Index: head/security/openssl111/Makefile =================================================================== --- head/security/openssl111/Makefile (revision 494995) +++ head/security/openssl111/Makefile (revision 494996) @@ -1,161 +1,161 @@ # Created by: Dirk Froemberg # $FreeBSD$ PORTNAME= openssl PORTVERSION= 1.1.1b +PORTREVISION= 1 CATEGORIES= security devel MASTER_SITES= https://www.openssl.org/source/ \ ftp://ftp.cert.dfn.de/pub/tools/net/openssl/source/ PKGNAMESUFFIX= 111 MAINTAINER= brnrd@FreeBSD.org COMMENT= TLSv1.3 capable SSL and crypto library LICENSE= OpenSSL LICENSE_FILE= ${WRKSRC}/LICENSE CONFLICTS_INSTALL= libressl-[0-9]* \ libressl-devel-[0-9]* \ openssl-[0-9]* HAS_CONFIGURE= yes CONFIGURE_SCRIPT= config CONFIGURE_ENV= PERL="${PERL}" CONFIGURE_ARGS= --openssldir=${OPENSSLDIR} \ --prefix=${PREFIX} USES= cpe perl5 USE_PERL5= build TEST_TARGET= test LDFLAGS_i386= -Wl,-znotext -#LDFLAGS= ${LDFLAGS_${ARCH}} MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive CNF_LDFLAGS="${LDFLAGS}" MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS= OPTIONS_GROUP= CIPHERS HASHES OPTIMIZE PROTOCOLS OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM2 SM3 SM4 RC2 RC4 RC5 OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS OPTIONS_DEFINE_i386= I386 OPTIONS_GROUP_PROTOCOLS=NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1 TLS1_2 OPTIONS_DEFINE= ASYNC CT MAN3 RFC3779 SHARED ZLIB OPTIONS_DEFAULT=ASM ASYNC CT GOST DES EC MAN3 MD4 NEXTPROTONEG RC2 RC4 \ RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1 TLS1_2 OPTIONS_GROUP_OPTIMIZE_amd64= EC .if ${MACHINE_ARCH} == "amd64" OPTIONS_GROUP_OPTIMIZE+= EC .elif ${MACHINE_ARCH} == "mips64el" OPTIONS_GROUP_OPTIMIZE+= EC .endif OPTIONS_SUB= yes ARIA_DESC= ARIA (South Korean standard) ASM_DESC= Assembler code ASYNC_DESC= Asynchronous mode CIPHERS_DESC= Block Cipher Support CT_DESC= Certificate Transparency Support DES_DESC= (Triple) Data Encryption Standard EC_DESC= Optimize NIST elliptic curves GOST_DESC= GOST (Russian standard) HASHES_DESC= Hash Function Support I386_DESC= i386 (instead of i486+) IDEA_DESC= International Data Encryption Algorithm MAN3_DESC= Install API manpages (section 3) MD2_DESC= MD2 (obsolete) MD4_DESC= MD4 (unsafe) MDC2_DESC= MDC-2 (patented, requires DES) NEXTPROTONEG_DESC= Next Protocol Negotiation (SPDY) OPTIMIZE_DESC= Optimizations PROTOCOLS_DESC= Protocol Support RC2_DESC= RC2 (unsafe) RC4_DESC= RC4 (unsafe) RC5_DESC= RC5 (patented) RMD160_DESC= RIPEMD-160 RFC3779_DESC= RFC3779 support (BGP) SCTP_DESC= SCTP (Stream Control Transmission) SHARED_DESC= Build shared libraries SM2_DESC= SM2 (Chinese standard) SM3_DESC= SM3 (Chinese standard) SM4_DESC= SM4 (Chinese standard) SSE2_DESC= Runtime SSE2 detection SSL3_DESC= SSLv3 (unsafe) TLS1_DESC= TLSv1.0 (requires TLS1_1, TLS1_2) TLS1_1_DESC= TLSv1.1 (requires TLS1_2) TLS1_2_DESC= TLSv1.2 ZLIB_DESC= zlib compression support # Upstream default disabled options .for _option in md2 rc5 sctp ssl3 zlib ${_option:tu}_CONFIGURE_ON= enable-${_option} .endfor # Upstream default enabled options .for _option in aria asm async ct des gost idea md4 mdc2 nextprotoneg \ rfc3779 rmd160 shared sm2 sm3 sm4 sse2 threads tls1 tls1_1 tls1_2 ${_option:tu}_CONFIGURE_OFF= no-${_option} .endfor MDC2_IMPLIES= DES TLS1_IMPLIES= TLS1_1 TLS1_1_IMPLIES= TLS1_2 EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128 I386_CONFIGURE_ON= 386 MAN3_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-util_process__docs.pl SHARED_MAKE_ENV= SHLIBVER=${OPENSSL_SHLIBVER} SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER} SHARED_USE= ldconfig=yes SSL3_CONFIGURE_ON+= enable-ssl3-method ZLIB_CONFIGURE_ON= zlib-dynamic .include .if ${PREFIX} == /usr IGNORE= the OpenSSL port can not be installed over the base version .endif OPENSSLDIR?= ${PREFIX}/openssl PLIST_SUB+= OPENSSLDIR=${OPENSSLDIR:S=^${PREFIX}/==} .include "version.mk" .if ${PORT_OPTIONS:MASM} BROKEN_sparc64= option ASM generates illegal instructions .endif post-patch: ${REINPLACE_CMD} \ -e 's|^MANDIR=.*$$|MANDIR=$$(INSTALLTOP)/man|' \ -e 's| install_html_docs$$||' \ -e 's|$$(LIBDIR)/pkgconfig|libdata/pkgconfig|g' \ ${WRKSRC}/Configurations/unix-Makefile.tmpl ${REINPLACE_CMD} -e 's|\^GNU ld|GNU|' ${WRKSRC}/Configurations/shared-info.pl post-configure: ${REINPLACE_CMD} \ -e 's|SHLIB_VERSION_NUMBER=1.1|SHLIB_VERSION_NUMBER=${OPENSSL_SHLIBVER}|' \ ${WRKSRC}/Makefile ${REINPLACE_CMD} \ -e 's|SHLIB_VERSION_NUMBER "1.1"|SHLIB_VERSION_NUMBER "${OPENSSL_SHLIBVER}"|' \ ${WRKSRC}/include/openssl/opensslv.h post-install-SHARED-on: .for i in libcrypto libssl ${INSTALL_DATA} ${WRKSRC}/$i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/$i.so.${OPENSSL_SHLIBVER} ${LN} -sf $i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib/$i.so .endfor .for i in capi padlock ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/engines-1.1/${i}.so .endfor post-install: ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/openssl .include Index: head/security/openssl111/files/patch-CVE-2019-1543 =================================================================== --- head/security/openssl111/files/patch-CVE-2019-1543 (nonexistent) +++ head/security/openssl111/files/patch-CVE-2019-1543 (revision 494996) @@ -0,0 +1,66 @@ +From f426625b6ae9a7831010750490a5f0ad689c5ba3 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Tue, 5 Mar 2019 14:39:15 +0000 +Subject: [PATCH] Prevent over long nonces in ChaCha20-Poly1305 + +ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for +every encryption operation. RFC 7539 specifies that the nonce value (IV) +should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and +front pads the nonce with 0 bytes if it is less than 12 bytes. However it +also incorrectly allows a nonce to be set of up to 16 bytes. In this case +only the last 12 bytes are significant and any additional leading bytes are +ignored. + +It is a requirement of using this cipher that nonce values are unique. +Messages encrypted using a reused nonce value are susceptible to serious +confidentiality and integrity attacks. If an application changes the +default nonce length to be longer than 12 bytes and then makes a change to +the leading bytes of the nonce expecting the new value to be a new unique +nonce then such an application could inadvertently encrypt messages with a +reused nonce. + +Additionally the ignored bytes in a long nonce are not covered by the +integrity guarantee of this cipher. Any application that relies on the +integrity of these ignored leading bytes of a long nonce may be further +affected. + +Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe +because no such use sets such a long nonce value. However user +applications that use this cipher directly and set a non-default nonce +length to be longer than 12 bytes may be vulnerable. + +CVE-2019-1543 + +Fixes #8345 + +Reviewed-by: Paul Dale +Reviewed-by: Richard Levitte +(Merged from https://github.com/openssl/openssl/pull/8406) + +(cherry picked from commit 2a3d0ee9d59156c48973592331404471aca886d6) +--- + crypto/evp/e_chacha20_poly1305.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c +index c1917bb86a6..d3e2c622a1b 100644 +--- crypto/evp/e_chacha20_poly1305.c.orig ++++ crypto/evp/e_chacha20_poly1305.c +@@ -30,6 +30,8 @@ typedef struct { + + #define data(ctx) ((EVP_CHACHA_KEY *)(ctx)->cipher_data) + ++#define CHACHA20_POLY1305_MAX_IVLEN 12 ++ + static int chacha_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char user_key[CHACHA_KEY_SIZE], + const unsigned char iv[CHACHA_CTR_SIZE], int enc) +@@ -533,7 +535,7 @@ static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + return 1; + + case EVP_CTRL_AEAD_SET_IVLEN: +- if (arg <= 0 || arg > CHACHA_CTR_SIZE) ++ if (arg <= 0 || arg > CHACHA20_POLY1305_MAX_IVLEN) + return 0; + actx->nonce_len = arg; + return 1; Property changes on: head/security/openssl111/files/patch-CVE-2019-1543 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property