From 321fa67e1c78f04aa260181d218c4203c13bd6f3 Mon Sep 17 00:00:00 2001 From: cvsdist Date: Sep 09 2004 09:45:46 +0000 Subject: auto-import changelog data from openssl-0.9.7a-20.src.rpm Wed Sep 24 2003 Nalin Dahyabhai 0.9.7a-20 - only parse a client cert if one was requested - temporarily exclusivearch for %{ix86} Tue Sep 23 2003 Nalin Dahyabhai - add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544) and heap corruption (CAN-2003-0545) - update RHNS-CA-CERT files - ease back on the number of threads used in the threading test Wed Sep 17 2003 Matt Wilson 0.9.7a-19 - rebuild to fix gzipped file md5sums (#91211) Mon Aug 25 2003 Phil Knirsch 0.9.7a-18 - Updated libica to version 1.3.4. Thu Jul 17 2003 Nalin Dahyabhai 0.9.7a-17 - rebuild Tue Jul 15 2003 Nalin Dahyabhai 0.9.7a-10.9 - free the kssl_ctx structure when we free an SSL structure (#99066) Thu Jul 10 2003 Nalin Dahyabhai 0.9.7a-16 - rebuild Thu Jul 10 2003 Nalin Dahyabhai 0.9.7a-15 - lower thread test count on s390x Tue Jul 08 2003 Nalin Dahyabhai 0.9.7a-14 - rebuild Thu Jun 26 2003 Nalin Dahyabhai 0.9.7a-13 - disable assembly on arches where it seems to conflict with threading Thu Jun 26 2003 Phil Knirsch 0.9.7a-12 - Updated libica to latest upstream version 1.3.0 --- diff --git a/.cvsignore b/.cvsignore index ef3eeef..7267c9a 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1,2 @@ +libica-1.3.4.tar.gz openssl-0.9.7a-usa.tar.bz2 diff --git a/RHNS-CA-CERT b/RHNS-CA-CERT index 8cd1ed0..51094d0 100644 --- a/RHNS-CA-CERT +++ b/RHNS-CA-CERT @@ -66,3 +66,139 @@ kHESh1UK8lIbrfLTBx2vcJm7sM2AI8ntK3PpY7HQs4xgxUJkpsGVVpDFNQYDWPWO K9n5qaAQqZn3FUKSpVDXEQfxAtXgcORVbirOJfhdzQsvEGH49iBCzMOJ+IpPgiQS zzl/IagsjVKXUsX3X0KlhwlmsMw= -----END CERTIFICATE----- + +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 0 (0x0) + Signature Algorithm: md5WithRSAEncryption + Issuer: C=US, ST=North Carolina, L=Raleigh, O=Red Hat, Inc., OU=Red Hat Network, CN=RHN Certificate Authority/Email=rhn-noc@redhat.com + Validity + Not Before: Sep 5 20:45:16 2002 GMT + Not After : Sep 9 20:45:16 2007 GMT + Subject: C=US, ST=North Carolina, L=Raleigh, O=Red Hat, Inc., OU=Red Hat Network, CN=RHN Certificate Authority/Email=rhn-noc@redhat.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:b3:16:b7:c5:f5:b9:69:51:1f:cd:b4:3d:70:cf: + 60:57:85:a4:2a:a7:5d:28:22:0e:ec:19:e2:92:f7: + 48:97:a6:a6:1f:51:95:83:11:8f:9a:98:a2:90:e0: + cb:4a:24:19:94:a8:8a:4b:88:b4:06:6c:ce:77:d7: + 15:3b:3c:cd:66:83:cf:23:1d:0d:bc:0a:0c:cb:1f: + cb:40:fb:f3:d9:fe:2a:b4:85:2c:7b:c9:a1:fe:f3: + 8f:68:1d:f2:12:b1:a4:16:19:ce:0f:b8:9a:9c:d9: + bc:5f:49:62:b2:95:93:ce:5d:2e:dd:79:3c:f1:5b: + a6:b7:a2:b5:39:0d:8e:12:31 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 7F:1B:64:A1:2E:02:C5:A8:7D:B8:D1:B1:8B:06:9D:A3:A9:50:63:92 + X509v3 Authority Key Identifier: + keyid:7F:1B:64:A1:2E:02:C5:A8:7D:B8:D1:B1:8B:06:9D:A3:A9:50:63:92 + DirName:/C=US/ST=North Carolina/L=Raleigh/O=Red Hat, Inc./OU=Red Hat Network/CN=RHN Certificate Authority/Email=rhn-noc@redhat.com + serial:00 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: md5WithRSAEncryption + 28:4d:42:e5:34:22:dd:c6:86:63:04:75:52:67:17:45:72:f2: + 3b:21:2b:45:59:72:73:f7:59:36:9d:57:43:c6:dc:94:0f:0e: + ff:13:5c:4f:50:37:85:b2:e4:c2:1f:35:9f:74:f4:e7:53:fb: + a1:06:b8:39:ce:e4:0a:86:7b:5f:28:5d:c7:11:9e:12:a5:d6: + b9:6c:e9:18:09:d5:f0:42:e7:54:b5:91:9e:23:ad:12:7a:aa: + 72:7c:39:3c:83:f8:75:a4:7b:03:92:ff:2a:d4:c5:76:19:12: + fa:b4:3b:b0:89:2c:95:8c:01:90:0d:d8:ba:06:05:61:00:ac: + 95:da +-----BEGIN CERTIFICATE----- +MIID7jCCA1egAwIBAgIBADANBgkqhkiG9w0BAQQFADCBsTELMAkGA1UEBhMCVVMx +FzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYD +VQQKEw1SZWQgSGF0LCBJbmMuMRgwFgYDVQQLEw9SZWQgSGF0IE5ldHdvcmsxIjAg +BgNVBAMTGVJITiBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEW +EnJobi1ub2NAcmVkaGF0LmNvbTAeFw0wMjA5MDUyMDQ1MTZaFw0wNzA5MDkyMDQ1 +MTZaMIGxMQswCQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExEDAO +BgNVBAcTB1JhbGVpZ2gxFjAUBgNVBAoTDVJlZCBIYXQsIEluYy4xGDAWBgNVBAsT +D1JlZCBIYXQgTmV0d29yazEiMCAGA1UEAxMZUkhOIENlcnRpZmljYXRlIEF1dGhv +cml0eTEhMB8GCSqGSIb3DQEJARYScmhuLW5vY0ByZWRoYXQuY29tMIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQCzFrfF9blpUR/NtD1wz2BXhaQqp10oIg7sGeKS +90iXpqYfUZWDEY+amKKQ4MtKJBmUqIpLiLQGbM531xU7PM1mg88jHQ28CgzLH8tA ++/PZ/iq0hSx7yaH+849oHfISsaQWGc4PuJqc2bxfSWKylZPOXS7deTzxW6a3orU5 +DY4SMQIDAQABo4IBEjCCAQ4wHQYDVR0OBBYEFH8bZKEuAsWofbjRsYsGnaOpUGOS +MIHeBgNVHSMEgdYwgdOAFH8bZKEuAsWofbjRsYsGnaOpUGOSoYG3pIG0MIGxMQsw +CQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExEDAOBgNVBAcTB1Jh +bGVpZ2gxFjAUBgNVBAoTDVJlZCBIYXQsIEluYy4xGDAWBgNVBAsTD1JlZCBIYXQg +TmV0d29yazEiMCAGA1UEAxMZUkhOIENlcnRpZmljYXRlIEF1dGhvcml0eTEhMB8G +CSqGSIb3DQEJARYScmhuLW5vY0ByZWRoYXQuY29tggEAMAwGA1UdEwQFMAMBAf8w +DQYJKoZIhvcNAQEEBQADgYEAKE1C5TQi3caGYwR1UmcXRXLyOyErRVlyc/dZNp1X +Q8bclA8O/xNcT1A3hbLkwh81n3T051P7oQa4Oc7kCoZ7XyhdxxGeEqXWuWzpGAnV +8ELnVLWRniOtEnqqcnw5PIP4daR7A5L/KtTFdhkS+rQ7sIkslYwBkA3YugYFYQCs +ldo= +-----END CERTIFICATE----- + +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 0 (0x0) + Signature Algorithm: md5WithRSAEncryption + Issuer: C=US, ST=North Carolina, L=Raleigh, O=Red Hat, Inc., OU=Red Hat Network, CN=RHN Certificate Authority/emailAddress=rhn-noc@redhat.com + Validity + Not Before: Aug 29 02:10:55 2003 GMT + Not After : Aug 26 02:10:55 2013 GMT + Subject: C=US, ST=North Carolina, L=Raleigh, O=Red Hat, Inc., OU=Red Hat Network, CN=RHN Certificate Authority/emailAddress=rhn-noc@redhat.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:bf:61:63:eb:3d:8b:2b:45:48:e6:c2:fb:7c:d2: + 21:21:b8:ec:90:93:41:30:7c:2c:8d:79:d5:14:e9: + 0e:7e:3f:ef:d6:0a:9b:0a:a6:02:52:01:2d:26:96: + a4:ed:bd:a9:9e:aa:08:03:c1:61:0a:41:80:ea:ae: + 74:cc:61:26:d0:05:91:55:3e:66:14:a2:20:b3:d6: + 9d:71:0c:ab:77:cc:f4:f0:11:b5:25:33:8a:4e:22: + 9a:10:36:67:fa:11:6d:48:76:3a:1f:d2:e3:44:7b: + 89:66:be:b4:85:fb:2f:a6:aa:13:fa:9a:6d:c9:bb: + 18:c4:04:af:4f:15:69:89:9b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 69:44:27:05:DC:2E:ED:A5:F4:81:C4:D7:78:45:E7:44:5D:F8:87:47 + X509v3 Authority Key Identifier: + keyid:69:44:27:05:DC:2E:ED:A5:F4:81:C4:D7:78:45:E7:44:5D:F8:87:47 + DirName:/C=US/ST=North Carolina/L=Raleigh/O=Red Hat, Inc./OU=Red Hat Network/CN=RHN Certificate Authority/emailAddress=rhn-noc@redhat.com + serial:00 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: md5WithRSAEncryption + 23:c9:ca:07:9f:5e:96:39:83:e0:4e:da:dd:47:84:30:ca:d4: + d5:38:86:f9:de:88:83:ca:2c:47:26:36:ab:f4:14:1e:28:29: + de:7d:10:4a:5e:91:3e:5a:99:07:0c:a9:2e:e3:fb:78:44:49: + c5:32:d6:e8:7a:97:ff:29:d0:33:ae:26:ba:76:06:7e:79:97: + 17:0c:4f:2d:2a:8b:8a:ac:41:59:ae:e9:c4:55:2d:b9:88:df: + 9b:7b:41:f8:32:2e:ee:c9:c0:59:e2:30:57:5e:37:47:29:c0: + 2d:78:33:d3:ce:a3:2b:dc:84:da:bf:3b:2e:4b:b6:b3:b6:4e: + 9e:80 +-----BEGIN CERTIFICATE----- +MIID7jCCA1egAwIBAgIBADANBgkqhkiG9w0BAQQFADCBsTELMAkGA1UEBhMCVVMx +FzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYD +VQQKEw1SZWQgSGF0LCBJbmMuMRgwFgYDVQQLEw9SZWQgSGF0IE5ldHdvcmsxIjAg +BgNVBAMTGVJITiBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEW +EnJobi1ub2NAcmVkaGF0LmNvbTAeFw0wMzA4MjkwMjEwNTVaFw0xMzA4MjYwMjEw +NTVaMIGxMQswCQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExEDAO +BgNVBAcTB1JhbGVpZ2gxFjAUBgNVBAoTDVJlZCBIYXQsIEluYy4xGDAWBgNVBAsT +D1JlZCBIYXQgTmV0d29yazEiMCAGA1UEAxMZUkhOIENlcnRpZmljYXRlIEF1dGhv +cml0eTEhMB8GCSqGSIb3DQEJARYScmhuLW5vY0ByZWRoYXQuY29tMIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQC/YWPrPYsrRUjmwvt80iEhuOyQk0EwfCyNedUU +6Q5+P+/WCpsKpgJSAS0mlqTtvameqggDwWEKQYDqrnTMYSbQBZFVPmYUoiCz1p1x +DKt3zPTwEbUlM4pOIpoQNmf6EW1Idjof0uNEe4lmvrSF+y+mqhP6mm3JuxjEBK9P +FWmJmwIDAQABo4IBEjCCAQ4wHQYDVR0OBBYEFGlEJwXcLu2l9IHE13hF50Rd+IdH +MIHeBgNVHSMEgdYwgdOAFGlEJwXcLu2l9IHE13hF50Rd+IdHoYG3pIG0MIGxMQsw +CQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExEDAOBgNVBAcTB1Jh +bGVpZ2gxFjAUBgNVBAoTDVJlZCBIYXQsIEluYy4xGDAWBgNVBAsTD1JlZCBIYXQg +TmV0d29yazEiMCAGA1UEAxMZUkhOIENlcnRpZmljYXRlIEF1dGhvcml0eTEhMB8G +CSqGSIb3DQEJARYScmhuLW5vY0ByZWRoYXQuY29tggEAMAwGA1UdEwQFMAMBAf8w +DQYJKoZIhvcNAQEEBQADgYEAI8nKB59eljmD4E7a3UeEMMrU1TiG+d6Ig8osRyY2 +q/QUHigp3n0QSl6RPlqZBwypLuP7eERJxTLW6HqX/ynQM64munYGfnmXFwxPLSqL +iqxBWa7pxFUtuYjfm3tB+DIu7snAWeIwV143RynALXgz086jK9yE2r87Lku2s7ZO +noA= +-----END CERTIFICATE----- diff --git a/RHNS-CA-CERT.asc b/RHNS-CA-CERT.asc new file mode 100644 index 0000000..9b1eec0 --- /dev/null +++ b/RHNS-CA-CERT.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.0.7 (GNU/Linux) + +iD8DBQE/TsIqIZGAzdtCpg4RAj03AJ9Y+fj8UWEepsewkz+FvCqK19Ap3QCgmtwj +xkb8E4gRJAgmjON/Xm/qr5k= +=qpvb +-----END PGP SIGNATURE----- diff --git a/openssl-thread-test.c b/openssl-thread-test.c new file mode 100644 index 0000000..a91ec00 --- /dev/null +++ b/openssl-thread-test.c @@ -0,0 +1,399 @@ +/* Test program to verify that RSA signing is thread-safe in OpenSSL. */ + +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +/* Just assume we want to do engine stuff if we're using 0.9.6b or + * higher. This assumption is only valid for versions bundled with RHL. */ +#if OPENSSL_VERSION_NUMBER >= 0x0090602fL +#include +#define USE_ENGINE +#endif + +#define MAX_THREAD_COUNT 10000 +#define ITERATION_COUNT 10 +#define MAIN_COUNT 100 + +/* OpenSSL requires us to provide thread ID and locking primitives. */ +pthread_mutex_t *mutex_locks = NULL; +static unsigned long +thread_id_cb(void) +{ + return (unsigned long) pthread_self(); +} +static void +lock_cb(int mode, int n, const char *file, int line) +{ + if (mode & CRYPTO_LOCK) { + pthread_mutex_lock(&mutex_locks[n]); + } else { + pthread_mutex_unlock(&mutex_locks[n]); + } +} + +struct thread_args { + RSA *rsa; + int digest_type; + unsigned char *digest; + unsigned int digest_len; + unsigned char *signature; + unsigned int signature_len; + pthread_t main_thread; +}; + +static int print = 0; + +pthread_mutex_t sign_lock = PTHREAD_MUTEX_INITIALIZER; +static int locked_sign = 0; +static void SIGN_LOCK() {if (locked_sign) pthread_mutex_lock(&sign_lock);} +static void SIGN_UNLOCK() {if (locked_sign) pthread_mutex_unlock(&sign_lock);} + +pthread_mutex_t verify_lock = PTHREAD_MUTEX_INITIALIZER; +static int locked_verify = 0; +static void VERIFY_LOCK() {if (locked_verify) pthread_mutex_lock(&verify_lock);} +static void VERIFY_UNLOCK() {if (locked_verify) pthread_mutex_unlock(&verify_lock);} + +pthread_mutex_t failure_count_lock = PTHREAD_MUTEX_INITIALIZER; +long failure_count = 0; +static void +failure() +{ + pthread_mutex_lock(&failure_count_lock); + failure_count++; + pthread_mutex_unlock(&failure_count_lock); +} + +static void * +thread_main(void *argp) +{ + struct thread_args *args = argp; + unsigned char *signature; + unsigned int signature_len, signature_alloc_len; + int ret, i; + + signature_alloc_len = args->signature_len; + if (RSA_size(args->rsa) > signature_alloc_len) { + signature_alloc_len = RSA_size(args->rsa); + } + signature = malloc(signature_alloc_len); + if (signature == NULL) { + fprintf(stderr, "Skipping checks in thread %lu -- %s.\n", + (unsigned long) pthread_self(), strerror(errno)); + pthread_exit(0); + return NULL; + } + for (i = 0; i < ITERATION_COUNT; i++) { + signature_len = signature_alloc_len; + SIGN_LOCK(); + ret = RSA_check_key(args->rsa); + ERR_print_errors_fp(stdout); + if (ret != 1) { + failure(); + break; + } + ret = RSA_sign(args->digest_type, + args->digest, + args->digest_len, + signature, &signature_len, + args->rsa); + SIGN_UNLOCK(); + ERR_print_errors_fp(stdout); + if (ret != 1) { + failure(); + break; + } + + VERIFY_LOCK(); + ret = RSA_verify(args->digest_type, + args->digest, + args->digest_len, + signature, signature_len, + args->rsa); + VERIFY_UNLOCK(); + if (ret != 1) { + fprintf(stderr, + "Signature from thread %lu(%d) fails " + "verification (passed in thread #%lu)!\n", + (long) pthread_self(), i, + (long) args->main_thread); + ERR_print_errors_fp(stdout); + failure(); + continue; + } + if (print) { + fprintf(stderr, ">%d\n", i); + } + } + free(signature); + + pthread_exit(0); + + return NULL; +} + +unsigned char * +xmemdup(unsigned char *s, size_t len) +{ + unsigned char *r; + r = malloc(len); + if (r == NULL) { + fprintf(stderr, "Out of memory.\n"); + ERR_print_errors_fp(stdout); + assert(r != NULL); + } + memcpy(r, s, len); + return r; +} + +int +main(int argc, char **argv) +{ + RSA *rsa; + MD5_CTX md5; + int fd, i; + pthread_t threads[MAX_THREAD_COUNT]; + int thread_count = 1000; + unsigned char *message, *digest; + unsigned int message_len, digest_len; + unsigned char *correct_signature; + unsigned int correct_siglen, ret; + struct thread_args master_args, *args; + int sync = 0, seed = 0; + int again = 1; +#ifdef USE_ENGINE + char *engine = NULL; + ENGINE *e = NULL; +#endif + + pthread_mutex_init(&failure_count_lock, NULL); + + for (i = 1; i < argc; i++) { + if (strcmp(argv[i], "--seed") == 0) { + printf("Seeding PRNG.\n"); + seed++; + } else + if (strcmp(argv[i], "--sync") == 0) { + printf("Running synchronized.\n"); + sync++; + } else + if ((strcmp(argv[i], "--threads") == 0) && (i < argc - 1)) { + i++; + thread_count = atol(argv[i]); + if (thread_count > MAX_THREAD_COUNT) { + thread_count = MAX_THREAD_COUNT; + } + printf("Starting %d threads.\n", thread_count); + sync++; + } else + if (strcmp(argv[i], "--sign") == 0) { + printf("Locking signing.\n"); + locked_sign++; + } else + if (strcmp(argv[i], "--verify") == 0) { + printf("Locking verifies.\n"); + locked_verify++; + } else + if (strcmp(argv[i], "--print") == 0) { + printf("Tracing.\n"); + print++; +#ifdef USE_ENGINE + } else + if ((strcmp(argv[i], "--engine") == 0) && (i < argc - 1)) { + printf("Using engine \"%s\".\n", argv[i + 1]); + engine = argv[i + 1]; + i++; +#endif + } else { + printf("Bad argument: %s\n", argv[i]); + return 1; + } + } + + /* Get some random data to sign. */ + fd = open("/dev/urandom", O_RDONLY); + if (fd == -1) { + fprintf(stderr, "Error opening /dev/urandom: %s\n", + strerror(errno)); + } + + if (print) { + fprintf(stderr, "Reading random data.\n"); + } + message = malloc(message_len = 9371); + read(fd, message, message_len); + close(fd); + + /* Initialize the SSL library and set up thread-safe locking. */ + ERR_load_crypto_strings(); + SSL_library_init(); + mutex_locks = malloc(sizeof(pthread_mutex_t) * CRYPTO_num_locks()); + for (i = 0; i < CRYPTO_num_locks(); i++) { + pthread_mutex_init(&mutex_locks[i], NULL); + } + CRYPTO_set_id_callback(thread_id_cb); + CRYPTO_set_locking_callback(lock_cb); + ERR_print_errors_fp(stdout); + + /* Seed the PRNG if we were asked to do so. */ + if (seed) { + if (print) { + fprintf(stderr, "Seeding PRNG.\n"); + } + RAND_add(message, message_len, message_len); + ERR_print_errors_fp(stdout); + } + + /* Turn on a hardware crypto device if asked to do so. */ +#ifdef USE_ENGINE + if (engine) { +#if OPENSSL_VERSION_NUMBER >= 0x0090700fL + ENGINE_load_builtin_engines(); +#endif + if (print) { + fprintf(stderr, "Initializing \"%s\" engine.\n", + engine); + } + e = ENGINE_by_id(engine); + ERR_print_errors_fp(stdout); + if (e) { + i = ENGINE_init(e); + ERR_print_errors_fp(stdout); + i = ENGINE_set_default_RSA(e); + ERR_print_errors_fp(stdout); + } + } +#endif + + /* Compute the digest for the signature. */ + if (print) { + fprintf(stderr, "Computing digest.\n"); + } + digest = malloc(digest_len = MD5_DIGEST_LENGTH); + MD5_Init(&md5); + MD5_Update(&md5, message, message_len); + MD5_Final(digest, &md5); + + /* Generate a signing key. */ + if (print) { + fprintf(stderr, "Generating key.\n"); + } + rsa = RSA_generate_key(4096, 3, NULL, NULL); + ERR_print_errors_fp(stdout); + if (rsa == NULL) { + _exit(1); + } + + /* Sign the data. */ + correct_siglen = RSA_size(rsa); + correct_signature = malloc(correct_siglen); + for (i = 0; i < MAIN_COUNT; i++) { + if (print) { + fprintf(stderr, "Signing data (%d).\n", i); + } + ret = RSA_check_key(rsa); + ERR_print_errors_fp(stdout); + if (ret != 1) { + failure(); + } + correct_siglen = RSA_size(rsa); + ret = RSA_sign(NID_md5, digest, digest_len, + correct_signature, &correct_siglen, + rsa); + ERR_print_errors_fp(stdout); + if (ret != 1) { + _exit(2); + } + if (print) { + fprintf(stderr, "Verifying data (%d).\n", i); + } + ret = RSA_verify(NID_md5, digest, digest_len, + correct_signature, correct_siglen, + rsa); + if (ret != 1) { + _exit(2); + } + } + + /* Collect up the inforamtion which other threads will need for + * comparing their signature results with ours. */ + master_args.rsa = rsa; + master_args.digest_type = NID_md5; + master_args.digest = digest; + master_args.digest_len = digest_len; + master_args.signature = correct_signature; + master_args.signature_len = correct_siglen; + master_args.main_thread = pthread_self(); + + fprintf(stdout, "Performing %d signatures in each of %d threads " + "(%d, %d).\n", ITERATION_COUNT, thread_count, + digest_len, correct_siglen); + fflush(NULL); + + /* Start up all of the threads. */ + for (i = 0; i < thread_count; i++) { + args = malloc(sizeof(struct thread_args)); + args->rsa = RSAPrivateKey_dup(master_args.rsa); + args->digest_type = master_args.digest_type; + args->digest_len = master_args.digest_len; + args->digest = xmemdup(master_args.digest, args->digest_len); + args->signature_len = master_args.signature_len; + args->signature = xmemdup(master_args.signature, + args->signature_len); + args->main_thread = pthread_self(); + ret = pthread_create(&threads[i], NULL, thread_main, args); + while ((ret != 0) && (errno == EAGAIN)) { + ret = pthread_create(&threads[i], NULL, + thread_main, &args); + fprintf(stderr, "Thread limit hit at %d.\n", i); + } + if (ret != 0) { + fprintf(stderr, "Unable to create thread %d: %s.\n", + i, strerror(errno)); + threads[i] = -1; + } else { + if (sync) { + ret = pthread_join(threads[i], NULL); + assert(ret == 0); + } + if (print) { + fprintf(stderr, "%d\n", i); + } + } + } + + /* Wait for all threads to complete. So long as we can find an + * unjoined thread, keep joining threads. */ + do { + again = 0; + for (i = 0; i < thread_count; i++) { + /* If we have an unterminated thread, join it. */ + if (threads[i] != -1) { + again = 1; + if (print) { + fprintf(stderr, "Joining thread %d.\n", + i); + } + pthread_join(threads[i], NULL); + threads[i] = -1; + break; + } + } + } while (again == 1); + + fprintf(stderr, "%ld failures\n", failure_count); + + return (failure_count != 0); +} diff --git a/openssl.spec b/openssl.spec index 4aa2cbe..2111a87 100644 --- a/openssl.spec +++ b/openssl.spec @@ -5,17 +5,21 @@ # 0.9.6c soversion = 3 # 0.9.7a soversion = 4 %define soversion 4 +%define thread_test_threads %{?threads:%{threads}}%{!?threads:100} Summary: The OpenSSL toolkit. Name: openssl Version: 0.9.7a -Release: 5 +Release: 20 Source: openssl-%{version}-usa.tar.bz2 Source1: hobble-openssl Source2: Makefile.certificate Source3: ca-bundle.crt -Source4: RHNS-CA-CERT -Source5: make-dummy-cert +Source4: https://rhn.redhat.com/help/RHNS-CA-CERT +Source5: https://rhn.redhat.com/help/RHNS-CA-CERT.asc +Source6: make-dummy-cert +Source7: libica-1.3.4.tar.gz +Source8: openssl-thread-test.c Patch0: openssl-0.9.7a-redhat.patch Patch1: openssl-0.9.7-beta5-defaults.patch Patch2: openssl-0.9.7-beta6-ia64.patch @@ -26,11 +30,23 @@ Patch6: openssl-0.9.7-ibmca.patch Patch7: openssl-0.9.7-ppc64.patch Patch8: openssl-sec3-blinding-0.9.7.patch Patch9: openssl-0.9.7a-klima-pokorny-rosa.patch +Patch10: libica-1.2-struct.patch +Patch11: libica-1.2-cleanup.patch +Patch12: openssl-0.9.7a-libica-autoconf.patch +Patch13: openssl-0.9.7a-blinding-threads.patch +Patch14: openssl-0.9.7a-specific-engine.patch +Patch15: openssl-0.9.7a-blinding-rng.patch +Patch16: openssl-0.9.7a-ubsec-stomp.patch +Patch17: openssl-0.9.7a-krb5-leak.patch +Patch18: openssl-0.9.7a-krb5-1.3.patch +Patch19: niscc-097.txt +Patch20: openssl-0.9.6c-ccert.patch License: BSDish Group: System Environment/Libraries URL: http://www.openssl.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildPreReq: mktemp, krb5-devel, perl, sed, zlib-devel +ExclusiveArch: %{ix86} Requires: mktemp %define solibbase %(echo %version | sed 's/[[:alpha:]]//g') @@ -64,7 +80,8 @@ package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit. %prep -%setup -q +%setup -q -a 7 + %{SOURCE1} > /dev/null %patch0 -p1 -b .redhat %patch1 -p1 -b .defaults @@ -79,6 +96,30 @@ pushd ssl %patch9 -p0 -b .klima-pokorny-rosa popd +%ifarch s390 s390x +pushd libica-1.3.4 +#%patch10 -p1 -b .struct +%patch11 -p1 -b .cleanup +if [[ $RPM_BUILD_ROOT ]] ; then + export INSROOT=$RPM_BUILD_ROOT +fi +aclocal +touch Makefile.macros +automake --gnu -acf +autoconf +popd +%endif + +%patch12 -p1 -b .libica-autoconf +%patch13 -p1 -b .blinding-threads +%patch14 -p1 -b .specific-engine +%patch15 -p1 -b .blinding-rng +%patch16 -p1 -b .ubsec-stomp +%patch17 -p1 -b .krb5-leak +%patch18 -p1 -b .krb5-1.3 +%patch19 -p1 -b .niscc +%patch20 -p1 -b .ccert + # Modify the various perl scripts to reference perl in the right location. perl util/perlpath.pl `dirname %{__perl}` @@ -86,7 +127,19 @@ perl util/perlpath.pl `dirname %{__perl}` make TABLE PERL=%{__perl} %build -# Figure out which flags we want to use. +%ifarch s390 s390x +pushd libica-1.3.4 +if [[ $RPM_BUILD_ROOT ]] ; then + export INSROOT=$RPM_BUILD_ROOT +fi +%configure +make +popd +%endif + +# Figure out which flags we want to use. Set the number of threads to use to +# the maximum we've managed to run without running afoul of the OOM killer. +sslarch=%{_os}-%{_arch} %ifarch %ix86 sslarch=linux-elf if ! echo %{_target} | grep -q i686 ; then @@ -99,6 +152,7 @@ sslflags=no-asm %endif %ifarch ia64 sslarch=linux-ia64 +sslflags=no-asm %endif %ifarch alpha sslarch=alpha-gcc @@ -117,17 +171,17 @@ sslarch=linux-ppc %endif %ifarch ppc64 sslarch=linux-ppc64 +RPM_OPT_FLAGS="$RPM_OPT_FLAGS -O0" %endif # Configure the build tree. Override OpenSSL defaults with known-good defaults # usable on all platforms. The Configure script already knows to use -fPIC and # RPM_OPT_FLAGS, so we can skip specifiying them here. -./config \ +./Configure \ --prefix=%{_prefix} --openssldir=%{_datadir}/ssl ${sslflags} \ zlib no-idea no-mdc2 no-rc5 no-ec shared \ - --with-krb5-include=`%{_prefix}/kerberos/bin/krb5-config --cflags` \ - --with-krb5-lib=`%{_prefix}/kerberos/bin/krb5-config --libs gssapi` \ --with-krb5-flavor=MIT \ - -I%{_prefix}/kerberos/include -L%{_prefix}/kerberos/%{_lib} + -I%{_prefix}/kerberos/include -L%{_prefix}/kerberos/%{_lib} \ + ${sslarch} make depend make all build-shared @@ -135,7 +189,17 @@ make all build-shared make rehash build-shared # Verify that what was compiled actually works. +LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}} +export LD_LIBRARY_PATH make -C test apps tests +%{__cc} -o openssl-thread-test \ + `krb5-config --cflags` \ + -I./include \ + $RPM_SOURCE_DIR/openssl-thread-test.c \ + libssl.a libcrypto.a \ + `krb5-config --libs` \ + -lpthread -lz -ldl +./openssl-thread-test --threads %{thread_test_threads} %install [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT @@ -219,6 +283,17 @@ rm -rf $RPM_BUILD_ROOT/%{_mandir}/man1*/*.pl* rm -rf $RPM_BUILD_ROOT/%{_datadir}/ssl/misc/*.pl %endif +%ifarch s390 s390x +pushd libica-1.3.4 +if [[ $RPM_BUILD_ROOT ]] ; +then + export INSROOT=$RPM_BUILD_ROOT +fi +%makeinstall +mkdir -p $RPM_BUILD_ROOT/%{_libdir} +mv $RPM_BUILD_ROOT/%{_bindir}/libica.so $RPM_BUILD_ROOT/%{_libdir} +%endif + %clean [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT @@ -246,6 +321,9 @@ rm -rf $RPM_BUILD_ROOT/%{_datadir}/ssl/misc/*.pl %attr(0644,root,root) %{_mandir}/man1*/[ABD-Zabcd-z]* %attr(0644,root,root) %{_mandir}/man5*/* %attr(0644,root,root) %{_mandir}/man7*/* +%ifarch s390 s390x +%attr(0755,root,root) %{_libdir}/libica.so +%endif %ifnarch i686 %files devel @@ -269,6 +347,73 @@ rm -rf $RPM_BUILD_ROOT/%{_datadir}/ssl/misc/*.pl %postun -p /sbin/ldconfig %changelog +* Wed Sep 24 2003 Nalin Dahyabhai 0.9.7a-20 +- only parse a client cert if one was requested +- temporarily exclusivearch for %%{ix86} + +* Tue Sep 23 2003 Nalin Dahyabhai +- add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544) + and heap corruption (CAN-2003-0545) +- update RHNS-CA-CERT files +- ease back on the number of threads used in the threading test + +* Wed Sep 17 2003 Matt Wilson 0.9.7a-19 +- rebuild to fix gzipped file md5sums (#91211) + +* Mon Aug 25 2003 Phil Knirsch 0.9.7a-18 +- Updated libica to version 1.3.4. + +* Thu Jul 17 2003 Nalin Dahyabhai 0.9.7a-17 +- rebuild + +* Tue Jul 15 2003 Nalin Dahyabhai 0.9.7a-10.9 +- free the kssl_ctx structure when we free an SSL structure (#99066) + +* Fri Jul 10 2003 Nalin Dahyabhai 0.9.7a-16 +- rebuild + +* Thu Jul 10 2003 Nalin Dahyabhai 0.9.7a-15 +- lower thread test count on s390x + +* Tue Jul 8 2003 Nalin Dahyabhai 0.9.7a-14 +- rebuild + +* Thu Jun 26 2003 Nalin Dahyabhai 0.9.7a-13 +- disable assembly on arches where it seems to conflict with threading + +* Thu Jun 26 2003 Phil Knirsch 0.9.7a-12 +- Updated libica to latest upstream version 1.3.0 + +* Wed Jun 11 2003 Nalin Dahyabhai 0.9.7a-9.9 +- rebuild + +* Wed Jun 11 2003 Nalin Dahyabhai 0.9.7a-11 +- rebuild + +* Tue Jun 10 2003 Nalin Dahyabhai 0.9.7a-10 +- ubsec: don't stomp on output data which might also be input data + +* Tue Jun 10 2003 Nalin Dahyabhai 0.9.7a-9 +- temporarily disable optimizations on ppc64 + +* Mon Jun 9 2003 Nalin Dahyabhai +- backport fix for engine-used-for-everything from 0.9.7b +- backport fix for prng not being seeded causing problems, also from 0.9.7b +- add a check at build-time to ensure that RSA is thread-safe +- keep perlpath from stomping on the libica configure scripts + +* Fri Jun 6 2003 Nalin Dahyabhai +- thread-safety fix for RSA blinding + +* Wed Jun 04 2003 Elliot Lee 0.9.7a-8 +- rebuilt + +* Fri May 30 2003 Phil Knirsch 0.9.7a-7 +- Added libica-1.2 to openssl (featurerequest). + +* Wed Apr 16 2003 Nalin Dahyabhai 0.9.7a-6 +- fix building with incorrect flags on ppc64 + * Wed Mar 19 2003 Nalin Dahyabhai 0.9.7a-5 - add patch to harden against Klima-Pokorny-Rosa extension of Bleichenbacher's attack (CAN-2003-0131) diff --git a/sources b/sources index 0d9ec19..b061975 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ +9e5fded5ad98b250924740e573742d74 libica-1.3.4.tar.gz 140e7b19ae7d3be33784c2a45acb73ca openssl-0.9.7a-usa.tar.bz2