deps: upgrade openssl sources to OpenSSL_1_1_1o

This updates all sources in deps/openssl/openssl by: $ git clone https://github.com/quictls/openssl $ cd openssl $ git checkout OpenSSL_1_1_1o+quic $ cd ../node/deps/openssl $ rm -rf openssl $ cp -R ../openssl openssl $ rm -rf openssl/.git* openssl/.travis* $ git add --all openssl $ git commit openssl PR-URL: #42957 Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-May/000223.html Reviewed-By: Beth Griggs <[email protected]>
nodejs · May 11, 2022 · 6efc844 · 6efc844
1 parent 3ceeb57
commit 6efc844
Show file tree

Hide file tree

Showing 39 changed files with 687 additions and 116 deletions.
diff --git a/deps/openssl/openssl/CHANGES b/deps/openssl/openssl/CHANGES
@@ -7,6 +7,19 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1n and 1.1.1o [3 May 2022]
+
+  *) Fixed a bug in the c_rehash script which was not properly sanitising shell
+    metacharacters to prevent command injection.  This script is distributed by
+    some operating systems in a manner where it is automatically executed.  On
+    such operating systems, an attacker could execute arbitrary commands with the
+    privileges of the script.
+
+    Use of the c_rehash script is considered obsolete and should be replaced
+    by the OpenSSL rehash command line tool.
+    (CVE-2022-1292)
+    [Tomáš Mráz]
+
  Changes between 1.1.1m and 1.1.1n [15 Mar 2022]
 
   *) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever

diff --git a/deps/openssl/openssl/NEWS b/deps/openssl/openssl/NEWS
@@ -5,10 +5,15 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1n and OpenSSL 1.1.1o [3 May 2022]
+
+      o Fixed a bug in the c_rehash script which was not properly sanitising
+        shell metacharacters to prevent command injection (CVE-2022-1292)
+
   Major changes between OpenSSL 1.1.1m and OpenSSL 1.1.1n [15 Mar 2022]
 
       o Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
-        forever for non-prime moduli ([CVE-2022-0778])
+        forever for non-prime moduli (CVE-2022-0778)
 
   Major changes between OpenSSL 1.1.1l and OpenSSL 1.1.1m [14 Dec 2021]
 

diff --git a/deps/openssl/openssl/README-OpenSSL.md b/deps/openssl/openssl/README-OpenSSL.md
@@ -1,7 +1,7 @@
 
- OpenSSL 1.1.1n 15 Mar 2022
+ OpenSSL 1.1.1o 3 May 2022
 
- Copyright (c) 1998-2021 The OpenSSL Project
+ Copyright (c) 1998-2022 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
  All rights reserved.
 

diff --git a/deps/openssl/openssl/README.md b/deps/openssl/openssl/README.md
@@ -4,7 +4,7 @@ What This Is
 This is a fork of [OpenSSL](https://www.openssl.org) to enable QUIC. In addition
 to the website, the official source distribution is at
 <https://github.com/openssl/openssl>. The OpenSSL `README` can be found at
-[README-OpenSSL.md](https://github.com/quictls/openssl/blob/OpenSSL_1_1_1n%2Bquic/README-OpenSSL.md).
+[README-OpenSSL.md](https://github.com/quictls/openssl/blob/OpenSSL_1_1_1o%2Bquic/README-OpenSSL.md).
 
 This fork adds APIs that can be used by QUIC implementations for connection
 handshakes. Quoting the IETF Working group

diff --git a/deps/openssl/openssl/apps/apps.c b/deps/openssl/openssl/apps/apps.c
@@ -307,6 +307,8 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
         if (cb_data != NULL && cb_data->password != NULL
                 && *(const char*)cb_data->password != '\0')
             pw_min_len = 1;
+        else if (!verify)
+            pw_min_len = 0;
         prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
         if (!prompt) {
             BIO_printf(bio_err, "Out of memory\n");

diff --git a/deps/openssl/openssl/apps/x509.c b/deps/openssl/openssl/apps/x509.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -590,6 +590,8 @@ int x509_main(int argc, char **argv)
         xca = load_cert(CAfile, CAformat, "CA Certificate");
         if (xca == NULL)
             goto end;
+        if (!X509_set_issuer_name(x, X509_get_subject_name(xca)))
+            goto end;
     }
 
     out = bio_open_default(outfile, 'w', outformat);
@@ -987,8 +989,6 @@ static int x509_certify(X509_STORE *ctx, const char *CAfile, const EVP_MD *diges
         goto end;
     }
 
-    if (!X509_set_issuer_name(x, X509_get_subject_name(xca)))
-        goto end;
     if (!X509_set_serialNumber(x, bs))
         goto end;
 

diff --git a/deps/openssl/openssl/crypto/bn/bn_div.c b/deps/openssl/openssl/crypto/bn/bn_div.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -446,8 +446,10 @@ int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
     snum->neg = num_neg;
     snum->top = div_n;
     snum->flags |= BN_FLG_FIXED_TOP;
-    if (rm != NULL)
-        bn_rshift_fixed_top(rm, snum, norm_shift);
+
+    if (rm != NULL && bn_rshift_fixed_top(rm, snum, norm_shift) == 0)
+        goto err;
+
     BN_CTX_end(ctx);
     return 1;
  err:

diff --git a/deps/openssl/openssl/crypto/bn/bn_exp.c b/deps/openssl/openssl/crypto/bn/bn_exp.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -188,13 +188,14 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         return ret;
     }
 
+    BN_RECP_CTX_init(&recp);
+
     BN_CTX_start(ctx);
     aa = BN_CTX_get(ctx);
     val[0] = BN_CTX_get(ctx);
     if (val[0] == NULL)
         goto err;
 
-    BN_RECP_CTX_init(&recp);
     if (m->neg) {
         /* ignore sign of 'm' */
         if (!BN_copy(aa, m))

diff --git a/deps/openssl/openssl/crypto/ec/curve448/curve448.c b/deps/openssl/openssl/crypto/ec/curve448/curve448.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright 2015-2016 Cryptography Research, Inc.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -577,6 +577,7 @@ static int recode_wnaf(struct smvt_control *control,
             int32_t delta = odd & mask;
 
             assert(position >= 0);
+            assert(pos < 32);       /* can't fail since current & 0xFFFF != 0 */
             if (odd & (1 << (table_bits + 1)))
                 delta -= (1 << (table_bits + 1));
             current -= delta * (1 << pos);

diff --git a/deps/openssl/openssl/crypto/ec/ecp_nistz256.c b/deps/openssl/openssl/crypto/ec/ecp_nistz256.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2022 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2014, Intel Corporation. All Rights Reserved.
  * Copyright (c) 2015, CloudFlare, Inc.
  *
@@ -973,6 +973,7 @@ __owur static int ecp_nistz256_points_mul(const EC_GROUP *group,
         return 0;
     }
 
+    memset(&p, 0, sizeof(p));
     BN_CTX_start(ctx);
 
     if (scalar) {

diff --git a/deps/openssl/openssl/crypto/engine/eng_dyn.c b/deps/openssl/openssl/crypto/engine/eng_dyn.c
@@ -393,6 +393,26 @@ static int int_load(dynamic_data_ctx *ctx)
     return 0;
 }
 
+/*
+ * Unfortunately the version checker does not distinguish between
+ * engines built for openssl 1.1.x and openssl 3.x, but loading
+ * an engine that is built for openssl 3.x will cause a fatal
+ * error.  Detect such engines, since EVP_PKEY_get_base_id is exported
+ * as a function in openssl 3.x, while it is named EVP_PKEY_base_id
+ * in openssl 1.1.x.  Therefore we take the presence of that symbol
+ * as an indication that the engine will be incompatible.
+ */
+static int using_libcrypto_3(dynamic_data_ctx *ctx)
+{
+    int ret;
+
+    ERR_set_mark();
+    ret = DSO_bind_func(ctx->dynamic_dso, "EVP_PKEY_get_base_id") != NULL;
+    ERR_pop_to_mark();
+
+    return ret;
+}
+
 static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
 {
     ENGINE cpy;
@@ -442,18 +462,9 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
         /*
          * We fail if the version checker veto'd the load *or* if it is
          * deferring to us (by returning its version) and we think it is too
-         * old.
-         * Unfortunately the version checker does not distinguish between
-         * engines built for openssl 1.1.x and openssl 3.x, but loading
-         * an engine that is built for openssl 3.x will cause a fatal
-         * error.  Detect such engines, since EVP_PKEY_get_base_id is exported
-         * as a function in openssl 3.x, while it is named EVP_PKEY_base_id
-         * in openssl 1.1.x.  Therefore we take the presence of that symbol
-         * as an indication that the engine will be incompatible.
+         * old. Also fail if this is engine for openssl 3.x.
          */
-        if (vcheck_res < OSSL_DYNAMIC_OLDEST
-                || DSO_bind_func(ctx->dynamic_dso,
-                                 "EVP_PKEY_get_base_id") != NULL) {
+        if (vcheck_res < OSSL_DYNAMIC_OLDEST || using_libcrypto_3(ctx)) {
             /* Fail */
             ctx->bind_engine = NULL;
             ctx->v_check = NULL;