Pull in security fix from basesrc by itojun. Commit message was:

fix PRNG weakness. the workaround presented on bugtraq posting. Update to 0.9.6nb1.
2001-07-11 01:26:10 +00:00 · 2001-07-11 01:26:10 +00:00 · 12743c91d4
commit 12743c91d4
parent 10cba67464
3 changed files with 86 additions and 2 deletions
--- a/security/openssl/Makefile
+++ b/security/openssl/Makefile
@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.42 2001/07/10 15:08:32 tron Exp $
+# $NetBSD: Makefile,v 1.43 2001/07/11 01:26:10 wiz Exp $

 DISTNAME=		openssl-0.9.6
+PKGNAME=		${DISTNAME}nb1
 CATEGORIES=		security
 MASTER_SITES=		ftp://ftp.openssl.org/source/ \
 			ftp://ftp.uni-trier.de/pub/unix/security/openssl/
--- a/security/openssl/distinfo
+++ b/security/openssl/distinfo
@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.4 2001/05/11 22:24:16 tron Exp $
+$NetBSD: distinfo,v 1.5 2001/07/11 01:26:10 wiz Exp $

 SHA1 (openssl-0.9.6.tar.gz) = d69c964d58535343787a3b8ac38a48772704304c
 Size (openssl-0.9.6.tar.gz) = 2086131 bytes
 SHA1 (openssl-0.9.6-netbsd.patch.gz) = 8e26b84cdbe722878b5cd43d66faa5d519be6506
 Size (openssl-0.9.6-netbsd.patch.gz) = 2729 bytes
 SHA1 (patch-aa) = c96fb67876b9bd8b5c0c091de209d8f60498126b
+SHA1 (patch-ab) = 8d26b010967d2d5d464708baf7bd7672ab064fc3
 SHA1 (patch-ai) = d0f21b594a3343567f7cbea00e71c5319a877782
 SHA1 (patch-aj) = 157a09410949f85f4a7b0bb878a382c8cd76772c
--- a/security/openssl/patches/patch-ab
+++ b/security/openssl/patches/patch-ab
@ -0,0 +1,82 @@
+$NetBSD: patch-ab,v 1.7 2001/07/11 01:26:10 wiz Exp $
+
+--- crypto/rand/md_rand.c.orig	Mon Sep 11 14:42:39 2000
+++ crypto/rand/md_rand.c
+@@ -308,6 +308,7 @@
+ 	{
+ 	static volatile int stirred_pool = 0;
+ 	int i,j,k,st_num,st_idx;
+	int num_ceil;
+ 	int ok;
+ 	long md_c[2];
+ 	unsigned char local_md[MD_DIGEST_LENGTH];
+@@ -328,6 +329,12 @@
+ 		}
+ #endif
+ 
+	if (num <= 0)
+		return 1;
+	
+	/* round upwards to multiple of MD_DIGEST_LENGTH/2 */
+	num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2);
+
+ 	/*
+ 	 * (Based on the rand(3) manpage:)
+ 	 *
+@@ -409,11 +416,11 @@
+ 	md_c[1] = md_count[1];
+ 	memcpy(local_md, md, sizeof md);
+ 
+-	state_index+=num;
+	state_index+=num_ceil;
+ 	if (state_index > state_num)
+ 		state_index %= state_num;
+ 
+-	/* state[st_idx], ..., state[(st_idx + num - 1) % st_num]
+	/* state[st_idx], ..., state[(st_idx + num_ceil - 1) % st_num]
+ 	 * are now ours (but other threads may use them too) */
+ 
+ 	md_count[0] += 1;
+@@ -424,6 +431,7 @@
+ 
+ 	while (num > 0)
+ 		{
+		/* num_ceil -= MD_DIGEST_LENGTH/2 */
+ 		j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
+ 		num-=j;
+ 		MD_Init(&m);
+@@ -434,27 +442,28 @@
+ 			curr_pid = 0;
+ 			}
+ #endif
+-		MD_Update(&m,&(local_md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2);
+		MD_Update(&m,local_md,MD_DIGEST_LENGTH);
+ 		MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
+ #ifndef PURIFY
+ 		MD_Update(&m,buf,j); /* purify complains */
+ #endif
+-		k=(st_idx+j)-st_num;
+		k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
+ 		if (k > 0)
+ 			{
+-			MD_Update(&m,&(state[st_idx]),j-k);
+			MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k);
+ 			MD_Update(&m,&(state[0]),k);
+ 			}
+ 		else
+-			MD_Update(&m,&(state[st_idx]),j);
+			MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2);
+ 		MD_Final(local_md,&m);
+ 
+-		for (i=0; i<j; i++)
+		for (i=0; i<MD_DIGEST_LENGTH/2; i++)
+ 			{
+ 			state[st_idx++]^=local_md[i]; /* may compete with other threads */
+-			*(buf++)=local_md[i+MD_DIGEST_LENGTH/2];
+ 			if (st_idx >= st_num)
+ 				st_idx=0;
+			if (i < j)
+				*(buf++)=local_md[i+MD_DIGEST_LENGTH/2];
+ 			}
+ 		}
+