diff --git a/.cvsignore b/.cvsignore index d5b2067..a69c481 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -gnutls-2.0.4-nosrp.tar.bz2 +gnutls-2.4.0-nosrp.tar.bz2 diff --git a/gnutls-1.4.1-sa-2008-1.patch b/gnutls-1.4.1-sa-2008-1.patch deleted file mode 100644 index b24df2d..0000000 --- a/gnutls-1.4.1-sa-2008-1.patch +++ /dev/null @@ -1,98 +0,0 @@ -diff -up gnutls-1.4.1/lib/ext_server_name.c.sa-2008-1 gnutls-1.4.1/lib/ext_server_name.c ---- gnutls-1.4.1/lib/ext_server_name.c.sa-2008-1 2006-03-08 11:44:59.000000000 +0100 -+++ gnutls-1.4.1/lib/ext_server_name.c 2008-05-20 09:52:13.000000000 +0200 -@@ -74,10 +74,27 @@ _gnutls_server_name_recv_params (gnutls_ - len = _gnutls_read_uint16 (p); - p += 2; - -- DECR_LENGTH_RET (data_size, len, 0); -- server_names++; -+ if (len > 0) -+ { -+ DECR_LENGTH_RET (data_size, len, 0); -+ server_names++; -+ p += len; -+ } -+ else -+ _gnutls_handshake_log -+ ("HSK[%x]: Received zero size server name (under attack?)\n", -+ session); - -- p += len; -+ } -+ -+ /* we cannot accept more server names. -+ */ -+ if (server_names > MAX_SERVER_NAME_EXTENSIONS) -+ { -+ _gnutls_handshake_log -+ ("HSK[%x]: Too many server names received (under attack?)\n", -+ session); -+ server_names = MAX_SERVER_NAME_EXTENSIONS; - } - - session->security_parameters.extensions.server_names_size = -@@ -85,10 +102,6 @@ _gnutls_server_name_recv_params (gnutls_ - if (server_names == 0) - return 0; /* no names found */ - -- /* we cannot accept more server names. -- */ -- if (server_names > MAX_SERVER_NAME_EXTENSIONS) -- server_names = MAX_SERVER_NAME_EXTENSIONS; - - p = data + 2; - for (i = 0; i < server_names; i++) -diff -up gnutls-1.4.1/lib/gnutls_handshake.c.sa-2008-1 gnutls-1.4.1/lib/gnutls_handshake.c ---- gnutls-1.4.1/lib/gnutls_handshake.c.sa-2008-1 2006-04-17 18:32:16.000000000 +0200 -+++ gnutls-1.4.1/lib/gnutls_handshake.c 2008-05-20 09:52:13.000000000 +0200 -@@ -929,6 +929,14 @@ _gnutls_recv_handshake_header (gnutls_se - - *recv_type = session->internals.handshake_header_buffer.recv_type; - -+ if (*recv_type != type) -+ { -+ gnutls_assert (); -+ _gnutls_handshake_log -+ ("HSK[%x]: Handshake type mismatch (under attack?)\n", session); -+ return GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET; -+ } -+ - return session->internals.handshake_header_buffer.packet_length; - } - -diff -up gnutls-1.4.1/lib/gnutls_cipher.c.sa-2008-1 gnutls-1.4.1/lib/gnutls_cipher.c ---- gnutls-1.4.1/lib/gnutls_cipher.c.sa-2008-1 2006-03-08 11:44:59.000000000 +0100 -+++ gnutls-1.4.1/lib/gnutls_cipher.c 2008-05-20 09:52:48.000000000 +0200 -@@ -445,7 +445,6 @@ _gnutls_ciphertext2compressed (gnutls_se - return GNUTLS_E_INTERNAL_ERROR; - } - -- - /* actual decryption (inplace) - */ - switch (_gnutls_cipher_is_block -@@ -496,17 +495,20 @@ _gnutls_ciphertext2compressed (gnutls_se - - pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */ - -- length = ciphertext.size - hash_size - pad; -- -- if (pad > ciphertext.size - hash_size) -+ if ((int)pad > (int)ciphertext.size - hash_size) - { - gnutls_assert (); -+ _gnutls_record_log -+ ("REC[%x]: Short record length %d > %d - %d (under attack?)\n", -+ session, pad, ciphertext.size, hash_size); - /* We do not fail here. We check below for the - * the pad_failed. If zero means success. - */ - pad_failed = GNUTLS_E_DECRYPTION_FAILED; - } - -+ length = ciphertext.size - hash_size - pad; -+ - /* Check the pading bytes (TLS 1.x) - */ - if (ver >= GNUTLS_TLS1 && pad_failed == 0) diff --git a/gnutls-2.0.4-nosrp.patch b/gnutls-2.0.4-nosrp.patch deleted file mode 100644 index 7755405..0000000 --- a/gnutls-2.0.4-nosrp.patch +++ /dev/null @@ -1,70 +0,0 @@ -diff -up gnutls-2.0.4/doc/examples/ex-serv-srp.c.nosrp gnutls-2.0.4/doc/examples/ex-serv-srp.c ---- gnutls-2.0.4/doc/examples/ex-serv-srp.c.nosrp 2007-11-15 16:24:56.000000000 +0100 -+++ gnutls-2.0.4/doc/examples/ex-serv-srp.c 2007-11-29 14:50:37.000000000 +0100 -@@ -29,6 +29,7 @@ - #define MAX_BUF 1024 - #define PORT 5556 /* listen to 5556 port */ - -+#if 0 - /* These are global */ - gnutls_srp_server_credentials_t srp_cred; - gnutls_certificate_credentials_t cert_cred; -@@ -57,10 +58,12 @@ initialize_tls_session (void) - - return session; - } -+#endif - - int - main (void) - { -+#if 0 - int err, listen_sd, i; - int sd, ret; - struct sockaddr_in sa_serv; -@@ -173,7 +176,7 @@ main (void) - gnutls_certificate_free_credentials (cert_cred); - - gnutls_global_deinit (); -- -+#endif - return 0; - - } -diff -up gnutls-2.0.4/doc/examples/ex-session-info.c.nosrp gnutls-2.0.4/doc/examples/ex-session-info.c ---- gnutls-2.0.4/doc/examples/ex-session-info.c.nosrp 2007-11-15 16:24:56.000000000 +0100 -+++ gnutls-2.0.4/doc/examples/ex-session-info.c 2007-11-29 15:54:12.000000000 +0100 -@@ -35,12 +35,12 @@ print_info (gnutls_session_t session) - printf ("- TLS/IA session\n"); - break; - -- -+#if 0 - case GNUTLS_CRD_SRP: - printf ("- SRP session with username %s\n", - gnutls_srp_server_get_username (session)); - break; -- -+#endif - case GNUTLS_CRD_PSK: - if (gnutls_psk_server_get_username (session) != NULL) - printf ("- PSK authentication. Connected as '%s'\n", -diff -up gnutls-2.0.4/doc/examples/ex-client-srp.c.nosrp gnutls-2.0.4/doc/examples/ex-client-srp.c ---- gnutls-2.0.4/doc/examples/ex-client-srp.c.nosrp 2007-11-15 16:24:56.000000000 +0100 -+++ gnutls-2.0.4/doc/examples/ex-client-srp.c 2007-11-29 14:50:37.000000000 +0100 -@@ -24,6 +24,7 @@ extern void tcp_close (int sd); - int - main (void) - { -+#if 0 - int ret; - int sd, ii; - gnutls_session_t session; -@@ -121,6 +122,6 @@ end: - gnutls_certificate_free_credentials (cert_cred); - - gnutls_global_deinit (); -- -+#endif - return 0; - } diff --git a/gnutls-2.4.0-nosrp.patch b/gnutls-2.4.0-nosrp.patch new file mode 100644 index 0000000..ddfb9a5 --- /dev/null +++ b/gnutls-2.4.0-nosrp.patch @@ -0,0 +1,33 @@ +diff -up gnutls-2.4.0/lib/gnutlsxx.cpp.nosrp gnutls-2.4.0/lib/gnutlsxx.cpp +--- gnutls-2.4.0/lib/gnutlsxx.cpp.nosrp 2008-05-19 10:01:43.000000000 +0200 ++++ gnutls-2.4.0/lib/gnutlsxx.cpp 2008-06-23 20:11:26.000000000 +0200 +@@ -398,7 +398,11 @@ void session::set_credentials( credentia + + const char* server_session::get_srp_username() const + { ++#ifdef ENABLE_SRP + return gnutls_srp_server_get_username( s); ++#else ++ return NULL; ++#endif + } + + const char* server_session::get_psk_username() const +@@ -677,7 +681,7 @@ void certificate_client_credentials::set + } + + // SRP +- ++#ifdef ENABLE_SRP + srp_server_credentials::srp_server_credentials() : credentials(GNUTLS_CRD_SRP) + { + RETWRAP(gnutls_srp_allocate_server_credentials( &cred)); +@@ -721,7 +725,7 @@ void srp_client_credentials::set_credent + { + gnutls_srp_set_client_credentials_function( cred, func); + } +- ++#endif + // PSK + + psk_server_credentials::psk_server_credentials() : credentials(GNUTLS_CRD_PSK) diff --git a/gnutls.spec b/gnutls.spec index 3792d51..7b747da 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -1,7 +1,7 @@ Summary: A TLS protocol implementation Name: gnutls -Version: 2.0.4 -Release: 3%{?dist} +Version: 2.4.0 +Release: 1%{?dist} # The libgnutls library is LGPLv2+, utilities and remaining libraries are GPLv2+ License: GPLv2+ and LGPLv2+ Group: System Environment/Libraries @@ -14,8 +14,7 @@ URL: http://www.gnutls.org/ # XXX patent tainted SRP code removed. Source0: %{name}-%{version}-nosrp.tar.bz2 Source1: libgnutls-config -Patch0: gnutls-2.0.4-nosrp.patch -Patch4: gnutls-1.4.1-sa-2008-1.patch +Patch1: gnutls-2.4.0-nosrp.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: libgcrypt >= 1.2.2 @@ -56,8 +55,7 @@ manipulation tools. %prep %setup -q -%patch0 -p1 -b .nosrp -%patch4 -p1 -b .sa-2008-1 +%patch1 -p1 -b .nosrp for i in auth_srp_rsa.c auth_srp_sb64.c auth_srp_passwd.c auth_srp.c gnutls_srp.c ext_srp.c; do touch lib/$i @@ -126,6 +124,9 @@ fi %{_mandir}/man1/* %changelog +* Tue Jun 24 2008 Tomas Mraz 2.4.0-1 +- upgrade to latest upstream + * Tue May 20 2008 Tomas Mraz 2.0.4-3 - fix three security issues in gnutls handshake - GNUTLS-SA-2008-1 (#447461, #447462, #447463) diff --git a/sources b/sources index 4060fd8..40e6187 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -9227132e5e92bcf1e4d674c86779e9ef gnutls-2.0.4-nosrp.tar.bz2 +45595b7146b135fc883ca8010a6b185c gnutls-2.4.0-nosrp.tar.bz2