head/usr.sbin/freebsd-update/freebsd-update.sh stable/6/crypto/openssl/ssl/s3_lib.c stable/6/crypto/openssl/ssl/s3_pkt.c stable/6/crypto/openssl/ssl/s3_srvr.c stable/6/etc/mtree/BSD.var.dist stable/6/usr.sbin/freebsd-update/freebsd-update.sh stable/7/crypto/openssl/ssl/s3_lib.c stable/7/crypto/openssl/ssl/s3_pkt.c stable/7/crypto/openssl/ssl/s3_srvr.c stable/7/etc/mtree/BSD.var.dist stable/7/usr.sbin/freebsd-update/freebsd-update.sh stable/8/crypto/openssl/ssl/s3_lib.c stable/8/crypto/openssl/ssl/s3_pkt.c stable/8/crypto/openssl/ssl/s3_srvr.c stable/8/etc/mtree/BSD.var.dist stable/8/usr.sbin/freebsd-update/freebsd-update.sh Modified: releng/6.3/UPDATING ============================================================================== --- releng/6.3/UPDATING Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.3/UPDATING Thu Dec 3 09:18:40 2009 (r200054) @@ -8,6 +8,13 @@ Items affecting the ports and packages s /usr/ports/UPDATING. Please read that file before running portupgrade. +20091203: p14 FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:17.freebsd-update + Disable SSL renegotiation in order to protect against a serious + protocol flaw. [09:15] + + Fix permissions in freebsd-update in order to prevent leakage of + sensitive files. [09:17] + 20091002: p13 FreeBSD-SA-09:13.pipe, FreeBSD-SA-09:14.devfs, FreeBSD-EN-09:05.null Fix kqueue pipe race conditions. [SA-09:13] Modified: releng/6.3/crypto/openssl/ssl/s3_lib.c ============================================================================== --- releng/6.3/crypto/openssl/ssl/s3_lib.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.3/crypto/openssl/ssl/s3_lib.c Thu Dec 3 09:18:40 2009 (r200054) @@ -1768,6 +1768,9 @@ int ssl3_renegotiate(SSL *s) if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) return(0); + if (1) + return(0); + s->s3->renegotiate=1; return(1); } Modified: releng/6.3/crypto/openssl/ssl/s3_pkt.c ============================================================================== --- releng/6.3/crypto/openssl/ssl/s3_pkt.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.3/crypto/openssl/ssl/s3_pkt.c Thu Dec 3 09:18:40 2009 (r200054) @@ -975,9 +975,7 @@ start: if (s->msg_callback) s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg); - if (SSL_is_init_finished(s) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && - !s->s3->renegotiate) + if (0) { ssl3_renegotiate(s); if (ssl3_renegotiate_check(s)) @@ -1108,8 +1106,7 @@ start: /* Unexpected handshake message (Client Hello, or protocol violation) */ if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake) { - if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) + if (0) { #if 0 /* worked only because C operator preferences are not as expected (and * because this is not really needed for clients except for detecting Modified: releng/6.3/crypto/openssl/ssl/s3_srvr.c ============================================================================== --- releng/6.3/crypto/openssl/ssl/s3_srvr.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.3/crypto/openssl/ssl/s3_srvr.c Thu Dec 3 09:18:40 2009 (r200054) @@ -654,6 +654,13 @@ static int ssl3_get_client_hello(SSL *s) SSL_COMP *comp=NULL; STACK_OF(SSL_CIPHER) *ciphers=NULL; + if (s->new_session) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); + goto f_err; + } + /* We do this so that we will respond with our native type. * If we are TLSv1 and we get SSLv3, we will respond with TLSv1, * This down switching should be handled by a different method. Modified: releng/6.3/etc/mtree/BSD.var.dist ============================================================================== --- releng/6.3/etc/mtree/BSD.var.dist Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.3/etc/mtree/BSD.var.dist Thu Dec 3 09:18:40 2009 (r200054) @@ -32,7 +32,7 @@ db entropy uname=operator gname=operator mode=0700 .. - freebsd-update + freebsd-update mode=0700 .. ipf mode=0700 .. Modified: releng/6.3/usr.sbin/freebsd-update/freebsd-update.sh ============================================================================== --- releng/6.3/usr.sbin/freebsd-update/freebsd-update.sh Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.3/usr.sbin/freebsd-update/freebsd-update.sh Thu Dec 3 09:18:40 2009 (r200054) @@ -524,6 +524,7 @@ fetch_check_params () { echo ${WORKDIR} exit 1 fi + chmod 700 ${WORKDIR} cd ${WORKDIR} || exit 1 # Generate release number. The s/SECURITY/RELEASE/ bit exists Modified: releng/6.4/UPDATING ============================================================================== --- releng/6.4/UPDATING Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.4/UPDATING Thu Dec 3 09:18:40 2009 (r200054) @@ -8,6 +8,13 @@ Items affecting the ports and packages s /usr/ports/UPDATING. Please read that file before running portupgrade. +20091203: p8 FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:17.freebsd-update + Disable SSL renegotiation in order to protect against a serious + protocol flaw. [09:15] + + Fix permissions in freebsd-update in order to prevent leakage of + sensitive files. [09:17] + 20091002: p7 FreeBSD-SA-09:13.pipe, FreeBSD-SA-09:14.devfs, FreeBSD-EN-09:05.null Fix kqueue pipe race conditions. [SA-09:13] Modified: releng/6.4/crypto/openssl/ssl/s3_lib.c ============================================================================== --- releng/6.4/crypto/openssl/ssl/s3_lib.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.4/crypto/openssl/ssl/s3_lib.c Thu Dec 3 09:18:40 2009 (r200054) @@ -1768,6 +1768,9 @@ int ssl3_renegotiate(SSL *s) if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) return(0); + if (1) + return(0); + s->s3->renegotiate=1; return(1); } Modified: releng/6.4/crypto/openssl/ssl/s3_pkt.c ============================================================================== --- releng/6.4/crypto/openssl/ssl/s3_pkt.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.4/crypto/openssl/ssl/s3_pkt.c Thu Dec 3 09:18:40 2009 (r200054) @@ -975,9 +975,7 @@ start: if (s->msg_callback) s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg); - if (SSL_is_init_finished(s) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && - !s->s3->renegotiate) + if (0) { ssl3_renegotiate(s); if (ssl3_renegotiate_check(s)) @@ -1108,8 +1106,7 @@ start: /* Unexpected handshake message (Client Hello, or protocol violation) */ if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake) { - if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) + if (0) { #if 0 /* worked only because C operator preferences are not as expected (and * because this is not really needed for clients except for detecting Modified: releng/6.4/crypto/openssl/ssl/s3_srvr.c ============================================================================== --- releng/6.4/crypto/openssl/ssl/s3_srvr.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.4/crypto/openssl/ssl/s3_srvr.c Thu Dec 3 09:18:40 2009 (r200054) @@ -654,6 +654,13 @@ static int ssl3_get_client_hello(SSL *s) SSL_COMP *comp=NULL; STACK_OF(SSL_CIPHER) *ciphers=NULL; + if (s->new_session) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); + goto f_err; + } + /* We do this so that we will respond with our native type. * If we are TLSv1 and we get SSLv3, we will respond with TLSv1, * This down switching should be handled by a different method. Modified: releng/6.4/etc/mtree/BSD.var.dist ============================================================================== --- releng/6.4/etc/mtree/BSD.var.dist Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.4/etc/mtree/BSD.var.dist Thu Dec 3 09:18:40 2009 (r200054) @@ -32,7 +32,7 @@ db entropy uname=operator gname=operator mode=0700 .. - freebsd-update + freebsd-update mode=0700 .. ipf mode=0700 .. Modified: releng/6.4/usr.sbin/freebsd-update/freebsd-update.sh ============================================================================== --- releng/6.4/usr.sbin/freebsd-update/freebsd-update.sh Thu Dec 3 08:11:20 2009 (r200053) +++ releng/6.4/usr.sbin/freebsd-update/freebsd-update.sh Thu Dec 3 09:18:40 2009 (r200054) @@ -533,6 +533,7 @@ fetch_check_params () { echo ${WORKDIR} exit 1 fi + chmod 700 ${WORKDIR} cd ${WORKDIR} || exit 1 # Generate release number. The s/SECURITY/RELEASE/ bit exists Modified: releng/7.1/UPDATING ============================================================================== --- releng/7.1/UPDATING Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.1/UPDATING Thu Dec 3 09:18:40 2009 (r200054) @@ -8,6 +8,17 @@ Items affecting the ports and packages s /usr/ports/UPDATING. Please read that file before running portupgrade. +20091203: p9 FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:16.rtld, + FreeBSD-SA-09:17.freebsd-update + Disable SSL renegotiation in order to protect against a serious + protocol flaw. [09:15] + + Correctly handle failures from unsetenv resulting from a corrupt + environment in rtld-elf. [09:16] + + Fix permissions in freebsd-update in order to prevent leakage of + sensitive files. [09:17] + 20091002: p8 FreeBSD-SA-09:14.devfs, FreeBSD-EN-09:05.null Fix devfs / VFS NULL pointer race condition. [SA-09:14] Modified: releng/7.1/crypto/openssl/ssl/s3_lib.c ============================================================================== --- releng/7.1/crypto/openssl/ssl/s3_lib.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.1/crypto/openssl/ssl/s3_lib.c Thu Dec 3 09:18:40 2009 (r200054) @@ -2375,6 +2375,9 @@ int ssl3_renegotiate(SSL *s) if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) return(0); + if (1) + return(0); + s->s3->renegotiate=1; return(1); } Modified: releng/7.1/crypto/openssl/ssl/s3_pkt.c ============================================================================== --- releng/7.1/crypto/openssl/ssl/s3_pkt.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.1/crypto/openssl/ssl/s3_pkt.c Thu Dec 3 09:18:40 2009 (r200054) @@ -976,9 +976,7 @@ start: if (s->msg_callback) s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg); - if (SSL_is_init_finished(s) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && - !s->s3->renegotiate) + if (0) { ssl3_renegotiate(s); if (ssl3_renegotiate_check(s)) @@ -1109,8 +1107,7 @@ start: /* Unexpected handshake message (Client Hello, or protocol violation) */ if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake) { - if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) + if (0) { #if 0 /* worked only because C operator preferences are not as expected (and * because this is not really needed for clients except for detecting Modified: releng/7.1/crypto/openssl/ssl/s3_srvr.c ============================================================================== --- releng/7.1/crypto/openssl/ssl/s3_srvr.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.1/crypto/openssl/ssl/s3_srvr.c Thu Dec 3 09:18:40 2009 (r200054) @@ -672,6 +672,13 @@ int ssl3_get_client_hello(SSL *s) #endif STACK_OF(SSL_CIPHER) *ciphers=NULL; + if (s->new_session) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); + goto f_err; + } + /* We do this so that we will respond with our native type. * If we are TLSv1 and we get SSLv3, we will respond with TLSv1, * This down switching should be handled by a different method. Modified: releng/7.1/etc/mtree/BSD.var.dist ============================================================================== --- releng/7.1/etc/mtree/BSD.var.dist Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.1/etc/mtree/BSD.var.dist Thu Dec 3 09:18:40 2009 (r200054) @@ -32,7 +32,7 @@ db entropy uname=operator gname=operator mode=0700 .. - freebsd-update + freebsd-update mode=0700 .. ipf mode=0700 .. Modified: releng/7.1/libexec/rtld-elf/rtld.c ============================================================================== --- releng/7.1/libexec/rtld-elf/rtld.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.1/libexec/rtld-elf/rtld.c Thu Dec 3 09:18:40 2009 (r200054) @@ -358,11 +358,12 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_ * future processes to honor the potentially un-safe variables. */ if (!trust) { - unsetenv(LD_ "PRELOAD"); - unsetenv(LD_ "LIBMAP"); - unsetenv(LD_ "LIBRARY_PATH"); - unsetenv(LD_ "LIBMAP_DISABLE"); - unsetenv(LD_ "DEBUG"); + if (unsetenv(LD_ "PRELOAD") || unsetenv(LD_ "LIBMAP") || + unsetenv(LD_ "LIBRARY_PATH") || unsetenv(LD_ "LIBMAP_DISABLE") || + unsetenv(LD_ "DEBUG")) { + _rtld_error("environment corrupt; aborting"); + die(); + } } ld_debug = getenv(LD_ "DEBUG"); libmap_disable = getenv(LD_ "LIBMAP_DISABLE") != NULL; Modified: releng/7.1/usr.sbin/freebsd-update/freebsd-update.sh ============================================================================== --- releng/7.1/usr.sbin/freebsd-update/freebsd-update.sh Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.1/usr.sbin/freebsd-update/freebsd-update.sh Thu Dec 3 09:18:40 2009 (r200054) @@ -533,6 +533,7 @@ fetch_check_params () { echo ${WORKDIR} exit 1 fi + chmod 700 ${WORKDIR} cd ${WORKDIR} || exit 1 # Generate release number. The s/SECURITY/RELEASE/ bit exists Modified: releng/7.2/UPDATING ============================================================================== --- releng/7.2/UPDATING Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.2/UPDATING Thu Dec 3 09:18:40 2009 (r200054) @@ -8,6 +8,17 @@ Items affecting the ports and packages s /usr/ports/UPDATING. Please read that file before running portupgrade. +20091203: p5 FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:16.rtld, + FreeBSD-SA-09:17.freebsd-update + Disable SSL renegotiation in order to protect against a serious + protocol flaw. [09:15] + + Correctly handle failures from unsetenv resulting from a corrupt + environment in rtld-elf. [09:16] + + Fix permissions in freebsd-update in order to prevent leakage of + sensitive files. [09:17] + 20091002: p4 FreeBSD-SA-09:14.devfs FreeBSD-EN-09:05.null Fix devfs / VFS NULL pointer race condition. [SA-09:14] Modified: releng/7.2/crypto/openssl/ssl/s3_lib.c ============================================================================== --- releng/7.2/crypto/openssl/ssl/s3_lib.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.2/crypto/openssl/ssl/s3_lib.c Thu Dec 3 09:18:40 2009 (r200054) @@ -2375,6 +2375,9 @@ int ssl3_renegotiate(SSL *s) if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) return(0); + if (1) + return(0); + s->s3->renegotiate=1; return(1); } Modified: releng/7.2/crypto/openssl/ssl/s3_pkt.c ============================================================================== --- releng/7.2/crypto/openssl/ssl/s3_pkt.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.2/crypto/openssl/ssl/s3_pkt.c Thu Dec 3 09:18:40 2009 (r200054) @@ -976,9 +976,7 @@ start: if (s->msg_callback) s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg); - if (SSL_is_init_finished(s) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && - !s->s3->renegotiate) + if (0) { ssl3_renegotiate(s); if (ssl3_renegotiate_check(s)) @@ -1109,8 +1107,7 @@ start: /* Unexpected handshake message (Client Hello, or protocol violation) */ if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake) { - if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) + if (0) { #if 0 /* worked only because C operator preferences are not as expected (and * because this is not really needed for clients except for detecting Modified: releng/7.2/crypto/openssl/ssl/s3_srvr.c ============================================================================== --- releng/7.2/crypto/openssl/ssl/s3_srvr.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.2/crypto/openssl/ssl/s3_srvr.c Thu Dec 3 09:18:40 2009 (r200054) @@ -672,6 +672,13 @@ int ssl3_get_client_hello(SSL *s) #endif STACK_OF(SSL_CIPHER) *ciphers=NULL; + if (s->new_session) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); + goto f_err; + } + /* We do this so that we will respond with our native type. * If we are TLSv1 and we get SSLv3, we will respond with TLSv1, * This down switching should be handled by a different method. Modified: releng/7.2/etc/mtree/BSD.var.dist ============================================================================== --- releng/7.2/etc/mtree/BSD.var.dist Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.2/etc/mtree/BSD.var.dist Thu Dec 3 09:18:40 2009 (r200054) @@ -32,7 +32,7 @@ db entropy uname=operator gname=operator mode=0700 .. - freebsd-update + freebsd-update mode=0700 .. ipf mode=0700 .. Modified: releng/7.2/libexec/rtld-elf/rtld.c ============================================================================== --- releng/7.2/libexec/rtld-elf/rtld.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.2/libexec/rtld-elf/rtld.c Thu Dec 3 09:18:40 2009 (r200054) @@ -360,11 +360,12 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_ * future processes to honor the potentially un-safe variables. */ if (!trust) { - unsetenv(LD_ "PRELOAD"); - unsetenv(LD_ "LIBMAP"); - unsetenv(LD_ "LIBRARY_PATH"); - unsetenv(LD_ "LIBMAP_DISABLE"); - unsetenv(LD_ "DEBUG"); + if (unsetenv(LD_ "PRELOAD") || unsetenv(LD_ "LIBMAP") || + unsetenv(LD_ "LIBRARY_PATH") || unsetenv(LD_ "LIBMAP_DISABLE") || + unsetenv(LD_ "DEBUG")) { + _rtld_error("environment corrupt; aborting"); + die(); + } } ld_debug = getenv(LD_ "DEBUG"); libmap_disable = getenv(LD_ "LIBMAP_DISABLE") != NULL; Modified: releng/7.2/usr.sbin/freebsd-update/freebsd-update.sh ============================================================================== --- releng/7.2/usr.sbin/freebsd-update/freebsd-update.sh Thu Dec 3 08:11:20 2009 (r200053) +++ releng/7.2/usr.sbin/freebsd-update/freebsd-update.sh Thu Dec 3 09:18:40 2009 (r200054) @@ -533,6 +533,7 @@ fetch_check_params () { echo ${WORKDIR} exit 1 fi + chmod 700 ${WORKDIR} cd ${WORKDIR} || exit 1 # Generate release number. The s/SECURITY/RELEASE/ bit exists Modified: releng/8.0/UPDATING ============================================================================== --- releng/8.0/UPDATING Thu Dec 3 08:11:20 2009 (r200053) +++ releng/8.0/UPDATING Thu Dec 3 09:18:40 2009 (r200054) @@ -15,6 +15,17 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8. debugging tools present in HEAD were left in place because sun4v support still needs work to become production ready. +20091203: p1 FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:16.rtld, + FreeBSD-SA-09:17.freebsd-update + Disable SSL renegotiation in order to protect against a serious + protocol flaw. [09:15] + + Correctly handle failures from unsetenv resulting from a corrupt + environment in rtld-elf. [09:16] + + Fix permissions in freebsd-update in order to prevent leakage of + sensitive files. [09:17] + 20091125: 8.0-RELEASE. Modified: releng/8.0/crypto/openssl/ssl/s3_lib.c ============================================================================== --- releng/8.0/crypto/openssl/ssl/s3_lib.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/8.0/crypto/openssl/ssl/s3_lib.c Thu Dec 3 09:18:40 2009 (r200054) @@ -2592,6 +2592,9 @@ int ssl3_renegotiate(SSL *s) if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) return(0); + if (1) + return(0); + s->s3->renegotiate=1; return(1); } Modified: releng/8.0/crypto/openssl/ssl/s3_pkt.c ============================================================================== --- releng/8.0/crypto/openssl/ssl/s3_pkt.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/8.0/crypto/openssl/ssl/s3_pkt.c Thu Dec 3 09:18:40 2009 (r200054) @@ -983,9 +983,7 @@ start: if (s->msg_callback) s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg); - if (SSL_is_init_finished(s) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && - !s->s3->renegotiate) + if (0) { ssl3_renegotiate(s); if (ssl3_renegotiate_check(s)) @@ -1116,8 +1114,7 @@ start: /* Unexpected handshake message (Client Hello, or protocol violation) */ if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake) { - if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) + if (0) { #if 0 /* worked only because C operator preferences are not as expected (and * because this is not really needed for clients except for detecting Modified: releng/8.0/crypto/openssl/ssl/s3_srvr.c ============================================================================== --- releng/8.0/crypto/openssl/ssl/s3_srvr.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/8.0/crypto/openssl/ssl/s3_srvr.c Thu Dec 3 09:18:40 2009 (r200054) @@ -718,6 +718,13 @@ int ssl3_get_client_hello(SSL *s) #endif STACK_OF(SSL_CIPHER) *ciphers=NULL; + if (s->new_session) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); + goto f_err; + } + /* We do this so that we will respond with our native type. * If we are TLSv1 and we get SSLv3, we will respond with TLSv1, * This down switching should be handled by a different method. Modified: releng/8.0/etc/mtree/BSD.var.dist ============================================================================== --- releng/8.0/etc/mtree/BSD.var.dist Thu Dec 3 08:11:20 2009 (r200053) +++ releng/8.0/etc/mtree/BSD.var.dist Thu Dec 3 09:18:40 2009 (r200054) @@ -32,7 +32,7 @@ db entropy uname=operator gname=operator mode=0700 .. - freebsd-update + freebsd-update mode=0700 .. ipf mode=0700 .. Modified: releng/8.0/libexec/rtld-elf/rtld.c ============================================================================== --- releng/8.0/libexec/rtld-elf/rtld.c Thu Dec 3 08:11:20 2009 (r200053) +++ releng/8.0/libexec/rtld-elf/rtld.c Thu Dec 3 09:18:40 2009 (r200054) @@ -366,12 +366,12 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_ * future processes to honor the potentially un-safe variables. */ if (!trust) { - unsetenv(LD_ "PRELOAD"); - unsetenv(LD_ "LIBMAP"); - unsetenv(LD_ "LIBRARY_PATH"); - unsetenv(LD_ "LIBMAP_DISABLE"); - unsetenv(LD_ "DEBUG"); - unsetenv(LD_ "ELF_HINTS_PATH"); + if (unsetenv(LD_ "PRELOAD") || unsetenv(LD_ "LIBMAP") || + unsetenv(LD_ "LIBRARY_PATH") || unsetenv(LD_ "LIBMAP_DISABLE") || + unsetenv(LD_ "DEBUG") || unsetenv(LD_ "ELF_HINTS_PATH")) { + _rtld_error("environment corrupt; aborting"); + die(); + } } ld_debug = getenv(LD_ "DEBUG"); libmap_disable = getenv(LD_ "LIBMAP_DISABLE") != NULL; Modified: releng/8.0/usr.sbin/freebsd-update/freebsd-update.sh ============================================================================== --- releng/8.0/usr.sbin/freebsd-update/freebsd-update.sh Thu Dec 3 08:11:20 2009 (r200053) +++ releng/8.0/usr.sbin/freebsd-update/freebsd-update.sh Thu Dec 3 09:18:40 2009 (r200054) @@ -600,6 +600,7 @@ fetch_check_params () { echo ${WORKDIR} exit 1 fi + chmod 700 ${WORKDIR} cd ${WORKDIR} || exit 1 # Generate release number. The s/SECURITY/RELEASE/ bit exists