summaryrefslogtreecommitdiff
path: root/dev-libs/openssl
diff options
context:
space:
mode:
Diffstat (limited to 'dev-libs/openssl')
-rw-r--r--dev-libs/openssl/Manifest10
-rw-r--r--dev-libs/openssl/files/openssl-1.0.2o-CVE-2018-0732.patch39
-rw-r--r--dev-libs/openssl/files/openssl-1.0.2o-hobble-ecc.patch290
-rw-r--r--dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0732.patch39
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1_pre7-CVE-2018-0732.patch39
-rw-r--r--dev-libs/openssl/openssl-1.0.2o-r6.ebuild (renamed from dev-libs/openssl/openssl-1.0.2o-r4.ebuild)3
-rw-r--r--dev-libs/openssl/openssl-1.1.0h-r2.ebuild (renamed from dev-libs/openssl/openssl-1.1.0h-r1.ebuild)1
-rw-r--r--dev-libs/openssl/openssl-1.1.1_pre7-r1.ebuild (renamed from dev-libs/openssl/openssl-1.1.1_pre7.ebuild)1
8 files changed, 419 insertions, 3 deletions
diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest
index 3c14bfb05af4..784fa3175082 100644
--- a/dev-libs/openssl/Manifest
+++ b/dev-libs/openssl/Manifest
@@ -5,7 +5,11 @@ AUX openssl-0.9.8h-ldflags.patch 1151 BLAKE2B b215e46c380e571f153445f902803cf5d0
AUX openssl-0.9.8m-binutils.patch 684 BLAKE2B 35650e98595910d2e6b6fc846b49fecbb2a8e4a8b647bbec009a829ae4af8afdc7e7edac7a1eec8f13af1ad69b7036ca6af28bfd9509e6bba58f2b3906d6bdd5 SHA512 5e8a20111bd4809e7375c7323dab2c2edd6a131d1ec2377ee99c5e06ceb7b4b000e9606ba6d0e68cd67d8e001cc8194e11e301eace0feb066d5f3c5b331b5f04
AUX openssl-0.9.8z_p8-perl-5.26.patch 310 BLAKE2B 29c46391d127cd2b1cb3943f1bb162a8b931e455f35f9e045372102d1461e3e3fd4cf4e4f544ec06a0b46a573d2009c8decf22678df03707c2487bade64f27b5 SHA512 b8e745ff90e447b000ace9cfd5f746c1bc8f3bb8249064d1d2f1072a1a628f5a89c405c7f384c73f0310f2a2f7af672950a9b7adbc583b1ee94b41d911b8a708
AUX openssl-1.0.2a-x32-asm.patch 1561 BLAKE2B ee5e5b91e4babacff71edf36cce80fbcb2b8dbb9a7ea63a816d3a5de544fbffd8b4216d7a95bd44e718c7a83dd8b8b5ad85caed4205eab5de566b0b7e5054fc1 SHA512 fbb23393e68776e9d34953f85ba3cbb285421d50f06bd297b485c7cffc8d89ca8caff6783f21038ae668b5c75056c89dc652217ac8609b5328e2c28e70ac294c
+AUX openssl-1.0.2o-CVE-2018-0732.patch 1194 BLAKE2B bd06c5b1289f7a3dca52bbfab7ae17c9d103b07ffd2649c5b5a8cc60163aa3056e4bd86108548dfcd3690d2ef94c3e0d3a911694199b5a3822215dd01c7467d6 SHA512 ff91298629f157496a012da00ba7325923f5d087bfa54b60e205bf2dfb06374e958912e0df39dbdf39773555455c1a3afa3dcde1ddfec6e85cf89b0b62cc0eb4
+AUX openssl-1.0.2o-hobble-ecc.patch 11987 BLAKE2B 28c1217e500a9d6578dac3ee8aeb08f6e3b1d2c6749336ef05e4142828c7c4b176ec16707dcbbf97e1e2e91d51f85f2a02c076cfcc8bcef1aa9d3fd5ba50eb6a SHA512 817a5a1cbab171d9e6d3fce9c612985d2ce3f9f0b3781b3681ef42da1ac6389d8a8a11e6d696eb7f051d3bfc2d045f1999cc4076d1257b10e9fb65620aee3ee2
+AUX openssl-1.1.0h-CVE-2018-0732.patch 1192 BLAKE2B 4a13508674020519756b3d33530673527f31a66a731bb79a6081692901a7d0bf7e6e9345d7a9613407a485f4b7961de26e3c87c1cd76756449821ae4b890e472 SHA512 27d55677ff3d60cf7ae0b8f1a5fb8ab529fc9d3e7072eb4cfabd2b50aefcf9cb88291262eccf68efc44a432ba25424b25dec40dc03bb85b7c6c3003260cd5012
AUX openssl-1.1.0h-CVE-2018-0737.patch 996 BLAKE2B 4b4d6e619a508f36f4fdc00c0066d1160ff7f6cd301cd799405d37b3236ebb69b11a4ccf9baa9ea3a69f21c6fe8550b440c1a3503ec27a5a9c5d1e4d472e2b57 SHA512 833712f0ae355aed6547ccf49447d50bdb7be1ea3c3b3b51f182f6e0eb17692c78ca90341a151985b35b86800cf6229926f3e3af936741d437ab9ac5444987c0
+AUX openssl-1.1.1_pre7-CVE-2018-0732.patch 1237 BLAKE2B b1cc71eb69cebc87aa1673c98534e8b478a836b504dc3695993908fd836c485e78adf159ca9093945cec5c0b689d63a8fefd770c9a35be05ffdc1b6dcba20e91 SHA512 f2c3314066043a795325913dfb57538e701a7cde673abb34eca3f46a62fb875b25d1028b8936de7c03940dd38497a6255accc0c9dc742b933dccb463958c31aa
DIST openssl-0.9.8zh.tar.gz 3818524 BLAKE2B 610bb4858900983cf4519fa8b63f1e03b3845e39e68884fd8bebd738cd5cd6c2c75513643af49bf9e2294adc446a6516480fe9b62de55d9b6379bf9e7c5cd364 SHA512 b97fa2468211f86c0719c68ad1781eff84f772c479ed5193d6da14bac086b4ca706e7d851209d9df3f0962943b5e5333ab0def00110fb2e517caa73c0c6674c6
DIST openssl-1.0.2-patches-1.4.tar.xz 12864 BLAKE2B ace6a782ef97b61af44988f978d089adffb06894617f9d66d3fce664c04d360b2774e1dd38c2171151fa93fe92428d405674bc2d452d520f10da426f95d09aee SHA512 d152af2841f1bf11c7f2a5ebba9a2b903fb4bcdef0468c56af0f9cc8c020adbf4490ac1a62f5bae8cbe18e379934fa997bfda1c2d49ec62365c07a0c0515a72d
DIST openssl-1.0.2o.tar.gz 5329472 BLAKE2B 30226db49be04317da3a76cce68d5aa401decd198f92505bddb0c72a7ef6a79f3c9c06d4a816db734e2a0991ebcab8b207feced26d83639e50c821d9e76ddc45 SHA512 8a2c93657c85143e76785bb32ee836908c31a6f5f8db993fa9777acba6079e630cdddd03edbad65d1587199fc13a1507789eacf038b56eb99139c2091d9df7fd
@@ -22,7 +26,7 @@ DIST openssl-1.1.1-pre7.tar.gz 8308876 BLAKE2B 621cc6c541d81c2fa62e12eb75b62f144
EBUILD openssl-0.9.8z_p8-r1.ebuild 4937 BLAKE2B 4d8c960161f15f38dbcef1ba1529906d81ad1b8574c90b7e09f3b2a8f2fcfdda1d69d9c4259a7f616246fe34b5794ea08f5ef8f5cb1ecb4117784062587a1fa7 SHA512 2693d1d1cf167e0e0031d5b7b3ac2f850290ea2fa8513c8fe2f5b8c52fd5efd4296b574533165e24ddd315e271dad6e7f5b00afdf8d036864e27af62fae30e43
EBUILD openssl-0.9.8z_p8.ebuild 4860 BLAKE2B 8c78442920df3443d9601c3e9246caa838e0acbe9541b5c250a6a96253b2d28fca65878cf9cddaae62f6fab6fd6d264997b168888cfcd1e53ea90b34a804e3e2 SHA512 60bcce7807ee7d0a68df11cdb2ab76560ef23b6e3df43a506263fcbdf54d0571dcfe0d16188159d13a268425b16798eb28c3c1ed985123ae095c8ea146c1e4d6
EBUILD openssl-1.0.2o-r3.ebuild 8092 BLAKE2B 66f9d07e6757aeffde65bd525f3a6bd66c0da6b6f503778de37a8172cb37656baf0c5a501699d426b18d63d0dac5bb1e7df9ea9f7d30dc19021c15985e8f2114 SHA512 f6aa3f6a4b89aa947d78ea28b8de2c9d3efd3eae2dac98de742784542d71700b5fb68b79392523d41a06dc9784522206637ee525e9fd1635f3907af172dab7a8
-EBUILD openssl-1.0.2o-r4.ebuild 9688 BLAKE2B b26ba5064dfcfa26556f2f9fd01a5b33b23f7b6b193ae6e7c7b680db6a0ebbd184ee4555c93d98718ed02f49cbd78d048f8bc867ec26b629e826d27bcca83bac SHA512 2357e22ede357e7326bf24f13b68e55f56521863df058297cef9123286ebf112fd2bd735a1a58658b2922131c8c5e57b991eedc326d001d7fd305824663de8de
-EBUILD openssl-1.1.0h-r1.ebuild 9158 BLAKE2B c0c4257218e9ef0a2460d5b19a9d43741d3c67a4cbed2714f352951c6d051973a6851bb9a33733e539ad98f0f5be6051b4da157adb421fb79704f995b119f894 SHA512 b1e6dec42afd6c9ca00697cc7942c6b192aebf6ef914c45949c8e3592a11162ce3954b07b484166331035ce421a4dd0a6d463652ab21c25fb3bcfc14239a4cac
-EBUILD openssl-1.1.1_pre7.ebuild 7587 BLAKE2B 34eb743824c977e7b5f793a1837251dd29621ea5949497023a2254f5fad1e49fcf8b91b0962f0405f298e10e6a1b86326c0d0409cb9b4d75a795efa4f1978e52 SHA512 ab71eff89c32dea33dfe95bc52dbee60be75c837730b0324a20d13922aff380c9615576c6712971cbeba86bf2c70366e25fafaaaac20188f471eca9e7684a288
+EBUILD openssl-1.0.2o-r6.ebuild 9818 BLAKE2B 193ff450b056ceb4a496d79bd8afa1f2313918eb703de5e8c79375180ff385751f2bdd777a35d1e9d793ce3054703e785f73dc5941b0a05a4a18254d364a0593 SHA512 a15e7bf3d03c6c5fd8d9eda699d82a15ee693417844a328a0eff0ffc80593d783f589a253796dcd416496bb454938706157e85574eea7461e03c173ebef12040
+EBUILD openssl-1.1.0h-r2.ebuild 9198 BLAKE2B a65f3b3bc4104901ca271003f3363596279077273c0b2cbfd5eb54fb315db0974269673abedef3de103b2d85d436ab167cb973ae4d546ae2a4ebf4ae5f60599a SHA512 82ab0bab945bbb723c5329376c629e9dab88dc8f81d74e201f428bc5fc519d677ea21807c2d32d3517657a80db24e71170a4bed4ef4cfb25009a4d32ea9b15a3
+EBUILD openssl-1.1.1_pre7-r1.ebuild 7627 BLAKE2B 1b8929c2f8395d8296dd37f4b543eee3c49c378f6292587e7db7346d6f587d58a2d8279813978aec39fad867b872cdd8a5511233acf190c32fdf879af2b303bb SHA512 84e4a8608dfb52c6d10c74cbc80175632f35ed52b6befac88e9f27add5612933120f7d2f97c535c3a6d62370040d26614e6a0b9f2101c81637942d2146a866ba
MISC metadata.xml 1273 BLAKE2B 8eb61c2bfd56f428fa4c262972c0b140662a68c95fdf5e3101624b307985f83dc6d757fc13565e467c99188de93d90ec2db6de3719e22495da67155cbaa91aa9 SHA512 3ffb56f8bc35d71c2c67b4cb97d350825260f9d78c97f4ba9462c2b08b8ef65d7f684139e99bb2f7f32698d3cb62404567b36ce849e7dc4e7f7c5b6367c723a7
diff --git a/dev-libs/openssl/files/openssl-1.0.2o-CVE-2018-0732.patch b/dev-libs/openssl/files/openssl-1.0.2o-CVE-2018-0732.patch
new file mode 100644
index 000000000000..148e7c3bc1a1
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.0.2o-CVE-2018-0732.patch
@@ -0,0 +1,39 @@
+From 3984ef0b72831da8b3ece4745cac4f8575b19098 Mon Sep 17 00:00:00 2001
+From: Guido Vranken <guidovranken@gmail.com>
+Date: Mon, 11 Jun 2018 19:38:54 +0200
+Subject: [PATCH] Reject excessively large primes in DH key generation.
+
+CVE-2018-0732
+
+Signed-off-by: Guido Vranken <guidovranken@gmail.com>
+
+(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe)
+
+Reviewed-by: Tim Hudson <tjh@openssl.org>
+Reviewed-by: Matt Caswell <matt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/6457)
+---
+ crypto/dh/dh_key.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
+index 387558f1467..f235e0d682b 100644
+--- a/crypto/dh/dh_key.c
++++ b/crypto/dh/dh_key.c
+@@ -130,10 +130,15 @@ static int generate_key(DH *dh)
+ int ok = 0;
+ int generate_new_key = 0;
+ unsigned l;
+- BN_CTX *ctx;
++ BN_CTX *ctx = NULL;
+ BN_MONT_CTX *mont = NULL;
+ BIGNUM *pub_key = NULL, *priv_key = NULL;
+
++ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
++ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
++ return 0;
++ }
++
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+ goto err;
diff --git a/dev-libs/openssl/files/openssl-1.0.2o-hobble-ecc.patch b/dev-libs/openssl/files/openssl-1.0.2o-hobble-ecc.patch
new file mode 100644
index 000000000000..e105fe45e459
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.0.2o-hobble-ecc.patch
@@ -0,0 +1,290 @@
+Port of Fedora's Hobble-EC patches for OpenSSL 1.0 series.
+
+From https://src.fedoraproject.org/git/rpms/openssl.git
+
+Contains parts of the following patches, rediffed. The patches are on various
+different branches.
+f23 openssl-1.0.2c-ecc-suiteb.patch
+f23 openssl-1.0.2a-fips-ec.patch
+f28 openssl-1.1.0-ec-curves.patch
+
+Signed-off-By: Robin H. Johnson <robbat2@gentoo.org>
+
+diff -Nuar --exclude ec_curve.c -p openssl-1.0.2m.hobble/apps/speed.c openssl-1.0.2m.mod/apps/speed.c
+--- openssl-1.0.2m.hobble/apps/speed.c 2017-11-02 07:32:57.000000000 -0700
++++ openssl-1.0.2m.mod/apps/speed.c 2018-06-10 19:00:09.264550382 -0700
+@@ -989,10 +989,7 @@ int MAIN(int argc, char **argv)
+ } else
+ # endif
+ # ifndef OPENSSL_NO_ECDSA
+- if (strcmp(*argv, "ecdsap160") == 0)
+- ecdsa_doit[R_EC_P160] = 2;
+- else if (strcmp(*argv, "ecdsap192") == 0)
+- ecdsa_doit[R_EC_P192] = 2;
++ if (0) {}
+ else if (strcmp(*argv, "ecdsap224") == 0)
+ ecdsa_doit[R_EC_P224] = 2;
+ else if (strcmp(*argv, "ecdsap256") == 0)
+@@ -1001,36 +998,13 @@ int MAIN(int argc, char **argv)
+ ecdsa_doit[R_EC_P384] = 2;
+ else if (strcmp(*argv, "ecdsap521") == 0)
+ ecdsa_doit[R_EC_P521] = 2;
+- else if (strcmp(*argv, "ecdsak163") == 0)
+- ecdsa_doit[R_EC_K163] = 2;
+- else if (strcmp(*argv, "ecdsak233") == 0)
+- ecdsa_doit[R_EC_K233] = 2;
+- else if (strcmp(*argv, "ecdsak283") == 0)
+- ecdsa_doit[R_EC_K283] = 2;
+- else if (strcmp(*argv, "ecdsak409") == 0)
+- ecdsa_doit[R_EC_K409] = 2;
+- else if (strcmp(*argv, "ecdsak571") == 0)
+- ecdsa_doit[R_EC_K571] = 2;
+- else if (strcmp(*argv, "ecdsab163") == 0)
+- ecdsa_doit[R_EC_B163] = 2;
+- else if (strcmp(*argv, "ecdsab233") == 0)
+- ecdsa_doit[R_EC_B233] = 2;
+- else if (strcmp(*argv, "ecdsab283") == 0)
+- ecdsa_doit[R_EC_B283] = 2;
+- else if (strcmp(*argv, "ecdsab409") == 0)
+- ecdsa_doit[R_EC_B409] = 2;
+- else if (strcmp(*argv, "ecdsab571") == 0)
+- ecdsa_doit[R_EC_B571] = 2;
+ else if (strcmp(*argv, "ecdsa") == 0) {
+- for (i = 0; i < EC_NUM; i++)
++ for (i = R_EC_P224; i < R_EC_P521; i++)
+ ecdsa_doit[i] = 1;
+ } else
+ # endif
+ # ifndef OPENSSL_NO_ECDH
+- if (strcmp(*argv, "ecdhp160") == 0)
+- ecdh_doit[R_EC_P160] = 2;
+- else if (strcmp(*argv, "ecdhp192") == 0)
+- ecdh_doit[R_EC_P192] = 2;
++ if (0) {}
+ else if (strcmp(*argv, "ecdhp224") == 0)
+ ecdh_doit[R_EC_P224] = 2;
+ else if (strcmp(*argv, "ecdhp256") == 0)
+@@ -1039,28 +1013,8 @@ int MAIN(int argc, char **argv)
+ ecdh_doit[R_EC_P384] = 2;
+ else if (strcmp(*argv, "ecdhp521") == 0)
+ ecdh_doit[R_EC_P521] = 2;
+- else if (strcmp(*argv, "ecdhk163") == 0)
+- ecdh_doit[R_EC_K163] = 2;
+- else if (strcmp(*argv, "ecdhk233") == 0)
+- ecdh_doit[R_EC_K233] = 2;
+- else if (strcmp(*argv, "ecdhk283") == 0)
+- ecdh_doit[R_EC_K283] = 2;
+- else if (strcmp(*argv, "ecdhk409") == 0)
+- ecdh_doit[R_EC_K409] = 2;
+- else if (strcmp(*argv, "ecdhk571") == 0)
+- ecdh_doit[R_EC_K571] = 2;
+- else if (strcmp(*argv, "ecdhb163") == 0)
+- ecdh_doit[R_EC_B163] = 2;
+- else if (strcmp(*argv, "ecdhb233") == 0)
+- ecdh_doit[R_EC_B233] = 2;
+- else if (strcmp(*argv, "ecdhb283") == 0)
+- ecdh_doit[R_EC_B283] = 2;
+- else if (strcmp(*argv, "ecdhb409") == 0)
+- ecdh_doit[R_EC_B409] = 2;
+- else if (strcmp(*argv, "ecdhb571") == 0)
+- ecdh_doit[R_EC_B571] = 2;
+ else if (strcmp(*argv, "ecdh") == 0) {
+- for (i = 0; i < EC_NUM; i++)
++ for (i = R_EC_P224; i <= R_EC_P521; i++)
+ ecdh_doit[i] = 1;
+ } else
+ # endif
+@@ -1149,21 +1103,13 @@ int MAIN(int argc, char **argv)
+ BIO_printf(bio_err, "dsa512 dsa1024 dsa2048\n");
+ # endif
+ # ifndef OPENSSL_NO_ECDSA
+- BIO_printf(bio_err, "ecdsap160 ecdsap192 ecdsap224 "
++ BIO_printf(bio_err, "ecdsap224 "
+ "ecdsap256 ecdsap384 ecdsap521\n");
+- BIO_printf(bio_err,
+- "ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
+- BIO_printf(bio_err,
+- "ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n");
+ BIO_printf(bio_err, "ecdsa\n");
+ # endif
+ # ifndef OPENSSL_NO_ECDH
+- BIO_printf(bio_err, "ecdhp160 ecdhp192 ecdhp224 "
++ BIO_printf(bio_err, "ecdhp224 "
+ "ecdhp256 ecdhp384 ecdhp521\n");
+- BIO_printf(bio_err,
+- "ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n");
+- BIO_printf(bio_err,
+- "ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571\n");
+ BIO_printf(bio_err, "ecdh\n");
+ # endif
+
+@@ -1242,11 +1188,11 @@ int MAIN(int argc, char **argv)
+ for (i = 0; i < DSA_NUM; i++)
+ dsa_doit[i] = 1;
+ # ifndef OPENSSL_NO_ECDSA
+- for (i = 0; i < EC_NUM; i++)
++ for (i = R_EC_P224; i <= R_EC_P521; i++)
+ ecdsa_doit[i] = 1;
+ # endif
+ # ifndef OPENSSL_NO_ECDH
+- for (i = 0; i < EC_NUM; i++)
++ for (i = R_EC_P224; i <= R_EC_P521; i++)
+ ecdh_doit[i] = 1;
+ # endif
+ }
+diff -Nuar --exclude ec_curve.c -p openssl-1.0.2m.hobble/crypto/ec/ecp_smpl.c openssl-1.0.2m.mod/crypto/ec/ecp_smpl.c
+--- openssl-1.0.2m.hobble/crypto/ec/ecp_smpl.c 2017-11-02 07:32:57.000000000 -0700
++++ openssl-1.0.2m.mod/crypto/ec/ecp_smpl.c 2018-06-10 18:45:36.909911848 -0700
+@@ -187,6 +187,11 @@ int ec_GFp_simple_group_set_curve(EC_GRO
+ return 0;
+ }
+
++ if (BN_num_bits(p) < 224) {
++ ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
++ return 0;
++ }
++
+ if (ctx == NULL) {
+ ctx = new_ctx = BN_CTX_new();
+ if (ctx == NULL)
+diff -Nuar --exclude ec_curve.c -p openssl-1.0.2m.hobble/ssl/t1_lib.c openssl-1.0.2m.mod/ssl/t1_lib.c
+--- openssl-1.0.2m.hobble/ssl/t1_lib.c 2017-11-02 07:32:58.000000000 -0700
++++ openssl-1.0.2m.mod/ssl/t1_lib.c 2018-06-10 18:46:55.329811812 -0700
+@@ -271,10 +271,7 @@ static const unsigned char eccurves_auto
+ 0, 23, /* secp256r1 (23) */
+ /* Other >= 256-bit prime curves. */
+ 0, 25, /* secp521r1 (25) */
+- 0, 28, /* brainpool512r1 (28) */
+- 0, 27, /* brainpoolP384r1 (27) */
+ 0, 24, /* secp384r1 (24) */
+- 0, 26, /* brainpoolP256r1 (26) */
+ 0, 22, /* secp256k1 (22) */
+ # ifndef OPENSSL_NO_EC2M
+ /* >= 256-bit binary curves. */
+@@ -292,10 +289,7 @@ static const unsigned char eccurves_all[
+ 0, 23, /* secp256r1 (23) */
+ /* Other >= 256-bit prime curves. */
+ 0, 25, /* secp521r1 (25) */
+- 0, 28, /* brainpool512r1 (28) */
+- 0, 27, /* brainpoolP384r1 (27) */
+ 0, 24, /* secp384r1 (24) */
+- 0, 26, /* brainpoolP256r1 (26) */
+ 0, 22, /* secp256k1 (22) */
+ # ifndef OPENSSL_NO_EC2M
+ /* >= 256-bit binary curves. */
+@@ -310,13 +304,6 @@ static const unsigned char eccurves_all[
+ * Remaining curves disabled by default but still permitted if set
+ * via an explicit callback or parameters.
+ */
+- 0, 20, /* secp224k1 (20) */
+- 0, 21, /* secp224r1 (21) */
+- 0, 18, /* secp192k1 (18) */
+- 0, 19, /* secp192r1 (19) */
+- 0, 15, /* secp160k1 (15) */
+- 0, 16, /* secp160r1 (16) */
+- 0, 17, /* secp160r2 (17) */
+ # ifndef OPENSSL_NO_EC2M
+ 0, 8, /* sect239k1 (8) */
+ 0, 6, /* sect233k1 (6) */
+@@ -351,29 +338,21 @@ static const unsigned char fips_curves_d
+ 0, 9, /* sect283k1 (9) */
+ 0, 10, /* sect283r1 (10) */
+ # endif
+- 0, 22, /* secp256k1 (22) */
+ 0, 23, /* secp256r1 (23) */
+ # ifndef OPENSSL_NO_EC2M
+ 0, 8, /* sect239k1 (8) */
+ 0, 6, /* sect233k1 (6) */
+ 0, 7, /* sect233r1 (7) */
+ # endif
+- 0, 20, /* secp224k1 (20) */
+- 0, 21, /* secp224r1 (21) */
+ # ifndef OPENSSL_NO_EC2M
+ 0, 4, /* sect193r1 (4) */
+ 0, 5, /* sect193r2 (5) */
+ # endif
+- 0, 18, /* secp192k1 (18) */
+- 0, 19, /* secp192r1 (19) */
+ # ifndef OPENSSL_NO_EC2M
+ 0, 1, /* sect163k1 (1) */
+ 0, 2, /* sect163r1 (2) */
+ 0, 3, /* sect163r2 (3) */
+ # endif
+- 0, 15, /* secp160k1 (15) */
+- 0, 16, /* secp160r1 (16) */
+- 0, 17, /* secp160r2 (17) */
+ };
+ # endif
+
+diff -up openssl-1.0.2a/crypto/ecdh/ecdhtest.c.fips-ec openssl-1.0.2a/crypto/ecdh/ecdhtest.c
+--- openssl-1.0.2a/crypto/ecdh/ecdhtest.c.fips-ec 2015-03-19 14:30:36.000000000 +0100
++++ openssl-1.0.2a/crypto/ecdh/ecdhtest.c 2015-04-22 19:00:19.721884512 +0200
+@@ -501,11 +501,13 @@ int main(int argc, char *argv[])
+ goto err;
+
+ /* NIST PRIME CURVES TESTS */
++# if 0
+ if (!test_ecdh_curve
+ (NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out))
+ goto err;
+ if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out))
+ goto err;
++# endif
+ if (!test_ecdh_curve
+ (NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out))
+ goto err;
+@@ -536,13 +538,14 @@ int main(int argc, char *argv[])
+ if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out))
+ goto err;
+ # endif
++# if 0
+ if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP256r1", 256))
+ goto err;
+ if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP384r1", 384))
+ goto err;
+ if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP512r1", 512))
+ goto err;
+-
++# endif
+ ret = 0;
+
+ err:
+diff -up openssl-1.0.2a/crypto/ecdsa/ecdsatest.c.fips-ec openssl-1.0.2a/crypto/ecdsa/ecdsatest.c
+--- openssl-1.0.2a/crypto/ecdsa/ecdsatest.c.fips-ec 2015-03-19 14:19:00.000000000 +0100
++++ openssl-1.0.2a/crypto/ecdsa/ecdsatest.c 2015-04-22 19:00:19.722884536 +0200
+@@ -138,11 +138,14 @@ int restore_rand(void)
+ }
+
+ static int fbytes_counter = 0;
+-static const char *numbers[8] = {
++static const char *numbers[10] = {
++ "651056770906015076056810763456358567190100156695615665659",
+ "651056770906015076056810763456358567190100156695615665659",
+ "6140507067065001063065065565667405560006161556565665656654",
+ "8763001015071075675010661307616710783570106710677817767166"
+ "71676178726717",
++ "8763001015071075675010661307616710783570106710677817767166"
++ "71676178726717",
+ "7000000175690566466555057817571571075705015757757057795755"
+ "55657156756655",
+ "1275552191113212300012030439187146164646146646466749494799",
+@@ -158,7 +161,7 @@ int fbytes(unsigned char *buf, int num)
+ int ret;
+ BIGNUM *tmp = NULL;
+
+- if (fbytes_counter >= 8)
++ if (fbytes_counter >= 10)
+ return 0;
+ tmp = BN_new();
+ if (!tmp)
+@@ -532,8 +535,10 @@ int main(void)
+ RAND_seed(rnd_seed, sizeof(rnd_seed));
+
+ /* the tests */
++# if 0
+ if (!x9_62_tests(out))
+ goto err;
++# endif
+ if (!test_builtin(out))
+ goto err;
+
diff --git a/dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0732.patch b/dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0732.patch
new file mode 100644
index 000000000000..e7dfba43f2a5
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0732.patch
@@ -0,0 +1,39 @@
+From ea7abeeabf92b7aca160bdd0208636d4da69f4f4 Mon Sep 17 00:00:00 2001
+From: Guido Vranken <guidovranken@gmail.com>
+Date: Mon, 11 Jun 2018 19:38:54 +0200
+Subject: [PATCH] Reject excessively large primes in DH key generation.
+
+CVE-2018-0732
+
+Signed-off-by: Guido Vranken <guidovranken@gmail.com>
+
+(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe)
+
+Reviewed-by: Tim Hudson <tjh@openssl.org>
+Reviewed-by: Matt Caswell <matt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/6457)
+---
+ crypto/dh/dh_key.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
+index fce9ff47f36..58003d70878 100644
+--- a/crypto/dh/dh_key.c
++++ b/crypto/dh/dh_key.c
+@@ -78,10 +78,15 @@ static int generate_key(DH *dh)
+ int ok = 0;
+ int generate_new_key = 0;
+ unsigned l;
+- BN_CTX *ctx;
++ BN_CTX *ctx = NULL;
+ BN_MONT_CTX *mont = NULL;
+ BIGNUM *pub_key = NULL, *priv_key = NULL;
+
++ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
++ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
++ return 0;
++ }
++
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+ goto err;
diff --git a/dev-libs/openssl/files/openssl-1.1.1_pre7-CVE-2018-0732.patch b/dev-libs/openssl/files/openssl-1.1.1_pre7-CVE-2018-0732.patch
new file mode 100644
index 000000000000..6c336f2507a7
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1_pre7-CVE-2018-0732.patch
@@ -0,0 +1,39 @@
+From 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe Mon Sep 17 00:00:00 2001
+From: Guido Vranken <guidovranken@gmail.com>
+Date: Mon, 11 Jun 2018 19:38:54 +0200
+Subject: [PATCH] Reject excessively large primes in DH key generation.
+
+CVE-2018-0732
+
+Signed-off-by: Guido Vranken <guidovranken@gmail.com>
+
+Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
+Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
+Reviewed-by: Rich Salz <rsalz@openssl.org>
+Reviewed-by: Matt Caswell <matt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/6457)
+---
+ crypto/dh/dh_key.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
+index 6901548ed69..752542b5563 100644
+--- a/crypto/dh/dh_key.c
++++ b/crypto/dh/dh_key.c
+@@ -78,10 +78,15 @@ static int generate_key(DH *dh)
+ int ok = 0;
+ int generate_new_key = 0;
+ unsigned l;
+- BN_CTX *ctx;
++ BN_CTX *ctx = NULL;
+ BN_MONT_CTX *mont = NULL;
+ BIGNUM *pub_key = NULL, *priv_key = NULL;
+
++ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
++ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
++ return 0;
++ }
++
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+ goto err;
diff --git a/dev-libs/openssl/openssl-1.0.2o-r4.ebuild b/dev-libs/openssl/openssl-1.0.2o-r6.ebuild
index 335dce5ded3c..f7ae84bae162 100644
--- a/dev-libs/openssl/openssl-1.0.2o-r4.ebuild
+++ b/dev-libs/openssl/openssl-1.0.2o-r6.ebuild
@@ -39,6 +39,7 @@ PDEPEND="app-misc/ca-certificates"
SOURCE1=hobble-openssl
SOURCE12=ec_curve.c
SOURCE13=ectest.c
+# These are ported instead
#PATCH1=openssl-1.1.0-build.patch # Fixes EVP testcase for EC
#PATCH37=openssl-1.1.0-ec-curves.patch
FEDORA_GIT_BASE='https://src.fedoraproject.org/cgit/rpms/openssl.git/plain/'
@@ -73,6 +74,7 @@ src_prepare() {
for i in "${FEDORA_PATCH[@]}" ; do
eapply "${DISTDIR}"/"${i}"
done
+ eapply "${FILESDIR}"/openssl-1.0.2o-hobble-ecc.patch
# Also see the configure parts below:
# enable-ec \
# $(use_ssl !bindist ec2m) \
@@ -88,6 +90,7 @@ src_prepare() {
if ! use vanilla ; then
eapply "${WORKDIR}"/patch/*.patch
+ eapply "${FILESDIR}"/${P}-CVE-2018-0732.patch
fi
eapply_user
diff --git a/dev-libs/openssl/openssl-1.1.0h-r1.ebuild b/dev-libs/openssl/openssl-1.1.0h-r2.ebuild
index 6e38d19eaf54..5881fe74d35e 100644
--- a/dev-libs/openssl/openssl-1.1.0h-r1.ebuild
+++ b/dev-libs/openssl/openssl-1.1.0h-r2.ebuild
@@ -57,6 +57,7 @@ MULTILIB_WRAPPED_HEADERS=(
PATCHES=(
"${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618
"${FILESDIR}"/${P}-CVE-2018-0737.patch
+ "${FILESDIR}"/${P}-CVE-2018-0732.patch
)
src_prepare() {
diff --git a/dev-libs/openssl/openssl-1.1.1_pre7.ebuild b/dev-libs/openssl/openssl-1.1.1_pre7-r1.ebuild
index e022bf39b778..d7246b0d043e 100644
--- a/dev-libs/openssl/openssl-1.1.1_pre7.ebuild
+++ b/dev-libs/openssl/openssl-1.1.1_pre7-r1.ebuild
@@ -36,6 +36,7 @@ MULTILIB_WRAPPED_HEADERS=(
PATCHES=(
"${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618
+ "${FILESDIR}"/${P}-CVE-2018-0732.patch
)
src_prepare() {