diff options
8 files changed, 0 insertions, 402 deletions
diff --git a/common/recipes-connectivity/openssl/openssl/0001_SSLv2_doesnot_block_disabled_ciphers_CVE-2016-0701.patch b/common/recipes-connectivity/openssl/openssl/0001_SSLv2_doesnot_block_disabled_ciphers_CVE-2016-0701.patch deleted file mode 100644 index da0c3ac6..00000000 --- a/common/recipes-connectivity/openssl/openssl/0001_SSLv2_doesnot_block_disabled_ciphers_CVE-2016-0701.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 878e2c5b13010329c203f309ed0c8f2113f85648 Mon Sep 17 00:00:00 2001 -From: Matt Caswell <matt@openssl.org> -Date: Mon, 18 Jan 2016 11:31:58 +0000 -Subject: [PATCH] Prevent small subgroup attacks on DH/DHE - -Historically OpenSSL only ever generated DH parameters based on "safe" -primes. More recently (in version 1.0.2) support was provided for -generating X9.42 style parameter files such as those required for RFC -5114 support. The primes used in such files may not be "safe". Where an -application is using DH configured with parameters based on primes that -are not "safe" then an attacker could use this fact to find a peer's -private DH exponent. This attack requires that the attacker complete -multiple handshakes in which the peer uses the same DH exponent. - -A simple mitigation is to ensure that y^q (mod p) == 1 - -CVE-2016-0701 (fix part 1 of 2) - -Issue reported by Antonio Sanso. - -Reviewed-by: Viktor Dukhovni <viktor@openssl.org> ---- - crypto/dh/dh.h | 1 + - crypto/dh/dh_check.c | 35 +++++++++++++++++++++++++---------- - 2 files changed, 26 insertions(+), 10 deletions(-) - -diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h -index b177673..5498a9d 100644 ---- a/crypto/dh/dh.h -+++ b/crypto/dh/dh.h -@@ -174,6 +174,7 @@ struct dh_st { - /* DH_check_pub_key error codes */ - # define DH_CHECK_PUBKEY_TOO_SMALL 0x01 - # define DH_CHECK_PUBKEY_TOO_LARGE 0x02 -+# define DH_CHECK_PUBKEY_INVALID 0x03 - - /* - * primes p where (p-1)/2 is prime too are called "safe"; we define this for -diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c -index 347467c..5adedc0 100644 ---- a/crypto/dh/dh_check.c -+++ b/crypto/dh/dh_check.c -@@ -151,23 +151,38 @@ int DH_check(const DH *dh, int *ret) - int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) - { - int ok = 0; -- BIGNUM *q = NULL; -+ BIGNUM *tmp = NULL; -+ BN_CTX *ctx = NULL; - - *ret = 0; -- q = BN_new(); -- if (q == NULL) -+ ctx = BN_CTX_new(); -+ if (ctx == NULL) - goto err; -- BN_set_word(q, 1); -- if (BN_cmp(pub_key, q) <= 0) -+ BN_CTX_start(ctx); -+ tmp = BN_CTX_get(ctx); -+ if (tmp == NULL) -+ goto err; -+ BN_set_word(tmp, 1); -+ if (BN_cmp(pub_key, tmp) <= 0) - *ret |= DH_CHECK_PUBKEY_TOO_SMALL; -- BN_copy(q, dh->p); -- BN_sub_word(q, 1); -- if (BN_cmp(pub_key, q) >= 0) -+ BN_copy(tmp, dh->p); -+ BN_sub_word(tmp, 1); -+ if (BN_cmp(pub_key, tmp) >= 0) - *ret |= DH_CHECK_PUBKEY_TOO_LARGE; - -+ if (dh->q != NULL) { -+ /* Check pub_key^q == 1 mod p */ -+ if (!BN_mod_exp(tmp, pub_key, dh->q, dh->p, ctx)) -+ goto err; -+ if (!BN_is_one(tmp)) -+ *ret |= DH_CHECK_PUBKEY_INVALID; -+ } -+ - ok = 1; - err: -- if (q != NULL) -- BN_free(q); -+ if (ctx != NULL) { -+ BN_CTX_end(ctx); -+ BN_CTX_free(ctx); -+ } - return (ok); - } --- -1.9.1 - diff --git a/common/recipes-connectivity/openssl/openssl/0002_SSLv2_doesnot_block_disabled_ciphers_CVE-2016-0701.patch b/common/recipes-connectivity/openssl/openssl/0002_SSLv2_doesnot_block_disabled_ciphers_CVE-2016-0701.patch deleted file mode 100644 index a4b24ebc..00000000 --- a/common/recipes-connectivity/openssl/openssl/0002_SSLv2_doesnot_block_disabled_ciphers_CVE-2016-0701.patch +++ /dev/null @@ -1,151 +0,0 @@ -From c5b831f21d0d29d1e517d139d9d101763f60c9a2 Mon Sep 17 00:00:00 2001 -From: Matt Caswell <matt@openssl.org> -Date: Thu, 17 Dec 2015 02:57:20 +0000 -Subject: [PATCH] Always generate DH keys for ephemeral DH cipher suites - -Modified version of the commit ffaef3f15 in the master branch by Stephen -Henson. This makes the SSL_OP_SINGLE_DH_USE option a no-op and always -generates a new DH key for every handshake regardless. - -CVE-2016-0701 (fix part 2 or 2) - -Issue reported by Antonio Sanso - -Reviewed-by: Viktor Dukhovni <viktor@openssl.org> ---- - doc/ssl/SSL_CTX_set_tmp_dh_callback.pod | 29 +++++------------------------ - ssl/s3_lib.c | 14 -------------- - ssl/s3_srvr.c | 17 +++-------------- - ssl/ssl.h | 2 +- - 4 files changed, 9 insertions(+), 53 deletions(-) - -diff --git a/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod b/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod -index b754c16..234fbc8 100644 ---- a/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod -+++ b/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod -@@ -48,25 +48,8 @@ even if he gets hold of the normal (certified) key, as this key was - only used for signing. - - In order to perform a DH key exchange the server must use a DH group --(DH parameters) and generate a DH key. --The server will always generate a new DH key during the negotiation --if either the DH parameters are supplied via callback or the --SSL_OP_SINGLE_DH_USE option of SSL_CTX_set_options(3) is set (or both). --It will immediately create a DH key if DH parameters are supplied via --SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set. --In this case, --it may happen that a key is generated on initialization without later --being needed, while on the other hand the computer time during the --negotiation is being saved. -- --If "strong" primes were used to generate the DH parameters, it is not strictly --necessary to generate a new key for each handshake but it does improve forward --secrecy. If it is not assured that "strong" primes were used, --SSL_OP_SINGLE_DH_USE must be used in order to prevent small subgroup --attacks. Always using SSL_OP_SINGLE_DH_USE has an impact on the --computer time needed during negotiation, but it is not very large, so --application authors/users should consider always enabling this option. --The option is required to implement perfect forward secrecy (PFS). -+(DH parameters) and generate a DH key. The server will always generate -+a new DH key during the negotiation. - - As generating DH parameters is extremely time consuming, an application - should not generate the parameters on the fly but supply the parameters. -@@ -93,10 +76,9 @@ can supply the DH parameters via a callback function. - Previous versions of the callback used B<is_export> and B<keylength> - parameters to control parameter generation for export and non-export - cipher suites. Modern servers that do not support export ciphersuites --are advised to either use SSL_CTX_set_tmp_dh() in combination with --SSL_OP_SINGLE_DH_USE, or alternatively, use the callback but ignore --B<keylength> and B<is_export> and simply supply at least 2048-bit --parameters in the callback. -+are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use -+the callback but ignore B<keylength> and B<is_export> and simply -+supply at least 2048-bit parameters in the callback. - - =head1 EXAMPLES - -@@ -128,7 +110,6 @@ partly left out.) - if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) { - /* Error. */ - } -- SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE); - ... - - =head1 RETURN VALUES -diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c -index b7c5db3..f846cb5 100644 ---- a/ssl/s3_lib.c -+++ b/ssl/s3_lib.c -@@ -3206,13 +3206,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) - SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); - return (ret); - } -- if (!(s->options & SSL_OP_SINGLE_DH_USE)) { -- if (!DH_generate_key(dh)) { -- DH_free(dh); -- SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); -- return (ret); -- } -- } - if (s->cert->dh_tmp != NULL) - DH_free(s->cert->dh_tmp); - s->cert->dh_tmp = dh; -@@ -3713,13 +3706,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); - return 0; - } -- if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) { -- if (!DH_generate_key(new)) { -- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); -- DH_free(new); -- return 0; -- } -- } - if (cert->dh_tmp != NULL) - DH_free(cert->dh_tmp); - cert->dh_tmp = new; -diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c -index 9b05f18..ab28702 100644 ---- a/ssl/s3_srvr.c -+++ b/ssl/s3_srvr.c -@@ -1687,20 +1687,9 @@ int ssl3_send_server_key_exchange(SSL *s) - } - - s->s3->tmp.dh = dh; -- if ((dhp->pub_key == NULL || -- dhp->priv_key == NULL || -- (s->options & SSL_OP_SINGLE_DH_USE))) { -- if (!DH_generate_key(dh)) { -- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); -- goto err; -- } -- } else { -- dh->pub_key = BN_dup(dhp->pub_key); -- dh->priv_key = BN_dup(dhp->priv_key); -- if ((dh->pub_key == NULL) || (dh->priv_key == NULL)) { -- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); -- goto err; -- } -+ if (!DH_generate_key(dh)) { -+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); -+ goto err; - } - r[0] = dh->p; - r[1] = dh->g; -diff --git a/ssl/ssl.h b/ssl/ssl.h -index a31c085..ae8c925 100644 ---- a/ssl/ssl.h -+++ b/ssl/ssl.h -@@ -625,7 +625,7 @@ struct ssl_session_st { - # define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L - /* If set, always create a new key when using tmp_ecdh parameters */ - # define SSL_OP_SINGLE_ECDH_USE 0x00080000L --/* If set, always create a new key when using tmp_dh parameters */ -+/* Does nothing: retained for compatibility */ - # define SSL_OP_SINGLE_DH_USE 0x00100000L - /* Does nothing: retained for compatibiity */ - # define SSL_OP_EPHEMERAL_RSA 0x0 --- -1.9.1 - diff --git a/common/recipes-connectivity/openssl/openssl/DH_small_subgroups_CVE-2015-3197.patch b/common/recipes-connectivity/openssl/openssl/DH_small_subgroups_CVE-2015-3197.patch deleted file mode 100644 index 9141050b..00000000 --- a/common/recipes-connectivity/openssl/openssl/DH_small_subgroups_CVE-2015-3197.patch +++ /dev/null @@ -1,60 +0,0 @@ -From d81a1600588b726c2bdccda7efad3cc7a87d6245 Mon Sep 17 00:00:00 2001 -From: Viktor Dukhovni <openssl-users@dukhovni.org> -Date: Wed, 30 Dec 2015 22:44:51 -0500 -Subject: [PATCH] Better SSLv2 cipher-suite enforcement - -Based on patch by: Nimrod Aviram <nimrod.aviram@gmail.com> - -CVE-2015-3197 - -Reviewed-by: Tim Hudson <tjh@openssl.org> -Reviewed-by: Richard Levitte <levitte@openssl.org> ---- - ssl/s2_srvr.c | 15 +++++++++++++-- - 1 file changed, 13 insertions(+), 2 deletions(-) - -diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c -index 5e2e0ac..07e9df8 100644 ---- a/ssl/s2_srvr.c -+++ b/ssl/s2_srvr.c -@@ -402,7 +402,7 @@ static int get_client_master_key(SSL *s) - } - - cp = ssl2_get_cipher_by_char(p); -- if (cp == NULL) { -+ if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) { - ssl2_return_error(s, SSL2_PE_NO_CIPHER); - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); - return (-1); -@@ -692,8 +692,12 @@ static int get_client_hello(SSL *s) - prio = cs; - allow = cl; - } -+ -+ /* Generate list of SSLv2 ciphers shared between client and server */ - for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) { -- if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) { -+ const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z); -+ if ((cp->algorithm_ssl & SSL_SSLV2) == 0 || -+ sk_SSL_CIPHER_find(allow, cp) < 0) { - (void)sk_SSL_CIPHER_delete(prio, z); - z--; - } -@@ -702,6 +706,13 @@ static int get_client_hello(SSL *s) - sk_SSL_CIPHER_free(s->session->ciphers); - s->session->ciphers = prio; - } -+ -+ /* Make sure we have at least one cipher in common */ -+ if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) { -+ ssl2_return_error(s, SSL2_PE_NO_CIPHER); -+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH); -+ return -1; -+ } - /* - * s->session->ciphers should now have a list of ciphers that are on - * both the client and server. This list is ordered by the order the --- -1.9.1 - - diff --git a/common/recipes-connectivity/openssl/openssl_1.0.2d.bbappend b/common/recipes-connectivity/openssl/openssl_1.0.2d.bbappend deleted file mode 100644 index 5bbf0c74..00000000 --- a/common/recipes-connectivity/openssl/openssl_1.0.2d.bbappend +++ /dev/null @@ -1,10 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" - -OPENSSL_CVE = " \ - file://0001_SSLv2_doesnot_block_disabled_ciphers_CVE-2016-0701.patch \ - file://0002_SSLv2_doesnot_block_disabled_ciphers_CVE-2016-0701.patch \ - file://DH_small_subgroups_CVE-2015-3197.patch \ -" - -# Add CVE fix to all that are not mel or mel-lite -SRC_URI += "${@bb.utils.contains_any("DISTRO", "mel mel-lite", "", "${OPENSSL_CVE}", d)}" diff --git a/common/recipes-core/initrdscripts/files/0005-init-install-efi.sh-correctly-handle-mmc-device-chec.patch b/common/recipes-core/initrdscripts/files/0005-init-install-efi.sh-correctly-handle-mmc-device-chec.patch deleted file mode 100644 index 5bbeb117..00000000 --- a/common/recipes-core/initrdscripts/files/0005-init-install-efi.sh-correctly-handle-mmc-device-chec.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 89082478d7d1d9c3fb8796b7ee32dae226c8915c Mon Sep 17 00:00:00 2001 -From: Awais Belal <awais_belal@mentor.com> -Date: Wed, 3 Feb 2016 17:09:17 +0500 -Subject: [PATCH] init-install-efi.sh: correctly handle mmc device check - -The cleanup in 68d8f6d2 did not update the mmc device -checking code to generate prefix and other required -bits which makes the installation to fail as it -does not generate correct partition names. -The check is now updated to handle that accordingly. - -Signed-off-by: Awais Belal <awais_belal@mentor.com> ---- - init-install-efi.sh | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git init-install-efi.sh init-install-efi.sh -index b00b2c0..4523825 100644 ---- init-install-efi.sh -+++ init-install-efi.sh -@@ -144,7 +144,7 @@ swap_start=$((rootfs_end)) - # 2) they are detected asynchronously (need rootwait) - rootwait="" - part_prefix="" --if [ ! "${device#mmcblk}" = "${device}" ]; then -+if [ ! "${device#\/dev\/mmcblk}" = "${device}" ]; then - part_prefix="p" - rootwait="rootwait" - fi --- -1.9.1 - diff --git a/common/recipes-core/initrdscripts/files/0007-init-install-efi.sh-use-generated-partition-names-fo.patch b/common/recipes-core/initrdscripts/files/0007-init-install-efi.sh-use-generated-partition-names-fo.patch deleted file mode 100644 index e2555383..00000000 --- a/common/recipes-core/initrdscripts/files/0007-init-install-efi.sh-use-generated-partition-names-fo.patch +++ /dev/null @@ -1,45 +0,0 @@ -From e653f517b0e77a85c24967fb9995339416e9726f Mon Sep 17 00:00:00 2001 -From: Awais Belal <awais_belal@mentor.com> -Date: Thu, 4 Feb 2016 13:23:10 +0500 -Subject: [PATCH] init-install-efi.sh: use generated partition names for UUID - -In case of MMC devices we tend to manipulate the partition -names as MMC partition naming scheme adds a 'p' in the -partition prefix. Currently this fails as UUID generation -tries to use device name directly and only appends partition -number. -We fix this by using the manipulated partition names already -generated earlier in the script to be consistent throughout. - -Signed-off-by: Awais Belal <awais_belal@mentor.com> ---- - init-install-efi.sh | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git init-install-efi.sh init-install-efi.sh -index 4523825..a6a9047 100644 ---- init-install-efi.sh -+++ init-install-efi.sh -@@ -194,8 +194,8 @@ mount -o rw,loop,noatime,nodiratime /run/media/$1/$2 /src_root - echo "Copying rootfs files..." - cp -a /src_root/* /tgt_root - if [ -d /tgt_root/etc/ ] ; then -- boot_uuid=$(blkid -o value -s UUID ${device}1) -- swap_part_uuid=$(blkid -o value -s PARTUUID ${device}3) -+ boot_uuid=$(blkid -o value -s UUID ${bootfs}) -+ swap_part_uuid=$(blkid -o value -s PARTUUID ${swap}) - echo "/dev/disk/by-partuuid/$swap_part_uuid swap swap defaults 0 0" >> /tgt_root/etc/fstab - echo "UUID=$boot_uuid /boot vfat defaults 1 2" >> /tgt_root/etc/fstab - # We dont want udev to mount our root device while we're booting... -@@ -216,7 +216,7 @@ mkdir -p $EFIDIR - cp /run/media/$1/EFI/BOOT/*.efi $EFIDIR - - if [ -f /run/media/$1/EFI/BOOT/grub.cfg ]; then -- root_part_uuid=$(blkid -o value -s PARTUUID ${device}2) -+ root_part_uuid=$(blkid -o value -s PARTUUID ${rootfs}) - GRUBCFG="$EFIDIR/grub.cfg" - cp /run/media/$1/EFI/BOOT/grub.cfg $GRUBCFG - # Update grub config for the installed image --- -1.9.1 - diff --git a/common/recipes-core/initrdscripts/initramfs-live-install-efi_1.0.bbappend b/common/recipes-core/initrdscripts/initramfs-live-install-efi_1.0.bbappend index 41efdfea..b51ea937 100644 --- a/common/recipes-core/initrdscripts/initramfs-live-install-efi_1.0.bbappend +++ b/common/recipes-core/initrdscripts/initramfs-live-install-efi_1.0.bbappend @@ -2,7 +2,5 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/files:" SRC_URI_append_amd = " \ file://0003-init-install-efi.sh-Don-t-set-quiet-kernel-option-in.patch;striplevel=0;patchdir=${WORKDIR} \ file://0004-init-install-efi.sh-Add-a-second-prompt-to-install.patch;striplevel=0;patchdir=${WORKDIR} \ - file://0005-init-install-efi.sh-correctly-handle-mmc-device-chec.patch;striplevel=0;patchdir=${WORKDIR} \ - file://0007-init-install-efi.sh-use-generated-partition-names-fo.patch;striplevel=0;patchdir=${WORKDIR} \ file://0010-init-install-efi.sh-etc-mtab-make-a-softlink-rather-.patch;striplevel=0;patchdir=${WORKDIR} \ " diff --git a/common/recipes-core/systemd/systemd-serialgetty.bbappend b/common/recipes-core/systemd/systemd-serialgetty.bbappend deleted file mode 100644 index dc786b1d..00000000 --- a/common/recipes-core/systemd/systemd-serialgetty.bbappend +++ /dev/null @@ -1,8 +0,0 @@ -# We would like to force baud rate on all -# SERIAL_CONSOLES strip --keep-baud which -# wouldn't allow this. -do_install_prepend_amd() { - if [ ! -z "${SERIAL_CONSOLES}" ] ; then - sed -i -e s/\-\-keep\-baud//g ${WORKDIR}/serial-getty@.service - fi -} |