[arch-commits] Commit in bitcoin/trunk (5 files)
Timothy Redaelli
tredaelli at archlinux.org
Mon Jan 12 09:41:01 UTC 2015
Date: Monday, January 12, 2015 @ 10:41:00
Author: tredaelli
Revision: 125793
upgpkg: bitcoin 0.9.3-4
FS#43396
Added:
bitcoin/trunk/037bfefe6bccbdf656e628a1f4526db8f80c3922.patch
bitcoin/trunk/0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch
bitcoin/trunk/60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch
bitcoin/trunk/b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch
Modified:
bitcoin/trunk/PKGBUILD
------------------------------------------------+
037bfefe6bccbdf656e628a1f4526db8f80c3922.patch | 43 +++++++++++++++++++
0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch | 50 +++++++++++++++++++++++
60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch | 25 +++++++++++
PKGBUILD | 18 +++++++-
b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch | 43 +++++++++++++++++++
5 files changed, 178 insertions(+), 1 deletion(-)
Added: 037bfefe6bccbdf656e628a1f4526db8f80c3922.patch
===================================================================
--- 037bfefe6bccbdf656e628a1f4526db8f80c3922.patch (rev 0)
+++ 037bfefe6bccbdf656e628a1f4526db8f80c3922.patch 2015-01-12 09:41:00 UTC (rev 125793)
@@ -0,0 +1,43 @@
+From 037bfefe6bccbdf656e628a1f4526db8f80c3922 Mon Sep 17 00:00:00 2001
+From: "Wladimir J. van der Laan" <laanwj at gmail.com>
+Date: Mon, 12 Jan 2015 09:28:24 +0100
+Subject: [PATCH] Improve robustness of DER recoding code
+
+Add some defensive programming on top of #5634.
+
+This copies the respective OpenSSL code in ECDSA_verify in
+OpenSSL pre-1.0.1k (e.g. https://github.com/openssl/openssl/blob/OpenSSL_1_0_1j/crypto/ecdsa/ecs_vrf.c#L89)
+more closely.
+
+As reported by @sergiodemianlerner.
+
+Github-Pull: #5640
+Rebased-From: c6b7b29f232c651f898eeffb93f36c8f537c56d2
+---
+ src/key.cpp | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/src/key.cpp b/src/key.cpp
+index a845ba1..63332bf 100644
+--- a/src/key.cpp
++++ b/src/key.cpp
+@@ -234,7 +234,18 @@ class CECKey {
+ unsigned char *norm_der = NULL;
+ ECDSA_SIG *norm_sig = ECDSA_SIG_new();
+ const unsigned char* sigptr = &vchSig[0];
+- d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size());
++ assert(norm_sig);
++ if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL)
++ {
++ /* As of OpenSSL 1.0.0p d2i_ECDSA_SIG frees and nulls the pointer on
++ * error. But OpenSSL's own use of this function redundantly frees the
++ * result. As ECDSA_SIG_free(NULL) is a no-op, and in the absence of a
++ * clear contract for the function behaving the same way is more
++ * conservative.
++ */
++ ECDSA_SIG_free(norm_sig);
++ return false;
++ }
+ int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der);
+ ECDSA_SIG_free(norm_sig);
+ if (derlen <= 0)
Added: 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch
===================================================================
--- 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch (rev 0)
+++ 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch 2015-01-12 09:41:00 UTC (rev 125793)
@@ -0,0 +1,50 @@
+From 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283 Mon Sep 17 00:00:00 2001
+From: Gregory Maxwell <greg at xiph.org>
+Date: Sat, 6 Dec 2014 07:08:02 -0800
+Subject: [PATCH] Disable SSLv3 (in favor of TLS) for the RPC client and
+ server.
+
+TLS is subject to downgrade attacks when SSLv3 is available, and
+ SSLv3 has vulnerabilities.
+
+The popular solution is to disable SSLv3. On the web this breaks
+ some tiny number of very old clients. While Bitcoin RPC shouldn't
+ be exposed to the open Internet, it also shouldn't be exposed to
+ really old SSL implementations, so it shouldn't be a major issue
+ for us to disable SSLv3.
+
+There is more information on the downgrade attacks and disabling
+ SSLv3 at https://disablessl3.com/ .
+
+Rebased-From: 683dc4009b2b01699e672f8150c28e2ebe0aae19
+---
+ src/rpcclient.cpp | 2 +-
+ src/rpcserver.cpp | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/rpcclient.cpp b/src/rpcclient.cpp
+index 4f3c39c..5e62b71 100644
+--- a/src/rpcclient.cpp
++++ b/src/rpcclient.cpp
+@@ -40,7 +40,7 @@ Object CallRPC(const string& strMethod, const Array& params)
+ bool fUseSSL = GetBoolArg("-rpcssl", false);
+ asio::io_service io_service;
+ ssl::context context(io_service, ssl::context::sslv23);
+- context.set_options(ssl::context::no_sslv2);
++ context.set_options(ssl::context::no_sslv2 | ssl::context::no_sslv3);
+ asio::ssl::stream<asio::ip::tcp::socket> sslStream(io_service, context);
+ SSLIOStreamDevice<asio::ip::tcp> d(sslStream, fUseSSL);
+ iostreams::stream< SSLIOStreamDevice<asio::ip::tcp> > stream(d);
+diff --git a/src/rpcserver.cpp b/src/rpcserver.cpp
+index f43acf4..cc9e330 100644
+--- a/src/rpcserver.cpp
++++ b/src/rpcserver.cpp
+@@ -539,7 +539,7 @@ void StartRPCThreads()
+
+ if (fUseSSL)
+ {
+- rpc_ssl_context->set_options(ssl::context::no_sslv2);
++ rpc_ssl_context->set_options(ssl::context::no_sslv2 | ssl::context::no_sslv3);
+
+ filesystem::path pathCertFile(GetArg("-rpcsslcertificatechainfile", "server.cert"));
+ if (!pathCertFile.is_complete()) pathCertFile = filesystem::path(GetDataDir()) / pathCertFile;
Added: 60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch
===================================================================
--- 60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch (rev 0)
+++ 60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch 2015-01-12 09:41:00 UTC (rev 125793)
@@ -0,0 +1,25 @@
+From 60c51f1c381bbd93c70cfdf41c6688609a7956fc Mon Sep 17 00:00:00 2001
+From: "Wladimir J. van der Laan" <laanwj at gmail.com>
+Date: Sat, 10 Jan 2015 08:58:47 +0100
+Subject: [PATCH] fail immediately on an empty signature
+
+Github-Pull: #5634
+Rebased-From: 8dccba6a45db0466370726ed462b9da2eae43bce
+---
+ src/key.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/key.cpp b/src/key.cpp
+index e5943af..a845ba1 100644
+--- a/src/key.cpp
++++ b/src/key.cpp
+@@ -227,6 +227,9 @@ class CECKey {
+ }
+
+ bool Verify(const uint256 &hash, const std::vector<unsigned char>& vchSig) {
++ if (vchSig.empty())
++ return false;
++
+ // New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first.
+ unsigned char *norm_der = NULL;
+ ECDSA_SIG *norm_sig = ECDSA_SIG_new();
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2015-01-12 08:29:26 UTC (rev 125792)
+++ PKGBUILD 2015-01-12 09:41:00 UTC (rev 125793)
@@ -5,12 +5,16 @@
pkgbase=bitcoin
pkgname=('bitcoin-daemon' 'bitcoin-cli' 'bitcoin-qt')
pkgver=0.9.3
-pkgrel=3
+pkgrel=4
arch=('i686' 'x86_64')
url="http://www.bitcoin.org/"
makedepends=('boost' 'automoc4' 'qrencode' 'miniupnpc' 'protobuf')
license=('MIT')
source=(http://bitcoin.org/bin/$pkgver/bitcoin-$pkgver-linux.tar.gz
+ https://github.com/bitcoin/bitcoin/commit/0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch
+ https://github.com/bitcoin/bitcoin/commit/b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch
+ https://github.com/bitcoin/bitcoin/commit/60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch
+ https://github.com/bitcoin/bitcoin/commit/037bfefe6bccbdf656e628a1f4526db8f80c3922.patch
https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/bitcoin-qt.desktop
https://raw.github.com/bitcoin/bitcoin/v$pkgver/share/pixmaps/bitcoin128.png
https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/examples/bitcoin.conf
@@ -17,6 +21,10 @@
https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/manpages/bitcoind.1
https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/manpages/bitcoin.conf.5)
sha256sums=('c425783b6cbab9b801ad6a1dcc9235828b98e5dee6675112741f8b210e4f65cd'
+ '18f5d43dd29682c8f9bd98dfb94c07b2453c99b9454996651562410b535e289b'
+ 'ac3a6d0e9116566f44ef99b6fc5ae7ec792a05e73d33b9db25e4f62b296b5d59'
+ '67c50de4c469e40d8fb0a7663acd5af8dbbe93f362a5192e981bfa2ec9ab82df'
+ '9ff94c3ddb09b0b27eda2e157627ff61808afd7a8fedc0c9d1b0db1a53ee1138'
'b65b377c0d9ecae9eea722843bca0add6bdb7e50929a7e1f751b79b6621c6073'
'ad880c8459ecfdb96abe6a4689af06bdd27906e0edcd39d0915482f2da91e722'
'e141088b07641e4e58cc750f93bbdda1ca0e8f07262fce66b73524c1ed97480e'
@@ -34,8 +42,16 @@
esac
prepare() {
+ local x
cd "$srcdir/$pkgbase-$pkgver-linux/src"
tar xf $pkgbase-$_pkgver.tar.gz
+ cd "$pkgbase-$_pkgver"
+
+ # Disable SSLv3 for Puddle + FS#43396
+ for x in 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283 b8e81b7ccd4490155e3345fc73346ff8c3a77524 \
+ 60c51f1c381bbd93c70cfdf41c6688609a7956fc 037bfefe6bccbdf656e628a1f4526db8f80c3922; do
+ patch -Np1 -i "$srcdir/$x.patch"
+ done
}
build() {
Added: b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch
===================================================================
--- b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch (rev 0)
+++ b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch 2015-01-12 09:41:00 UTC (rev 125793)
@@ -0,0 +1,43 @@
+From b8e81b7ccd4490155e3345fc73346ff8c3a77524 Mon Sep 17 00:00:00 2001
+From: Cory Fields <cory-nospam- at coryfields.com>
+Date: Fri, 9 Jan 2015 16:39:12 -0500
+Subject: [PATCH] consensus: guard against openssl's new strict DER checks
+
+New versions of OpenSSL will reject non-canonical DER signatures. However,
+it'll happily decode them. Decode then re-encode before verification in order
+to ensure that it is properly consumed.
+
+Github-Pull: #5634
+Rebased-From: 488ed32f2ada1d1dd108fc245d025c4d5f252783
+---
+ src/key.cpp | 16 +++++++++++++---
+ 1 file changed, 13 insertions(+), 3 deletions(-)
+
+diff --git a/src/key.cpp b/src/key.cpp
+index 5b261bb..e5943af 100644
+--- a/src/key.cpp
++++ b/src/key.cpp
+@@ -227,10 +227,20 @@ class CECKey {
+ }
+
+ bool Verify(const uint256 &hash, const std::vector<unsigned char>& vchSig) {
+- // -1 = error, 0 = bad sig, 1 = good
+- if (ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), &vchSig[0], vchSig.size(), pkey) != 1)
++ // New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first.
++ unsigned char *norm_der = NULL;
++ ECDSA_SIG *norm_sig = ECDSA_SIG_new();
++ const unsigned char* sigptr = &vchSig[0];
++ d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size());
++ int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der);
++ ECDSA_SIG_free(norm_sig);
++ if (derlen <= 0)
+ return false;
+- return true;
++
++ // -1 = error, 0 = bad sig, 1 = good
++ bool ret = ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1;
++ OPENSSL_free(norm_der);
++ return ret;
+ }
+
+ bool SignCompact(const uint256 &hash, unsigned char *p64, int &rec) {
More information about the arch-commits
mailing list