diff options
Diffstat (limited to 'dev-libs')
| -rw-r--r-- | dev-libs/libdwarf/Manifest | 2 | ||||
| -rw-r--r-- | dev-libs/libdwarf/libdwarf-0.11.1.ebuild (renamed from dev-libs/libdwarf/libdwarf-0.7.0.ebuild) | 10 | ||||
| -rw-r--r-- | dev-libs/libdwarf/metadata.xml | 5 | ||||
| -rw-r--r-- | dev-libs/openssl/Manifest | 4 | ||||
| -rw-r--r-- | dev-libs/openssl/files/openssl-3.3.2-CVE-2024-9143.patch | 193 | ||||
| -rw-r--r-- | dev-libs/openssl/openssl-3.3.2-r1.ebuild (renamed from dev-libs/openssl/openssl-3.1.1.ebuild) | 72 |
6 files changed, 255 insertions, 31 deletions
diff --git a/dev-libs/libdwarf/Manifest b/dev-libs/libdwarf/Manifest index 00a2d91..09c1620 100644 --- a/dev-libs/libdwarf/Manifest +++ b/dev-libs/libdwarf/Manifest @@ -1 +1 @@ -DIST libdwarf-0.7.0.tar.xz 2506816 BLAKE2B 8cc5d2c28d570ac44b3244fa3745f89ae9391262c0887b946cc3611cc16309fd9b2542cf567c2e0a136dc081603d545f3543d6206870d33dad202dd96fdcf177 SHA512 0fe027e517551d138c15695ffdebe2dfbb0e89184fc0cc93bed5c342cd1cd901dc23f6b2aa8643ec8e62808cbdc0d94389fe44438c694d19c45c6a7367e8f7af +DIST libdwarf-0.11.1.tar.xz 2747004 BLAKE2B b98467abd547e222594843263ef36a9362aa4a8c8ace770d128016e65a50c7ae15d91e769e6fd966ca9b8c5b5ed471d14e5e7259c713c126ac17e13d5d074a77 SHA512 d927b1d0e8dd1540c2f5da2a9d39b2914bb48225b2b9bdca94e7b36349358e1f537044eadc345f11d75de717fdda07ad99a8a7a5eb45e64fe4c79c37e165012f diff --git a/dev-libs/libdwarf/libdwarf-0.7.0.ebuild b/dev-libs/libdwarf/libdwarf-0.11.1.ebuild index ee99812..5c4daa8 100644 --- a/dev-libs/libdwarf/libdwarf-0.7.0.ebuild +++ b/dev-libs/libdwarf/libdwarf-0.11.1.ebuild @@ -10,11 +10,13 @@ SRC_URI="https://github.com/davea42/libdwarf-code/releases/download/v${PV}/${P}. LICENSE="LGPL-2.1" SLOT="0" KEYWORDS="~amd64 ~x86" -IUSE="dwarfexample dwarfgen static-libs" +IUSE="+decompression dwarfexample dwarfgen static-libs" DEPEND=" - sys-libs/zlib - dwarfgen? ( virtual/libelf ) + decompression? ( + app-arch/zstd + sys-libs/zlib + } " RDEPEND="${DEPEND}" @@ -22,9 +24,9 @@ src_configure() { local myeconfargs=( --includedir="${EPREFIX}/usr/include/${PN}" --enable-shared + $(use_enable decompression) $(use_enable dwarfexample) $(use_enable dwarfgen) - $(use_enable dwarfgen libelf) $(use_enable static-libs static) ) econf "${myeconfargs[@]}" diff --git a/dev-libs/libdwarf/metadata.xml b/dev-libs/libdwarf/metadata.xml index 32edad3..086dc90 100644 --- a/dev-libs/libdwarf/metadata.xml +++ b/dev-libs/libdwarf/metadata.xml @@ -6,8 +6,9 @@ <name>Alex Xu (Hello71)</name> </maintainer> <use> - <flag name="dwarfexample">dwarfexample</flag> - <flag name="dwarfgen">dwarfgen</flag> + <flag name="decompression">Enable decompression with zlib/zstd</flag> + <flag name="dwarfexample">Install dwarfexample bin</flag> + <flag name="dwarfgen">Install dwarfgen bin</flag> </use> <upstream> <remote-id type="github">davea42/libdwarf-code</remote-id> diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest index a86d270..ff260cf 100644 --- a/dev-libs/openssl/Manifest +++ b/dev-libs/openssl/Manifest @@ -1,2 +1,2 @@ -DIST openssl-3.1.1.tar.gz 15544757 BLAKE2B 094f7e28f16de6528016fcd21df1d7382b0dbdcd80ec469d37add9c37f638c059dda3ffb4415eba890a33d146ddc9016bcc7192df101c73be5e70faf6e3b1097 SHA512 8ba9dd6ab87451e126c19cc106ccd1643ca48667d6c37504d0ab98205fbccf855fd0db54474b4113c4c3a15215a4ef77a039fb897a69f71bcab2054b2effd1d9 -DIST openssl-3.1.1.tar.gz.asc 833 BLAKE2B 5a2a9aeb475b843862e133d53bc5bb3c8e12e8e03b1e2da41d0eaa0eade1ae03c4318ad1f5c490c5e1ed7e6ac6275a6d7c881d99993911722b043b15d1622b25 SHA512 83349020c67e5b956f3ef37604a03a1970ea393f862691f5fd5d85930c01e559e25db17d397d8fd230c3862a8b2fba2d5c7df883d56d7472f4c01dab3a661cb2 +DIST openssl-3.3.2.tar.gz 18076531 BLAKE2B cc53d45418673bc2a406d6697b8bd17ff6c726463c4ccc87bb2fa5a6592d0d178dc8cfeb2fbb980ea354a5dc2c86f31c48453427c6937896c7221273e623c9b5 SHA512 5ae47bf1aed2740a33ba5df7dc7345a6738aa6bfa3c9c4de5e51742485e24b25192988d7a2c1b8201ef70056ad8abd0ca78b3d55abe24c0b0373d83b47ed9b74 +DIST openssl-3.3.2.tar.gz.asc 833 BLAKE2B c318e2dcef085b83ced77048dc136d9bc8438d49a7985f3c6ebd4ffd0e5e290ece47e8fd1074c6cc056e87b2bae2101dd58b8d70dbc0eb99aa134d776125439c SHA512 981f8438bbd541b97e745aca1bb77cde68900ce4b5ffefc9eccc2f18c675292203f6b4c7bffefde2256a442b7310d8438279b52fb21aac65921e9a529bc00067 diff --git a/dev-libs/openssl/files/openssl-3.3.2-CVE-2024-9143.patch b/dev-libs/openssl/files/openssl-3.3.2-CVE-2024-9143.patch new file mode 100644 index 0000000..5776c78 --- /dev/null +++ b/dev-libs/openssl/files/openssl-3.3.2-CVE-2024-9143.patch @@ -0,0 +1,193 @@ +https://bugs.gentoo.org/941643 +https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4 + +From c0d3e4d32d2805f49bec30547f225bc4d092e1f4 Mon Sep 17 00:00:00 2001 +From: Viktor Dukhovni <viktor@openssl.org> +Date: Thu, 19 Sep 2024 01:02:40 +1000 +Subject: [PATCH] Harden BN_GF2m_poly2arr against misuse. + +The BN_GF2m_poly2arr() function converts characteristic-2 field +(GF_{2^m}) Galois polynomials from a representation as a BIGNUM bitmask, +to a compact array with just the exponents of the non-zero terms. + +These polynomials are then used in BN_GF2m_mod_arr() to perform modular +reduction. A precondition of calling BN_GF2m_mod_arr() is that the +polynomial must have a non-zero constant term (i.e. the array has `0` as +its final element). + +Internally, callers of BN_GF2m_poly2arr() did not verify that +precondition, and binary EC curve parameters with an invalid polynomial +could lead to out of bounds memory reads and writes in BN_GF2m_mod_arr(). + +The precondition is always true for polynomials that arise from the +standard form of EC parameters for characteristic-two fields (X9.62). +See the "Finite Field Identification" section of: + + https://www.itu.int/ITU-T/formal-language/itu-t/x/x894/2018-cor1/ANSI-X9-62.html + +The OpenSSL GF(2^m) code supports only the trinomial and pentanomial +basis X9.62 forms. + +This commit updates BN_GF2m_poly2arr() to return `0` (failure) when +the constant term is zero (i.e. the input bitmask BIGNUM is not odd). + +Additionally, the return value is made unambiguous when there is not +enough space to also pad the array with a final `-1` sentinel value. +The return value is now always the number of elements (including the +final `-1`) that would be filled when the output array is sufficiently +large. Previously the same count was returned both when the array has +just enough room for the final `-1` and when it had only enough space +for non-sentinel values. + +Finally, BN_GF2m_poly2arr() is updated to reject polynomials whose +degree exceeds `OPENSSL_ECC_MAX_FIELD_BITS`, this guards against +CPU exhausition attacks via excessively large inputs. + +The above issues do not arise in processing X.509 certificates. These +generally have EC keys from "named curves", and RFC5840 (Section 2.1.1) +disallows explicit EC parameters. The TLS code in OpenSSL enforces this +constraint only after the certificate is decoded, but, even if explicit +parameters are specified, they are in X9.62 form, which cannot represent +problem values as noted above. + +Initially reported as oss-fuzz issue 71623. + +A closely related issue was earlier reported in +<https://github.com/openssl/openssl/issues/19826>. + +Severity: Low, CVE-2024-9143 + +Reviewed-by: Matt Caswell <matt@openssl.org> +Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> +Reviewed-by: Paul Dale <ppzgs1@gmail.com> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/25639) + +(cherry picked from commit 8e008cb8b23ec7dc75c45a66eeed09c815b11cd2) +--- a/crypto/bn/bn_gf2m.c ++++ b/crypto/bn/bn_gf2m.c +@@ -15,6 +15,7 @@ + #include "bn_local.h" + + #ifndef OPENSSL_NO_EC2M ++# include <openssl/ec.h> + + /* + * Maximum number of iterations before BN_GF2m_mod_solve_quad_arr should +@@ -1130,16 +1131,26 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + /* + * Convert the bit-string representation of a polynomial ( \sum_{i=0}^n a_i * + * x^i) into an array of integers corresponding to the bits with non-zero +- * coefficient. Array is terminated with -1. Up to max elements of the array +- * will be filled. Return value is total number of array elements that would +- * be filled if array was large enough. ++ * coefficient. The array is intended to be suitable for use with ++ * `BN_GF2m_mod_arr()`, and so the constant term of the polynomial must not be ++ * zero. This translates to a requirement that the input BIGNUM `a` is odd. ++ * ++ * Given sufficient room, the array is terminated with -1. Up to max elements ++ * of the array will be filled. ++ * ++ * The return value is total number of array elements that would be filled if ++ * array was large enough, including the terminating `-1`. It is `0` when `a` ++ * is not odd or the constant term is zero contrary to requirement. ++ * ++ * The return value is also `0` when the leading exponent exceeds ++ * `OPENSSL_ECC_MAX_FIELD_BITS`, this guards against CPU exhaustion attacks, + */ + int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max) + { + int i, j, k = 0; + BN_ULONG mask; + +- if (BN_is_zero(a)) ++ if (!BN_is_odd(a)) + return 0; + + for (i = a->top - 1; i >= 0; i--) { +@@ -1157,12 +1168,13 @@ int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max) + } + } + +- if (k < max) { ++ if (k > 0 && p[0] > OPENSSL_ECC_MAX_FIELD_BITS) ++ return 0; ++ ++ if (k < max) + p[k] = -1; +- k++; +- } + +- return k; ++ return k + 1; + } + + /* +--- a/test/ec_internal_test.c ++++ b/test/ec_internal_test.c +@@ -155,6 +155,56 @@ static int field_tests_ecp_mont(void) + } + + #ifndef OPENSSL_NO_EC2M ++/* Test that decoding of invalid GF2m field parameters fails. */ ++static int ec2m_field_sanity(void) ++{ ++ int ret = 0; ++ BN_CTX *ctx = BN_CTX_new(); ++ BIGNUM *p, *a, *b; ++ EC_GROUP *group1 = NULL, *group2 = NULL, *group3 = NULL; ++ ++ TEST_info("Testing GF2m hardening\n"); ++ ++ BN_CTX_start(ctx); ++ p = BN_CTX_get(ctx); ++ a = BN_CTX_get(ctx); ++ if (!TEST_ptr(b = BN_CTX_get(ctx)) ++ || !TEST_true(BN_one(a)) ++ || !TEST_true(BN_one(b))) ++ goto out; ++ ++ /* Even pentanomial value should be rejected */ ++ if (!TEST_true(BN_set_word(p, 0xf2))) ++ goto out; ++ if (!TEST_ptr_null(group1 = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) ++ TEST_error("Zero constant term accepted in GF2m polynomial"); ++ ++ /* Odd hexanomial should also be rejected */ ++ if (!TEST_true(BN_set_word(p, 0xf3))) ++ goto out; ++ if (!TEST_ptr_null(group2 = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) ++ TEST_error("Hexanomial accepted as GF2m polynomial"); ++ ++ /* Excessive polynomial degree should also be rejected */ ++ if (!TEST_true(BN_set_word(p, 0x71)) ++ || !TEST_true(BN_set_bit(p, OPENSSL_ECC_MAX_FIELD_BITS + 1))) ++ goto out; ++ if (!TEST_ptr_null(group3 = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) ++ TEST_error("GF2m polynomial degree > %d accepted", ++ OPENSSL_ECC_MAX_FIELD_BITS); ++ ++ ret = group1 == NULL && group2 == NULL && group3 == NULL; ++ ++ out: ++ EC_GROUP_free(group1); ++ EC_GROUP_free(group2); ++ EC_GROUP_free(group3); ++ BN_CTX_end(ctx); ++ BN_CTX_free(ctx); ++ ++ return ret; ++} ++ + /* test EC_GF2m_simple_method directly */ + static int field_tests_ec2_simple(void) + { +@@ -443,6 +493,7 @@ int setup_tests(void) + ADD_TEST(field_tests_ecp_simple); + ADD_TEST(field_tests_ecp_mont); + #ifndef OPENSSL_NO_EC2M ++ ADD_TEST(ec2m_field_sanity); + ADD_TEST(field_tests_ec2_simple); + #endif + ADD_ALL_TESTS(field_tests_default, crv_len); + diff --git a/dev-libs/openssl/openssl-3.1.1.ebuild b/dev-libs/openssl/openssl-3.3.2-r1.ebuild index d391173..4030adf 100644 --- a/dev-libs/openssl/openssl-3.1.1.ebuild +++ b/dev-libs/openssl/openssl-3.3.2-r1.ebuild @@ -1,13 +1,14 @@ -# Copyright 1999-2023 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 -VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/openssl.org.asc -inherit edo flag-o-matic linux-info toolchain-funcs multilib-minimal multiprocessing verify-sig +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc +inherit edo flag-o-matic linux-info toolchain-funcs +inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)" -HOMEPAGE="https://www.openssl.org/" +HOMEPAGE="https://openssl-library.org/" MY_P=${P/_/-} @@ -17,17 +18,22 @@ if [[ ${PV} == 9999 ]] ; then inherit git-r3 else SRC_URI=" - mirror://openssl/source/${MY_P}.tar.gz - verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc ) + https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz + verify-sig? ( + https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc + ) " - #KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" + + if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then + KEYWORDS="~amd64 ~x86" + fi fi S="${WORKDIR}"/${MY_P} LICENSE="Apache-2.0" SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto -IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers" +IUSE="+asm cpu_flags_x86_sse2 fips ktls quic rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers" RESTRICT="!test? ( test )" COMMON_DEPEND=" @@ -39,11 +45,11 @@ BDEPEND=" sctp? ( >=net-misc/lksctp-tools-1.0.12 ) test? ( sys-apps/diffutils - sys-devel/bc + app-alternatives/bc sys-process/procps ) - verify-sig? ( >=sec-keys/openpgp-keys-openssl-20230207 )" - + verify-sig? ( >=sec-keys/openpgp-keys-openssl-20240920 ) +" DEPEND="${COMMON_DEPEND}" RDEPEND="${COMMON_DEPEND}" PDEPEND="app-misc/ca-certificates" @@ -52,6 +58,10 @@ MULTILIB_WRAPPED_HEADERS=( /usr/include/openssl/configuration.h ) +PATCHES=( + "${FILESDIR}"/${P}-CVE-2024-9143.patch +) + pkg_setup() { if use ktls ; then if kernel_is -lt 4 18 ; then @@ -83,7 +93,7 @@ src_unpack() { # Can delete this once test fix patch is dropped if use verify-sig ; then # Needed for downloaded patch (which is unsigned, which is fine) - verify-sig_verify_detached "${DISTDIR}"/${P}.tar.gz{,.asc} + verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc} fi default @@ -92,7 +102,7 @@ src_unpack() { src_prepare() { # Make sure we only ever touch Makefile.org and avoid patching a file # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile + rm -f Makefile || die if ! use vanilla ; then PATCHES+=( @@ -125,6 +135,7 @@ src_configure() { # code. This has been in the ebuild for > 10 years but even in 2022, # it's still relevant: # - https://github.com/llvm/llvm-project/issues/55255 + # - https://github.com/openssl/openssl/issues/12247 # - https://github.com/openssl/openssl/issues/18225 # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 # Don't remove the no strict aliasing bits below! @@ -137,6 +148,11 @@ src_configure() { append-flags $(test-flags-CC -Wa,--noexecstack) + # bug #895308 -- check inserts GNU ld-compatible arguments + [[ ${CHOST} == *-darwin* ]] || append-atomic-flags + # Configure doesn't respect LIBS + export LDLIBS="${LIBS}" + # bug #197996 unset APPS # bug #312551 @@ -161,6 +177,7 @@ multilib_src_configure() { local myeconfargs=( ${sslout} + $(multilib_is_native_abi || echo "no-docs") $(use cpu_flags_x86_sse2 || echo "no-sse2") enable-camellia enable-ec @@ -172,6 +189,7 @@ multilib_src_configure() { enable-idea enable-mdc2 $(use fips && echo "enable-fips") + $(use quic && echo "enable-quic") $(use_ssl asm) $(use_ssl ktls) $(use_ssl rfc3779) @@ -193,29 +211,33 @@ multilib_src_configure() { multilib_src_compile() { emake build_sw - - if multilib_is_native_abi; then - emake build_docs - fi } multilib_src_test() { + # See https://github.com/openssl/openssl/blob/master/test/README.md for options. + # # VFP = show subtests verbosely and show failed tests verbosely # Normal V=1 would show everything verbosely but this slows things down. - emake HARNESS_JOBS="$(makeopts_jobs)" VFP=1 test + # + # -j1 here for https://github.com/openssl/openssl/issues/21999, but it + # shouldn't matter as tests were already built earlier, and HARNESS_JOBS + # controls running the tests. + emake -Onone -j1 HARNESS_JOBS="$(makeopts_jobs)" VFP=1 test } multilib_src_install() { - emake DESTDIR="${D}" install_sw + # Only -j1 is supported for the install targets: + # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305 + emake DESTDIR="${D}" -j1 install_sw if use fips; then - emake DESTDIR="${D}" install_fips + emake DESTDIR="${D}" -j1 install_fips # Regen this in pkg_preinst, bug 900625 rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die fi if multilib_is_native_abi; then - emake DESTDIR="${D}" install_ssldirs - emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} install_docs + emake DESTDIR="${D}" -j1 install_ssldirs + emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs fi # This is crappy in that the static archives are still built even @@ -255,10 +277,16 @@ pkg_preinst() { -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" eend $? fi + + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) } pkg_postinst() { ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)" openssl rehash "${EROOT}${SSL_CNF_DIR}/certs" eend $? + + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) } |