- use BR2_TOOLCHAIN_HAS_UCONTEXT
This is used to set -DOPENSSL_NO_ASYNC if needed.
- apply the CFLAGS correctly when compiling with -Os (bugfix).
- use -latomic when needed
This fixes the build for br-sparc-uclibc-2018.05
- don't use madvise() if no MMU
Trying to do so results in undefined reference to madvise() as
it is not available on uclibc without MMU.
The original openssl code checks if a macro used in the madvise call
is defined. The problem comes from the fact that the code in
crypto/mem_sec.c also includes a kernel header defining the same macro
unconditionally. Thus the check is always true in that case.
Upstream: https://github.com/openssl/openssl/pull/8089
- don't compile test/fuzzers
These binaries introduced with 1.1.x sometimes do not compile.
This is the case with the br-arm-cortex-m4-full toolchain
- don't build ocsp daemon if no MMU.
Patch from Richard Levitte.
- correctly enable cryptodev engine
Thanks to Arnout Vandecappelle for spotting this.
- remove all parallel build patches (openssl build-system changed)
- rebased 0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch
to apply to Configurations/unix-Makefile.tmpl (Makefile template)
- removed 0002-cryptodev-Fix-issue-with-signature-generation.patch
(upstream applied)
- rebased 0003-Reproducible-build-do-not-leak-compiler-path.patch to
apply to crypto/build.info (Makefile template)
- fix musl/uclibc build failure, use '-DOPENSSL_NO_ASYNC'
- remove legacy enable-tlsext configure option
- remove target/host libdir configure options, fixes openssl.pc installation
path, fixes wget compile
- change legacy INSTALL_PREFIX to DESTDIR
- remove 'libraries gets installed read only, so strip fails'
workaround (not needed anymore)
- change engine directory from /usr/lib/engines to
/usr/lib/engines-1.1
- change license file hash, no license change, only the following
hint was removed:
Actually both licenses are BSD-style Open Source licenses.
In case of any license issues related to OpenSSL please
contact openssl-core@openssl.org.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Tested-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
*) Microarchitecture timing vulnerability in ECC scalar multiplication
OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been
shown to be vulnerable to a microarchitecture timing side channel attack.
An attacker with sufficient access to mount local timing attacks during
ECDSA signature generation could recover the private key.
This issue was reported to OpenSSL on 26th October 2018 by Alejandro
Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and
Nicola Tuveri.
(CVE-2018-5407)
[Billy Brumley]
*) Timing vulnerability in DSA signature generation
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a
timing side channel attack. An attacker could use variations in the signing
algorithm to recover the private key.
This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser.
(CVE-2018-0734)
[Paul Dale]
For more information, see the changelog:
https://www.openssl.org/news/cl102.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
Constructed ASN.1 types with a recursive definition could exceed the stack
(CVE-2018-0739)
Constructed ASN.1 types with a recursive definition (such as can be found in
PKCS7) could eventually exceed the stack given malicious input with
excessive recursion. This could result in a Denial Of Service attack.
There are no such structures used within SSL/TLS that come from untrusted
sources so this is considered safe.
Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733)
Because of an implementation bug the PA-RISC CRYPTO_memcmp function is
effectively reduced to only comparing the least significant bit of each
byte. This allows an attacker to forge messages that would be considered as
authenticated in an amount of tries lower than that guaranteed by the
security claims of the scheme. The module can only be compiled by the HP-UX
assembler, so that only HP-UX PA-RISC targets are affected.
rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
This issue has been reported in a previous OpenSSL security advisory and a
fix was provided for OpenSSL 1.0.2. Due to the low severity no fix was
released at that time for OpenSSL 1.1.0. The fix is now available in
OpenSSL 1.1.0h.
There is an overflow bug in the AVX2 Montgomery multiplication procedure
used in exponentiation with 1024-bit moduli. No EC algorithms are affected.
Analysis suggests that attacks against RSA and DSA as a result of this
defect would be very difficult to perform and are not believed likely.
Attacks against DH1024 are considered just feasible, because most of the
work necessary to deduce information about a private key may be performed
offline. The amount of resources required for such an attack would be
significant. However, for an attack on TLS to be meaningful, the server
would have to share the DH1024 private key among multiple clients, which is
no longer an option since CVE-2016-0701.
This only affects processors that support the AVX2 but not ADX extensions
like Intel Haswell (4th generation).
For more details, see https://www.openssl.org/news/secadv/20180327.txt
The copyright year changed in LICENSE, so adjust the hash to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following CVEs:
bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)
Release notes: https://www.openssl.org/news/secadv/20171102.txt
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To ease the transition to having both OpenSSL and LibreSSL, there has to be
a new virtual package introduced to handle both.
Instead of making a libssl, and adding OpenSSL and libressl to that package,
it will be far easier to move openssl to libopenssl and to make OpenSSL
a virtual package. This offers a few advantages:
- BR2_PACKAGE_OPENSSL is still a visible symbol with no dependencies.
- It does not require a huge patch to convert every instance of
OpenSSL -> libssl)
- Users will be able to update without ever having to select anything new.
- LibreSSL can be added at a later date to the virtual package.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
[Thomas: define BR2_PACKAGE_PROVIDES_HOST_OPENSSL to the value
"host-libopenssl" as we always want to use the original OpenSSL for
the host variant.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
