[arch-commits] Commit in bitcoin/trunk (5 files)

Timothy Redaelli tredaelli at archlinux.org
Mon Jan 12 09:41:01 UTC 2015 

    Date: Monday, January 12, 2015 @ 10:41:00
  Author: tredaelli
Revision: 125793

upgpkg: bitcoin 0.9.3-4

FS#43396

Added:
  bitcoin/trunk/037bfefe6bccbdf656e628a1f4526db8f80c3922.patch
  bitcoin/trunk/0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch
  bitcoin/trunk/60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch
  bitcoin/trunk/b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch
Modified:
  bitcoin/trunk/PKGBUILD

------------------------------------------------+
 037bfefe6bccbdf656e628a1f4526db8f80c3922.patch |   43 +++++++++++++++++++
 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch |   50 +++++++++++++++++++++++
 60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch |   25 +++++++++++
 PKGBUILD                                       |   18 +++++++-
 b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch |   43 +++++++++++++++++++
 5 files changed, 178 insertions(+), 1 deletion(-)

Added: 037bfefe6bccbdf656e628a1f4526db8f80c3922.patch
===================================================================
--- 037bfefe6bccbdf656e628a1f4526db8f80c3922.patch	                        (rev 0)
+++ 037bfefe6bccbdf656e628a1f4526db8f80c3922.patch	2015-01-12 09:41:00 UTC (rev 125793)
@@ -0,0 +1,43 @@
+From 037bfefe6bccbdf656e628a1f4526db8f80c3922 Mon Sep 17 00:00:00 2001
+From: "Wladimir J. van der Laan" <laanwj at gmail.com>
+Date: Mon, 12 Jan 2015 09:28:24 +0100
+Subject: [PATCH] Improve robustness of DER recoding code
+
+Add some defensive programming on top of #5634.
+
+This copies the respective OpenSSL code in ECDSA_verify in
+OpenSSL pre-1.0.1k (e.g. https://github.com/openssl/openssl/blob/OpenSSL_1_0_1j/crypto/ecdsa/ecs_vrf.c#L89)
+more closely.
+
+As reported by @sergiodemianlerner.
+
+Github-Pull: #5640
+Rebased-From: c6b7b29f232c651f898eeffb93f36c8f537c56d2
+---
+ src/key.cpp | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/src/key.cpp b/src/key.cpp
+index a845ba1..63332bf 100644
+--- a/src/key.cpp
++++ b/src/key.cpp
+@@ -234,7 +234,18 @@ class CECKey {
+         unsigned char *norm_der = NULL;
+         ECDSA_SIG *norm_sig = ECDSA_SIG_new();
+         const unsigned char* sigptr = &vchSig[0];
+-        d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size());
++        assert(norm_sig);
++        if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL)
++        {
++            /* As of OpenSSL 1.0.0p d2i_ECDSA_SIG frees and nulls the pointer on
++             * error. But OpenSSL's own use of this function redundantly frees the
++             * result. As ECDSA_SIG_free(NULL) is a no-op, and in the absence of a
++             * clear contract for the function behaving the same way is more
++             * conservative.
++             */
++            ECDSA_SIG_free(norm_sig);
++            return false;
++        }
+         int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der);
+         ECDSA_SIG_free(norm_sig);
+         if (derlen <= 0)

Added: 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch
===================================================================
--- 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch	                        (rev 0)
+++ 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch	2015-01-12 09:41:00 UTC (rev 125793)
@@ -0,0 +1,50 @@
+From 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283 Mon Sep 17 00:00:00 2001
+From: Gregory Maxwell <greg at xiph.org>
+Date: Sat, 6 Dec 2014 07:08:02 -0800
+Subject: [PATCH] Disable SSLv3 (in favor of TLS) for the RPC client and
+ server.
+
+TLS is subject to downgrade attacks when SSLv3 is available, and
+ SSLv3 has vulnerabilities.
+
+The popular solution is to disable SSLv3. On the web this breaks
+ some tiny number of very old clients. While Bitcoin RPC shouldn't
+ be exposed to the open Internet, it also shouldn't be exposed to
+ really old SSL implementations, so it shouldn't be a major issue
+ for us to disable SSLv3.
+
+There is more information on the downgrade attacks and disabling
+ SSLv3 at https://disablessl3.com/ .
+
+Rebased-From: 683dc4009b2b01699e672f8150c28e2ebe0aae19
+---
+ src/rpcclient.cpp | 2 +-
+ src/rpcserver.cpp | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/rpcclient.cpp b/src/rpcclient.cpp
+index 4f3c39c..5e62b71 100644
+--- a/src/rpcclient.cpp
++++ b/src/rpcclient.cpp
+@@ -40,7 +40,7 @@ Object CallRPC(const string& strMethod, const Array& params)
+     bool fUseSSL = GetBoolArg("-rpcssl", false);
+     asio::io_service io_service;
+     ssl::context context(io_service, ssl::context::sslv23);
+-    context.set_options(ssl::context::no_sslv2);
++    context.set_options(ssl::context::no_sslv2 | ssl::context::no_sslv3);
+     asio::ssl::stream<asio::ip::tcp::socket> sslStream(io_service, context);
+     SSLIOStreamDevice<asio::ip::tcp> d(sslStream, fUseSSL);
+     iostreams::stream< SSLIOStreamDevice<asio::ip::tcp> > stream(d);
+diff --git a/src/rpcserver.cpp b/src/rpcserver.cpp
+index f43acf4..cc9e330 100644
+--- a/src/rpcserver.cpp
++++ b/src/rpcserver.cpp
+@@ -539,7 +539,7 @@ void StartRPCThreads()
+ 
+     if (fUseSSL)
+     {
+-        rpc_ssl_context->set_options(ssl::context::no_sslv2);
++        rpc_ssl_context->set_options(ssl::context::no_sslv2 | ssl::context::no_sslv3);
+ 
+         filesystem::path pathCertFile(GetArg("-rpcsslcertificatechainfile", "server.cert"));
+         if (!pathCertFile.is_complete()) pathCertFile = filesystem::path(GetDataDir()) / pathCertFile;

Added: 60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch
===================================================================
--- 60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch	                        (rev 0)
+++ 60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch	2015-01-12 09:41:00 UTC (rev 125793)
@@ -0,0 +1,25 @@
+From 60c51f1c381bbd93c70cfdf41c6688609a7956fc Mon Sep 17 00:00:00 2001
+From: "Wladimir J. van der Laan" <laanwj at gmail.com>
+Date: Sat, 10 Jan 2015 08:58:47 +0100
+Subject: [PATCH] fail immediately on an empty signature
+
+Github-Pull: #5634
+Rebased-From: 8dccba6a45db0466370726ed462b9da2eae43bce
+---
+ src/key.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/key.cpp b/src/key.cpp
+index e5943af..a845ba1 100644
+--- a/src/key.cpp
++++ b/src/key.cpp
+@@ -227,6 +227,9 @@ class CECKey {
+     }
+ 
+     bool Verify(const uint256 &hash, const std::vector<unsigned char>& vchSig) {
++        if (vchSig.empty())
++            return false;
++
+         // New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first.
+         unsigned char *norm_der = NULL;
+         ECDSA_SIG *norm_sig = ECDSA_SIG_new();

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2015-01-12 08:29:26 UTC (rev 125792)
+++ PKGBUILD	2015-01-12 09:41:00 UTC (rev 125793)
@@ -5,12 +5,16 @@
 pkgbase=bitcoin
 pkgname=('bitcoin-daemon' 'bitcoin-cli' 'bitcoin-qt')
 pkgver=0.9.3
-pkgrel=3
+pkgrel=4
 arch=('i686' 'x86_64')
 url="http://www.bitcoin.org/"
 makedepends=('boost' 'automoc4' 'qrencode' 'miniupnpc' 'protobuf')
 license=('MIT')
 source=(http://bitcoin.org/bin/$pkgver/bitcoin-$pkgver-linux.tar.gz
+	https://github.com/bitcoin/bitcoin/commit/0a94661e8db94e84ecbf1ea45a51fb3c7fb77283.patch
+	https://github.com/bitcoin/bitcoin/commit/b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch
+	https://github.com/bitcoin/bitcoin/commit/60c51f1c381bbd93c70cfdf41c6688609a7956fc.patch
+	https://github.com/bitcoin/bitcoin/commit/037bfefe6bccbdf656e628a1f4526db8f80c3922.patch
 	https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/bitcoin-qt.desktop
 	https://raw.github.com/bitcoin/bitcoin/v$pkgver/share/pixmaps/bitcoin128.png
 	https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/examples/bitcoin.conf
@@ -17,6 +21,10 @@
 	https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/manpages/bitcoind.1
 	https://raw.github.com/bitcoin/bitcoin/v$pkgver/contrib/debian/manpages/bitcoin.conf.5)
 sha256sums=('c425783b6cbab9b801ad6a1dcc9235828b98e5dee6675112741f8b210e4f65cd'
+            '18f5d43dd29682c8f9bd98dfb94c07b2453c99b9454996651562410b535e289b'
+            'ac3a6d0e9116566f44ef99b6fc5ae7ec792a05e73d33b9db25e4f62b296b5d59'
+            '67c50de4c469e40d8fb0a7663acd5af8dbbe93f362a5192e981bfa2ec9ab82df'
+            '9ff94c3ddb09b0b27eda2e157627ff61808afd7a8fedc0c9d1b0db1a53ee1138'
             'b65b377c0d9ecae9eea722843bca0add6bdb7e50929a7e1f751b79b6621c6073'
             'ad880c8459ecfdb96abe6a4689af06bdd27906e0edcd39d0915482f2da91e722'
             'e141088b07641e4e58cc750f93bbdda1ca0e8f07262fce66b73524c1ed97480e'
@@ -34,8 +42,16 @@
 esac
 
 prepare() {
+  local x
   cd "$srcdir/$pkgbase-$pkgver-linux/src"
   tar xf $pkgbase-$_pkgver.tar.gz
+  cd "$pkgbase-$_pkgver"
+
+  # Disable SSLv3 for Puddle + FS#43396
+  for x in 0a94661e8db94e84ecbf1ea45a51fb3c7fb77283 b8e81b7ccd4490155e3345fc73346ff8c3a77524 \
+           60c51f1c381bbd93c70cfdf41c6688609a7956fc 037bfefe6bccbdf656e628a1f4526db8f80c3922; do
+    patch -Np1 -i "$srcdir/$x.patch"
+  done
 }
 
 build() {

Added: b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch
===================================================================
--- b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch	                        (rev 0)
+++ b8e81b7ccd4490155e3345fc73346ff8c3a77524.patch	2015-01-12 09:41:00 UTC (rev 125793)
@@ -0,0 +1,43 @@
+From b8e81b7ccd4490155e3345fc73346ff8c3a77524 Mon Sep 17 00:00:00 2001
+From: Cory Fields <cory-nospam- at coryfields.com>
+Date: Fri, 9 Jan 2015 16:39:12 -0500
+Subject: [PATCH] consensus: guard against openssl's new strict DER checks
+
+New versions of OpenSSL will reject non-canonical DER signatures. However,
+it'll happily decode them. Decode then re-encode before verification in order
+to ensure that it is properly consumed.
+
+Github-Pull: #5634
+Rebased-From: 488ed32f2ada1d1dd108fc245d025c4d5f252783
+---
+ src/key.cpp | 16 +++++++++++++---
+ 1 file changed, 13 insertions(+), 3 deletions(-)
+
+diff --git a/src/key.cpp b/src/key.cpp
+index 5b261bb..e5943af 100644
+--- a/src/key.cpp
++++ b/src/key.cpp
+@@ -227,10 +227,20 @@ class CECKey {
+     }
+ 
+     bool Verify(const uint256 &hash, const std::vector<unsigned char>& vchSig) {
+-        // -1 = error, 0 = bad sig, 1 = good
+-        if (ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), &vchSig[0], vchSig.size(), pkey) != 1)
++        // New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first.
++        unsigned char *norm_der = NULL;
++        ECDSA_SIG *norm_sig = ECDSA_SIG_new();
++        const unsigned char* sigptr = &vchSig[0];
++        d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size());
++        int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der);
++        ECDSA_SIG_free(norm_sig);
++        if (derlen <= 0)
+             return false;
+-        return true;
++
++        // -1 = error, 0 = bad sig, 1 = good
++        bool ret = ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1;
++        OPENSSL_free(norm_der);
++        return ret;
+     }
+ 
+     bool SignCompact(const uint256 &hash, unsigned char *p64, int &rec) {

More information about the arch-commits mailing list