Message ID | 20200825221959.11790-1-hauke@hauke-m.de |
---|---|
State | Accepted |
Delegated to: | Hauke Mehrtens |
Headers | show |
Series | [v2] wolfssl: Update to version 4.5.0 | expand |
Hi, On 26/08/2020 00:19, Hauke Mehrtens wrote: > This fixes the following security problems: > * In earlier versions of wolfSSL there exists a potential man in the > middle attack on TLS 1.3 clients. > * Denial of service attack on TLS 1.3 servers from repetitively sending > ChangeCipherSpecs messages. (CVE-2020-12457) > * Potential cache timing attacks on public key operations in builds that > are not using SP (single precision). (CVE-2020-15309) > * When using SGX with EC scalar multiplication the possibility of side- > channel attacks are present. > * Leak of private key in the case that PEM format private keys are > bundled in with PEM certificates into a single file. > * During the handshake, clear application_data messages in epoch 0 are > processed and returned to the application. > > Full changelog: > https://www.wolfssl.com/docs/wolfssl-changelog/ > > Add a patch which fixes a build problem on big endian systems, see > https://github.com/wolfSSL/wolfssl/issues/3240 for details. > > Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> I think due to this hostapd (CONFIG_PACKAGE_wpad-wolfssl=y) now fails to compile: ../src/crypto/tls_wolfssl.c: In function 'tls_match_alt_subject': ../src/crypto/tls_wolfssl.c:610:11: error: 'GEN_EMAIL' undeclared (first use in this function); did you mean 'ENAVAIL'? type = GEN_EMAIL; ^~~~~~~~~ ENAVAIL ../src/crypto/tls_wolfssl.c:610:11: note: each undeclared identifier is reported only once for each function it appears in ../src/crypto/tls_wolfssl.c:613:11: error: 'GEN_DNS' undeclared (first use in this function) type = GEN_DNS; ^~~~~~~ ../src/crypto/tls_wolfssl.c:616:11: error: 'GEN_URI' undeclared (first use in this function) type = GEN_URI; ^~~~~~~ ../src/crypto/tls_wolfssl.c: In function 'wolfssl_tls_cert_event': ../src/crypto/tls_wolfssl.c:902:20: error: 'GEN_EMAIL' undeclared (first use in this function); did you mean 'ENAVAIL'? if (gen->type != GEN_EMAIL && ^~~~~~~~~ ENAVAIL ../src/crypto/tls_wolfssl.c:903:20: error: 'GEN_DNS' undeclared (first use in this function) gen->type != GEN_DNS && ^~~~~~~ ../src/crypto/tls_wolfssl.c:904:20: error: 'GEN_URI' undeclared (first use in this function) gen->type != GEN_URI) ^~~~~~~ make[3]: *** [Makefile:1302: ../src/crypto/tls_wolfssl.o] Error 1 The attached patch fixes it me. > --- > package/libs/wolfssl/Makefile | 6 +++--- > .../patches/100-disable-hardening-check.patch | 2 +- > .../patches/110-fix-build-on-big-endian.patch | 20 +++++++++++++++++++ > 3 files changed, 24 insertions(+), 4 deletions(-) > create mode 100644 package/libs/wolfssl/patches/110-fix-build-on-big-endian.patch > > diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile > index 159cfbc53f74..eb77caee3392 100644 > --- a/package/libs/wolfssl/Makefile > +++ b/package/libs/wolfssl/Makefile > @@ -8,12 +8,12 @@ > include $(TOPDIR)/rules.mk > > PKG_NAME:=wolfssl > -PKG_VERSION:=4.4.0-stable > -PKG_RELEASE:=2 > +PKG_VERSION:=4.5.0-stable > +PKG_RELEASE:=1 > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz > PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION) > -PKG_HASH:=7f854804c8ae0ca49cc77809e38e9a3b5a8c91ba7855ea928e6d6651b0d35f18 > +PKG_HASH:=7de62300ce14daa0051bfefc7c4d6302f96cabc768b6ae49eda77523b118250c > > PKG_FIXUP:=libtool > PKG_INSTALL:=1 > diff --git a/package/libs/wolfssl/patches/100-disable-hardening-check.patch b/package/libs/wolfssl/patches/100-disable-hardening-check.patch > index 5d83eca770ea..43337ba97024 100644 > --- a/package/libs/wolfssl/patches/100-disable-hardening-check.patch > +++ b/package/libs/wolfssl/patches/100-disable-hardening-check.patch > @@ -1,6 +1,6 @@ > --- a/wolfssl/wolfcrypt/settings.h > +++ b/wolfssl/wolfcrypt/settings.h > -@@ -1930,7 +1930,7 @@ extern void uITRON4_free(void *p) ; > +@@ -2128,7 +2128,7 @@ extern void uITRON4_free(void *p) ; > #endif > > /* warning for not using harden build options (default with ./configure) */ > diff --git a/package/libs/wolfssl/patches/110-fix-build-on-big-endian.patch b/package/libs/wolfssl/patches/110-fix-build-on-big-endian.patch > new file mode 100644 > index 000000000000..820501d2bb5d > --- /dev/null > +++ b/package/libs/wolfssl/patches/110-fix-build-on-big-endian.patch > @@ -0,0 +1,20 @@ > +See https://github.com/wolfSSL/wolfssl/issues/3240 for details > + > +--- a/wolfcrypt/src/misc.c > ++++ b/wolfcrypt/src/misc.c > +@@ -120,7 +120,6 @@ WC_STATIC WC_INLINE word32 ByteReverseWo > + return rotlFixed(value, 16U); > + #endif > + } > +-#if defined(LITTLE_ENDIAN_ORDER) > + /* This routine performs a byte swap of words array of a given count. */ > + WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in, > + word32 byteCount) > +@@ -131,7 +130,6 @@ WC_STATIC WC_INLINE void ByteReverseWord > + out[i] = ByteReverseWord32(in[i]); > + > + } > +-#endif /* LITTLE_ENDIAN_ORDER */ > + > + #if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_NO_WORD64_OPS) > + >
On 8/27/20 9:25 AM, Andre Heider wrote: > Hi, > > On 26/08/2020 00:19, Hauke Mehrtens wrote: >> This fixes the following security problems: >> * In earlier versions of wolfSSL there exists a potential man in the >> middle attack on TLS 1.3 clients. >> * Denial of service attack on TLS 1.3 servers from repetitively sending >> ChangeCipherSpecs messages. (CVE-2020-12457) >> * Potential cache timing attacks on public key operations in builds that >> are not using SP (single precision). (CVE-2020-15309) >> * When using SGX with EC scalar multiplication the possibility of side- >> channel attacks are present. >> * Leak of private key in the case that PEM format private keys are >> bundled in with PEM certificates into a single file. >> * During the handshake, clear application_data messages in epoch 0 are >> processed and returned to the application. >> >> Full changelog: >> https://www.wolfssl.com/docs/wolfssl-changelog/ >> >> Add a patch which fixes a build problem on big endian systems, see >> https://github.com/wolfSSL/wolfssl/issues/3240 for details. >> >> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> > > I think due to this hostapd (CONFIG_PACKAGE_wpad-wolfssl=y) now fails to > compile: > ../src/crypto/tls_wolfssl.c: In function 'tls_match_alt_subject': > ../src/crypto/tls_wolfssl.c:610:11: error: 'GEN_EMAIL' undeclared (first > use in this function); did you mean 'ENAVAIL'? > type = GEN_EMAIL; > ^~~~~~~~~ > ENAVAIL > ../src/crypto/tls_wolfssl.c:610:11: note: each undeclared identifier is > reported only once for each function it appears in > ../src/crypto/tls_wolfssl.c:613:11: error: 'GEN_DNS' undeclared (first > use in this function) > type = GEN_DNS; > ^~~~~~~ > ../src/crypto/tls_wolfssl.c:616:11: error: 'GEN_URI' undeclared (first > use in this function) > type = GEN_URI; > ^~~~~~~ > ../src/crypto/tls_wolfssl.c: In function 'wolfssl_tls_cert_event': > ../src/crypto/tls_wolfssl.c:902:20: error: 'GEN_EMAIL' undeclared (first > use in this function); did you mean 'ENAVAIL'? > if (gen->type != GEN_EMAIL && > ^~~~~~~~~ > ENAVAIL > ../src/crypto/tls_wolfssl.c:903:20: error: 'GEN_DNS' undeclared (first > use in this function) > gen->type != GEN_DNS && > ^~~~~~~ > ../src/crypto/tls_wolfssl.c:904:20: error: 'GEN_URI' undeclared (first > use in this function) > gen->type != GEN_URI) > ^~~~~~~ > make[3]: *** [Makefile:1302: ../src/crypto/tls_wolfssl.o] Error 1 > > The attached patch fixes it me. > Thank you for spotting this, it only happened when we compile one of the hostapd version with enterprise WPA support. The build bots also found this. It is It is fixed in master now. Hauke
diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile index 159cfbc53f74..eb77caee3392 100644 --- a/package/libs/wolfssl/Makefile +++ b/package/libs/wolfssl/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl -PKG_VERSION:=4.4.0-stable -PKG_RELEASE:=2 +PKG_VERSION:=4.5.0-stable +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION) -PKG_HASH:=7f854804c8ae0ca49cc77809e38e9a3b5a8c91ba7855ea928e6d6651b0d35f18 +PKG_HASH:=7de62300ce14daa0051bfefc7c4d6302f96cabc768b6ae49eda77523b118250c PKG_FIXUP:=libtool PKG_INSTALL:=1 diff --git a/package/libs/wolfssl/patches/100-disable-hardening-check.patch b/package/libs/wolfssl/patches/100-disable-hardening-check.patch index 5d83eca770ea..43337ba97024 100644 --- a/package/libs/wolfssl/patches/100-disable-hardening-check.patch +++ b/package/libs/wolfssl/patches/100-disable-hardening-check.patch @@ -1,6 +1,6 @@ --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h -@@ -1930,7 +1930,7 @@ extern void uITRON4_free(void *p) ; +@@ -2128,7 +2128,7 @@ extern void uITRON4_free(void *p) ; #endif /* warning for not using harden build options (default with ./configure) */ diff --git a/package/libs/wolfssl/patches/110-fix-build-on-big-endian.patch b/package/libs/wolfssl/patches/110-fix-build-on-big-endian.patch new file mode 100644 index 000000000000..820501d2bb5d --- /dev/null +++ b/package/libs/wolfssl/patches/110-fix-build-on-big-endian.patch @@ -0,0 +1,20 @@ +See https://github.com/wolfSSL/wolfssl/issues/3240 for details + +--- a/wolfcrypt/src/misc.c ++++ b/wolfcrypt/src/misc.c +@@ -120,7 +120,6 @@ WC_STATIC WC_INLINE word32 ByteReverseWo + return rotlFixed(value, 16U); + #endif + } +-#if defined(LITTLE_ENDIAN_ORDER) + /* This routine performs a byte swap of words array of a given count. */ + WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in, + word32 byteCount) +@@ -131,7 +130,6 @@ WC_STATIC WC_INLINE void ByteReverseWord + out[i] = ByteReverseWord32(in[i]); + + } +-#endif /* LITTLE_ENDIAN_ORDER */ + + #if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_NO_WORD64_OPS) +
This fixes the following security problems: * In earlier versions of wolfSSL there exists a potential man in the middle attack on TLS 1.3 clients. * Denial of service attack on TLS 1.3 servers from repetitively sending ChangeCipherSpecs messages. (CVE-2020-12457) * Potential cache timing attacks on public key operations in builds that are not using SP (single precision). (CVE-2020-15309) * When using SGX with EC scalar multiplication the possibility of side- channel attacks are present. * Leak of private key in the case that PEM format private keys are bundled in with PEM certificates into a single file. * During the handshake, clear application_data messages in epoch 0 are processed and returned to the application. Full changelog: https://www.wolfssl.com/docs/wolfssl-changelog/ Add a patch which fixes a build problem on big endian systems, see https://github.com/wolfSSL/wolfssl/issues/3240 for details. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> --- package/libs/wolfssl/Makefile | 6 +++--- .../patches/100-disable-hardening-check.patch | 2 +- .../patches/110-fix-build-on-big-endian.patch | 20 +++++++++++++++++++ 3 files changed, 24 insertions(+), 4 deletions(-) create mode 100644 package/libs/wolfssl/patches/110-fix-build-on-big-endian.patch