Date: Tue, 8 Dec 2020 19:10:40 +0000 (UTC) From: Gordon Tetlow <gordon@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r368463 - in releng: 12.1 12.1/crypto/openssl/crypto/asn1 12.1/crypto/openssl/crypto/err 12.1/crypto/openssl/crypto/x509v3 12.1/crypto/openssl/include/openssl 12.1/sys/conf 12.2 12.2/cr... Message-ID: <202012081910.0B8JAeOP028259@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: gordon Date: Tue Dec 8 19:10:40 2020 New Revision: 368463 URL: https://svnweb.freebsd.org/changeset/base/368463 Log: Fix OpenSSL NULL pointer de-reference. Approved by: so Security: FreeBSD-SA-20:33.openssl Security: CVE-2020-1971 Modified: releng/12.1/UPDATING releng/12.1/crypto/openssl/crypto/asn1/asn1_err.c releng/12.1/crypto/openssl/crypto/asn1/tasn_dec.c releng/12.1/crypto/openssl/crypto/asn1/tasn_enc.c releng/12.1/crypto/openssl/crypto/err/openssl.txt releng/12.1/crypto/openssl/crypto/x509v3/v3_genn.c releng/12.1/crypto/openssl/include/openssl/asn1err.h releng/12.1/sys/conf/newvers.sh releng/12.2/UPDATING releng/12.2/crypto/openssl/crypto/asn1/asn1_err.c releng/12.2/crypto/openssl/crypto/asn1/tasn_dec.c releng/12.2/crypto/openssl/crypto/asn1/tasn_enc.c releng/12.2/crypto/openssl/crypto/err/openssl.txt releng/12.2/crypto/openssl/crypto/x509v3/v3_genn.c releng/12.2/crypto/openssl/include/openssl/asn1err.h releng/12.2/sys/conf/newvers.sh Modified: releng/12.1/UPDATING ============================================================================== --- releng/12.1/UPDATING Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.1/UPDATING Tue Dec 8 19:10:40 2020 (r368463) @@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITHOUT_CLANG and the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20201208: p12 FreeBSD-SA-20:33.openssl + + Fix OpenSSL NULL pointer de-reference. [SA-20:33.openssl] + 20201201: p11 FreeBSD-EN-20:20.tzdata FreeBSD-SA-20:31.icmp6 FreeBSD-SA-20:32.rtsold Modified: releng/12.1/crypto/openssl/crypto/asn1/asn1_err.c ============================================================================== --- releng/12.1/crypto/openssl/crypto/asn1/asn1_err.c Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.1/crypto/openssl/crypto/asn1/asn1_err.c Tue Dec 8 19:10:40 2020 (r368463) @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -49,6 +49,7 @@ static const ERR_STRING_DATA ASN1_str_functs[] = { "asn1_item_embed_d2i"}, {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_NEW, 0), "asn1_item_embed_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EX_I2D, 0), "ASN1_item_ex_i2d"}, {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_FLAGS_I2D, 0), "asn1_item_flags_i2d"}, {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_BIO, 0), "ASN1_item_i2d_bio"}, @@ -160,6 +161,7 @@ static const ERR_STRING_DATA ASN1_str_reasons[] = { "asn1 sig parse error"}, {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_AUX_ERROR), "aux error"}, {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_OBJECT_HEADER), "bad object header"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_TEMPLATE), "bad template"}, {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BMPSTRING_IS_WRONG_LENGTH), "bmpstring is wrong length"}, {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BN_LIB), "bn lib"}, Modified: releng/12.1/crypto/openssl/crypto/asn1/tasn_dec.c ============================================================================== --- releng/12.1/crypto/openssl/crypto/asn1/tasn_dec.c Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.1/crypto/openssl/crypto/asn1/tasn_dec.c Tue Dec 8 19:10:40 2020 (r368463) @@ -182,6 +182,15 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, cons tag, aclass, opt, ctx); case ASN1_ITYPE_MSTRING: + /* + * It never makes sense for multi-strings to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE); + goto err; + } + p = *in; /* Just read in tag and class */ ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, @@ -199,6 +208,7 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, cons ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL); goto err; } + /* Check tag matches bit map */ if (!(ASN1_tag2bit(otag) & it->utype)) { /* If OPTIONAL, assume this is OK */ @@ -215,6 +225,15 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, cons return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx); case ASN1_ITYPE_CHOICE: + /* + * It never makes sense for CHOICE types to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE); + goto err; + } + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) goto auxerr; if (*pval) { Modified: releng/12.1/crypto/openssl/crypto/asn1/tasn_enc.c ============================================================================== --- releng/12.1/crypto/openssl/crypto/asn1/tasn_enc.c Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.1/crypto/openssl/crypto/asn1/tasn_enc.c Tue Dec 8 19:10:40 2020 (r368463) @@ -103,9 +103,25 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); case ASN1_ITYPE_MSTRING: + /* + * It never makes sense for multi-strings to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); + return -1; + } return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); case ASN1_ITYPE_CHOICE: + /* + * It never makes sense for CHOICE types to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); + return -1; + } if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) return 0; i = asn1_get_choice_selector(pval, it); Modified: releng/12.1/crypto/openssl/crypto/err/openssl.txt ============================================================================== --- releng/12.1/crypto/openssl/crypto/err/openssl.txt Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.1/crypto/openssl/crypto/err/openssl.txt Tue Dec 8 19:10:40 2020 (r368463) @@ -36,6 +36,7 @@ ASN1_F_ASN1_ITEM_D2I_FP:206:ASN1_item_d2i_fp ASN1_F_ASN1_ITEM_DUP:191:ASN1_item_dup ASN1_F_ASN1_ITEM_EMBED_D2I:120:asn1_item_embed_d2i ASN1_F_ASN1_ITEM_EMBED_NEW:121:asn1_item_embed_new +ASN1_F_ASN1_ITEM_EX_I2D:144:ASN1_item_ex_i2d ASN1_F_ASN1_ITEM_FLAGS_I2D:118:asn1_item_flags_i2d ASN1_F_ASN1_ITEM_I2D_BIO:192:ASN1_item_i2d_bio ASN1_F_ASN1_ITEM_I2D_FP:193:ASN1_item_i2d_fp @@ -1765,6 +1766,7 @@ ASN1_R_ASN1_PARSE_ERROR:203:asn1 parse error ASN1_R_ASN1_SIG_PARSE_ERROR:204:asn1 sig parse error ASN1_R_AUX_ERROR:100:aux error ASN1_R_BAD_OBJECT_HEADER:102:bad object header +ASN1_R_BAD_TEMPLATE:230:bad template ASN1_R_BMPSTRING_IS_WRONG_LENGTH:214:bmpstring is wrong length ASN1_R_BN_LIB:105:bn lib ASN1_R_BOOLEAN_IS_WRONG_LENGTH:106:boolean is wrong length Modified: releng/12.1/crypto/openssl/crypto/x509v3/v3_genn.c ============================================================================== --- releng/12.1/crypto/openssl/crypto/x509v3/v3_genn.c Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.1/crypto/openssl/crypto/x509v3/v3_genn.c Tue Dec 8 19:10:40 2020 (r368463) @@ -22,8 +22,9 @@ ASN1_SEQUENCE(OTHERNAME) = { IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME) ASN1_SEQUENCE(EDIPARTYNAME) = { - ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), - ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) + /* DirectoryString is a CHOICE type so use explicit tagging */ + ASN1_EXP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), + ASN1_EXP(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) } ASN1_SEQUENCE_END(EDIPARTYNAME) IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME) @@ -57,6 +58,37 @@ GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a) (char *)a); } +static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b) +{ + int res; + + if (a == NULL || b == NULL) { + /* + * Shouldn't be possible in a valid GENERAL_NAME, but we handle it + * anyway. OTHERNAME_cmp treats NULL != NULL so we do the same here + */ + return -1; + } + if (a->nameAssigner == NULL && b->nameAssigner != NULL) + return -1; + if (a->nameAssigner != NULL && b->nameAssigner == NULL) + return 1; + /* If we get here then both have nameAssigner set, or both unset */ + if (a->nameAssigner != NULL) { + res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner); + if (res != 0) + return res; + } + /* + * partyName is required, so these should never be NULL. We treat it in + * the same way as the a == NULL || b == NULL case above + */ + if (a->partyName == NULL || b->partyName == NULL) + return -1; + + return ASN1_STRING_cmp(a->partyName, b->partyName); +} + /* Returns 0 if they are equal, != 0 otherwise. */ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) { @@ -66,8 +98,11 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) return -1; switch (a->type) { case GEN_X400: + result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address); + break; + case GEN_EDIPARTY: - result = ASN1_TYPE_cmp(a->d.other, b->d.other); + result = edipartyname_cmp(a->d.ediPartyName, b->d.ediPartyName); break; case GEN_OTHERNAME: @@ -114,8 +149,11 @@ void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type { switch (type) { case GEN_X400: + a->d.x400Address = value; + break; + case GEN_EDIPARTY: - a->d.other = value; + a->d.ediPartyName = value; break; case GEN_OTHERNAME: @@ -149,8 +187,10 @@ void *GENERAL_NAME_get0_value(const GENERAL_NAME *a, i *ptype = a->type; switch (a->type) { case GEN_X400: + return a->d.x400Address; + case GEN_EDIPARTY: - return a->d.other; + return a->d.ediPartyName; case GEN_OTHERNAME: return a->d.otherName; Modified: releng/12.1/crypto/openssl/include/openssl/asn1err.h ============================================================================== --- releng/12.1/crypto/openssl/include/openssl/asn1err.h Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.1/crypto/openssl/include/openssl/asn1err.h Tue Dec 8 19:10:40 2020 (r368463) @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,9 +11,7 @@ #ifndef HEADER_ASN1ERR_H # define HEADER_ASN1ERR_H -# ifndef HEADER_SYMHACKS_H -# include <openssl/symhacks.h> -# endif +# include <openssl/symhacks.h> # ifdef __cplusplus extern "C" @@ -53,6 +51,7 @@ int ERR_load_ASN1_strings(void); # define ASN1_F_ASN1_ITEM_DUP 191 # define ASN1_F_ASN1_ITEM_EMBED_D2I 120 # define ASN1_F_ASN1_ITEM_EMBED_NEW 121 +# define ASN1_F_ASN1_ITEM_EX_I2D 144 # define ASN1_F_ASN1_ITEM_FLAGS_I2D 118 # define ASN1_F_ASN1_ITEM_I2D_BIO 192 # define ASN1_F_ASN1_ITEM_I2D_FP 193 @@ -145,6 +144,7 @@ int ERR_load_ASN1_strings(void); # define ASN1_R_ASN1_SIG_PARSE_ERROR 204 # define ASN1_R_AUX_ERROR 100 # define ASN1_R_BAD_OBJECT_HEADER 102 +# define ASN1_R_BAD_TEMPLATE 230 # define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214 # define ASN1_R_BN_LIB 105 # define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 Modified: releng/12.1/sys/conf/newvers.sh ============================================================================== --- releng/12.1/sys/conf/newvers.sh Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.1/sys/conf/newvers.sh Tue Dec 8 19:10:40 2020 (r368463) @@ -46,7 +46,7 @@ TYPE="FreeBSD" REVISION="12.1" -BRANCH="RELEASE-p11" +BRANCH="RELEASE-p12" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/12.2/UPDATING ============================================================================== --- releng/12.2/UPDATING Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.2/UPDATING Tue Dec 8 19:10:40 2020 (r368463) @@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITHOUT_CLANG and the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20201208: p2 FreeBSD-SA-20:33.openssl + + Fix OpenSSL NULL pointer de-reference. [SA-20:33.openssl] + 20201201: p1 FreeBSD-EN-20:19.audit FreeBSD-EN-20:20.tzdata FreeBSD-EN-20:21.ipfw Modified: releng/12.2/crypto/openssl/crypto/asn1/asn1_err.c ============================================================================== --- releng/12.2/crypto/openssl/crypto/asn1/asn1_err.c Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.2/crypto/openssl/crypto/asn1/asn1_err.c Tue Dec 8 19:10:40 2020 (r368463) @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -49,6 +49,7 @@ static const ERR_STRING_DATA ASN1_str_functs[] = { "asn1_item_embed_d2i"}, {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_NEW, 0), "asn1_item_embed_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EX_I2D, 0), "ASN1_item_ex_i2d"}, {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_FLAGS_I2D, 0), "asn1_item_flags_i2d"}, {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_BIO, 0), "ASN1_item_i2d_bio"}, @@ -160,6 +161,7 @@ static const ERR_STRING_DATA ASN1_str_reasons[] = { "asn1 sig parse error"}, {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_AUX_ERROR), "aux error"}, {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_OBJECT_HEADER), "bad object header"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_TEMPLATE), "bad template"}, {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BMPSTRING_IS_WRONG_LENGTH), "bmpstring is wrong length"}, {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BN_LIB), "bn lib"}, Modified: releng/12.2/crypto/openssl/crypto/asn1/tasn_dec.c ============================================================================== --- releng/12.2/crypto/openssl/crypto/asn1/tasn_dec.c Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.2/crypto/openssl/crypto/asn1/tasn_dec.c Tue Dec 8 19:10:40 2020 (r368463) @@ -182,6 +182,15 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, cons tag, aclass, opt, ctx); case ASN1_ITYPE_MSTRING: + /* + * It never makes sense for multi-strings to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE); + goto err; + } + p = *in; /* Just read in tag and class */ ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, @@ -199,6 +208,7 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, cons ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL); goto err; } + /* Check tag matches bit map */ if (!(ASN1_tag2bit(otag) & it->utype)) { /* If OPTIONAL, assume this is OK */ @@ -215,6 +225,15 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, cons return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx); case ASN1_ITYPE_CHOICE: + /* + * It never makes sense for CHOICE types to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE); + goto err; + } + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) goto auxerr; if (*pval) { Modified: releng/12.2/crypto/openssl/crypto/asn1/tasn_enc.c ============================================================================== --- releng/12.2/crypto/openssl/crypto/asn1/tasn_enc.c Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.2/crypto/openssl/crypto/asn1/tasn_enc.c Tue Dec 8 19:10:40 2020 (r368463) @@ -103,9 +103,25 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); case ASN1_ITYPE_MSTRING: + /* + * It never makes sense for multi-strings to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); + return -1; + } return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); case ASN1_ITYPE_CHOICE: + /* + * It never makes sense for CHOICE types to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); + return -1; + } if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) return 0; i = asn1_get_choice_selector(pval, it); Modified: releng/12.2/crypto/openssl/crypto/err/openssl.txt ============================================================================== --- releng/12.2/crypto/openssl/crypto/err/openssl.txt Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.2/crypto/openssl/crypto/err/openssl.txt Tue Dec 8 19:10:40 2020 (r368463) @@ -36,6 +36,7 @@ ASN1_F_ASN1_ITEM_D2I_FP:206:ASN1_item_d2i_fp ASN1_F_ASN1_ITEM_DUP:191:ASN1_item_dup ASN1_F_ASN1_ITEM_EMBED_D2I:120:asn1_item_embed_d2i ASN1_F_ASN1_ITEM_EMBED_NEW:121:asn1_item_embed_new +ASN1_F_ASN1_ITEM_EX_I2D:144:ASN1_item_ex_i2d ASN1_F_ASN1_ITEM_FLAGS_I2D:118:asn1_item_flags_i2d ASN1_F_ASN1_ITEM_I2D_BIO:192:ASN1_item_i2d_bio ASN1_F_ASN1_ITEM_I2D_FP:193:ASN1_item_i2d_fp @@ -1771,6 +1772,7 @@ ASN1_R_ASN1_PARSE_ERROR:203:asn1 parse error ASN1_R_ASN1_SIG_PARSE_ERROR:204:asn1 sig parse error ASN1_R_AUX_ERROR:100:aux error ASN1_R_BAD_OBJECT_HEADER:102:bad object header +ASN1_R_BAD_TEMPLATE:230:bad template ASN1_R_BMPSTRING_IS_WRONG_LENGTH:214:bmpstring is wrong length ASN1_R_BN_LIB:105:bn lib ASN1_R_BOOLEAN_IS_WRONG_LENGTH:106:boolean is wrong length Modified: releng/12.2/crypto/openssl/crypto/x509v3/v3_genn.c ============================================================================== --- releng/12.2/crypto/openssl/crypto/x509v3/v3_genn.c Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.2/crypto/openssl/crypto/x509v3/v3_genn.c Tue Dec 8 19:10:40 2020 (r368463) @@ -22,8 +22,9 @@ ASN1_SEQUENCE(OTHERNAME) = { IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME) ASN1_SEQUENCE(EDIPARTYNAME) = { - ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), - ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) + /* DirectoryString is a CHOICE type so use explicit tagging */ + ASN1_EXP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), + ASN1_EXP(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) } ASN1_SEQUENCE_END(EDIPARTYNAME) IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME) @@ -57,6 +58,37 @@ GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a) (char *)a); } +static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b) +{ + int res; + + if (a == NULL || b == NULL) { + /* + * Shouldn't be possible in a valid GENERAL_NAME, but we handle it + * anyway. OTHERNAME_cmp treats NULL != NULL so we do the same here + */ + return -1; + } + if (a->nameAssigner == NULL && b->nameAssigner != NULL) + return -1; + if (a->nameAssigner != NULL && b->nameAssigner == NULL) + return 1; + /* If we get here then both have nameAssigner set, or both unset */ + if (a->nameAssigner != NULL) { + res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner); + if (res != 0) + return res; + } + /* + * partyName is required, so these should never be NULL. We treat it in + * the same way as the a == NULL || b == NULL case above + */ + if (a->partyName == NULL || b->partyName == NULL) + return -1; + + return ASN1_STRING_cmp(a->partyName, b->partyName); +} + /* Returns 0 if they are equal, != 0 otherwise. */ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) { @@ -66,8 +98,11 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) return -1; switch (a->type) { case GEN_X400: + result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address); + break; + case GEN_EDIPARTY: - result = ASN1_TYPE_cmp(a->d.other, b->d.other); + result = edipartyname_cmp(a->d.ediPartyName, b->d.ediPartyName); break; case GEN_OTHERNAME: @@ -114,8 +149,11 @@ void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type { switch (type) { case GEN_X400: + a->d.x400Address = value; + break; + case GEN_EDIPARTY: - a->d.other = value; + a->d.ediPartyName = value; break; case GEN_OTHERNAME: @@ -149,8 +187,10 @@ void *GENERAL_NAME_get0_value(const GENERAL_NAME *a, i *ptype = a->type; switch (a->type) { case GEN_X400: + return a->d.x400Address; + case GEN_EDIPARTY: - return a->d.other; + return a->d.ediPartyName; case GEN_OTHERNAME: return a->d.otherName; Modified: releng/12.2/crypto/openssl/include/openssl/asn1err.h ============================================================================== --- releng/12.2/crypto/openssl/include/openssl/asn1err.h Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.2/crypto/openssl/include/openssl/asn1err.h Tue Dec 8 19:10:40 2020 (r368463) @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,9 +11,7 @@ #ifndef HEADER_ASN1ERR_H # define HEADER_ASN1ERR_H -# ifndef HEADER_SYMHACKS_H -# include <openssl/symhacks.h> -# endif +# include <openssl/symhacks.h> # ifdef __cplusplus extern "C" @@ -53,6 +51,7 @@ int ERR_load_ASN1_strings(void); # define ASN1_F_ASN1_ITEM_DUP 191 # define ASN1_F_ASN1_ITEM_EMBED_D2I 120 # define ASN1_F_ASN1_ITEM_EMBED_NEW 121 +# define ASN1_F_ASN1_ITEM_EX_I2D 144 # define ASN1_F_ASN1_ITEM_FLAGS_I2D 118 # define ASN1_F_ASN1_ITEM_I2D_BIO 192 # define ASN1_F_ASN1_ITEM_I2D_FP 193 @@ -145,6 +144,7 @@ int ERR_load_ASN1_strings(void); # define ASN1_R_ASN1_SIG_PARSE_ERROR 204 # define ASN1_R_AUX_ERROR 100 # define ASN1_R_BAD_OBJECT_HEADER 102 +# define ASN1_R_BAD_TEMPLATE 230 # define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214 # define ASN1_R_BN_LIB 105 # define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 Modified: releng/12.2/sys/conf/newvers.sh ============================================================================== --- releng/12.2/sys/conf/newvers.sh Tue Dec 8 18:47:22 2020 (r368462) +++ releng/12.2/sys/conf/newvers.sh Tue Dec 8 19:10:40 2020 (r368463) @@ -49,7 +49,7 @@ TYPE="FreeBSD" REVISION="12.2" -BRANCH="RELEASE-p1" +BRANCH="RELEASE-p2" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202012081910.0B8JAeOP028259>