[rpms/openssl] rebase_40beta: pull in upstream patch for CVE-2014-0160

[rpms/openssl] rebase_40beta: pull in upstream patch for CVE-2014-0160

[Dennis Gilmore]

            A new commit has been pushed.

            Repo   : rpms/openssl
            Branch : rebase_40beta
            Commit : e55cd2c0e4f76ecc25d452b657e131c42ee78b70
            Author : Dennis Gilmore <dennis@ausil.us>
            Date   : 2014-04-07T19:20:31-05:00
            Stats  : +116/-1 in 2 file(s)
            URL    : https://src.fedoraproject.org/rpms/openssl/c/e55cd2c0e4f76ecc25d452b657e131c42ee78b70?branch=rebase_40beta

            Log:
            pull in upstream patch for CVE-2014-0160

- removed CHANGES file portion from patch for expediency

---
diff --git a/openssl.git-96db902.patch b/openssl.git-96db902.patch
new file mode 100644
index 0000000..6fed32a
--- /dev/null
+++ b/openssl.git-96db902.patch
@@ -0,0 +1,108 @@
+From: Dr. Stephen Henson <steve@openssl.org>
+Date: Sat, 5 Apr 2014 23:51:06 +0000 (+0100)
+Subject: Add heartbeat extension bounds check.
+X-Git-Tag: OpenSSL_1_0_1g~3
+X-Git-Url: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=96db902
+
+Add heartbeat extension bounds check.
+
+A missing bounds check in the handling of the TLS heartbeat extension
+can be used to reveal up to 64k of memory to a connected client or
+server.
+
+Thanks for Neel Mehta of Google Security for discovering this bug and to
+Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
+preparing the fix (CVE-2014-0160)
+---
+
+diff --git a/ssl/d1_both.c b/ssl/d1_both.c
+index 7a5596a..2e8cf68 100644
+--- a/ssl/d1_both.c
++++ b/ssl/d1_both.c
+@@ -1459,26 +1459,36 @@ dtls1_process_heartbeat(SSL *s)
+ 	unsigned int payload;
+ 	unsigned int padding = 16; /* Use minimum padding */
+ 
+-	/* Read type and payload length first */
+-	hbtype = *p++;
+-	n2s(p, payload);
+-	pl = p;
+-
+ 	if (s->msg_callback)
+ 		s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+ 			&s->s3->rrec.data[0], s->s3->rrec.length,
+ 			s, s->msg_callback_arg);
+ 
++	/* Read type and payload length first */
++	if (1 + 2 + 16 > s->s3->rrec.length)
++		return 0; /* silently discard */
++	hbtype = *p++;
++	n2s(p, payload);
++	if (1 + 2 + payload + 16 > s->s3->rrec.length)
++		return 0; /* silently discard per RFC 6520 sec. 4 */
++	pl = p;
++
+ 	if (hbtype == TLS1_HB_REQUEST)
+ 		{
+ 		unsigned char *buffer, *bp;
++		unsigned int write_length = 1 /* heartbeat type */ +
++					    2 /* heartbeat length */ +
++					    payload + padding;
+ 		int r;
+ 
++		if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
++			return 0;
++
+ 		/* Allocate memory for the response, size is 1 byte
+ 		 * message type, plus 2 bytes payload length, plus
+ 		 * payload, plus padding
+ 		 */
+-		buffer = OPENSSL_malloc(1 + 2 + payload + padding);
++		buffer = OPENSSL_malloc(write_length);
+ 		bp = buffer;
+ 
+ 		/* Enter response type, length and copy payload */
+@@ -1489,11 +1499,11 @@ dtls1_process_heartbeat(SSL *s)
+ 		/* Random padding */
+ 		RAND_pseudo_bytes(bp, padding);
+ 
+-		r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
++		r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
+ 
+ 		if (r >= 0 && s->msg_callback)
+ 			s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+-				buffer, 3 + payload + padding,
++				buffer, write_length,
+ 				s, s->msg_callback_arg);
+ 
+ 		OPENSSL_free(buffer);
+diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
+index b82fada..bddffd9 100644
+--- a/ssl/t1_lib.c
++++ b/ssl/t1_lib.c
+@@ -2588,16 +2588,20 @@ tls1_process_heartbeat(SSL *s)
+ 	unsigned int payload;
+ 	unsigned int padding = 16; /* Use minimum padding */
+ 
+-	/* Read type and payload length first */
+-	hbtype = *p++;
+-	n2s(p, payload);
+-	pl = p;
+-
+ 	if (s->msg_callback)
+ 		s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+ 			&s->s3->rrec.data[0], s->s3->rrec.length,
+ 			s, s->msg_callback_arg);
+ 
++	/* Read type and payload length first */
++	if (1 + 2 + 16 > s->s3->rrec.length)
++		return 0; /* silently discard */
++	hbtype = *p++;
++	n2s(p, payload);
++	if (1 + 2 + payload + 16 > s->s3->rrec.length)
++		return 0; /* silently discard per RFC 6520 sec. 4 */
++	pl = p;
++
+ 	if (hbtype == TLS1_HB_REQUEST)
+ 		{
+ 		unsigned char *buffer, *bp;

diff --git a/openssl.spec b/openssl.spec
index 69f058c..e807e50 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -23,7 +23,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.1e
-Release: 43%{?dist}
+Release: 44%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -94,6 +94,8 @@ Patch86: openssl-1.0.1e-cve-2013-6449.patch
 Patch87: openssl-1.0.1e-cve-2013-6450.patch
 Patch88: openssl-1.0.1e-cve-2013-4353.patch
 Patch89: openssl-1.0.1e-ephemeral-key-size.patch
+# upstream patch for CVE-2014-0160
+Patch100: openssl.git-96db902.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -221,6 +223,7 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/
 %patch87 -p1 -b .dtls1-mitm
 %patch88 -p1 -b .handshake-crash
 %patch89 -p1 -b .ephemeral
+%patch100 -p1 -b .CVE-2014-0160
 
 sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
 
@@ -487,6 +490,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 %postun libs -p /sbin/ldconfig
 
 %changelog
+* Mon Apr 07 2014 Dennis Gilmore <dennis@ausil.us> - 1.0.1e-44
+- pull in upstream patch for CVE-2014-0160
+- removed CHANGES file portion from patch for expediency
+
 * Thu Apr  3 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-43
 - add support for ppc64le architecture (#1072633)