NetBSD Problem Report #39767

From ws@solfrank.net  Sun Oct 19 09:15:26 2008
Return-Path: <ws@solfrank.net>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by narn.NetBSD.org (Postfix) with ESMTP id 6358663B93C
	for <gnats-bugs@gnats.NetBSD.org>; Sun, 19 Oct 2008 09:15:26 +0000 (UTC)
Message-Id: <20081019091522.E9709853B8@ws.solfrank.net>
Date: Sun, 19 Oct 2008 11:15:22 +0200 (MEST)
From: Wolfgang@solfrank.net
Reply-To: Wolfgang@solfrank.net
To: gnats-bugs@gnats.NetBSD.org
Subject: openssl pkcs12 dumps core
X-Send-Pr-Version: 3.95

>Number:         39767
>Category:       security
>Synopsis:       openssl pkcs12 dumps core
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    security-officer
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Oct 19 09:20:00 +0000 2008
>Closed-Date:    Sat Oct 25 12:21:59 +0000 2008
>Last-Modified:  Sat Oct 25 12:21:59 +0000 2008
>Originator:     Wolfgang Solfrank
>Release:        NetBSD 4.99.72
>Organization:
NetBSD
>Environment:
System: NetBSD ws.solfrank.net 4.99.72 NetBSD 4.99.72 (ws) #18: Wed Sep 24 21:29:44 MEST 2008 ws@ws.solfrank.net:/src/obj/sys/arch/amd64/compile/ws amd64
Architecture: x86_64
Machine: amd64
>Description:
	Trying to generate a pfx file from a certificate and a key
	with a friendly name dumps core.

>How-To-Repeat:
	openssl pkcs12 -in me.pem -inkey me.key -out me.pfx -export -name Me

	It seems that with the last import of openssl the semantics of
	the last argument to the routine PKCS12_add_friendlyname being -1
	changed.  While previously it meant that the routine would find the
	length of the second argument, the C string name, by itself, it
	now means the the second argument isn't a C string, but an ASN1
	string.

	The problem is that the pkcs12 code wasn't adapted to this change
	in semantics.

>Fix:
Index: crypto/dist/openssl/crypto/pkcs12/p12_crt.c
===================================================================
RCS file: /cvsroot/src/crypto/dist/openssl/crypto/pkcs12/p12_crt.c,v
retrieving revision 1.1.1.5
diff -u -r1.1.1.5 p12_crt.c
--- crypto/dist/openssl/crypto/pkcs12/p12_crt.c	25 Nov 2005 03:06:46 -0000	1.1.1.5
+++ crypto/dist/openssl/crypto/pkcs12/p12_crt.c	19 Oct 2008 09:13:43 -0000
@@ -101,7 +101,7 @@
 	if (cert)
 		{
 		bag = PKCS12_add_cert(&bags, cert);
-		if(name && !PKCS12_add_friendlyname(bag, name, -1))
+		if(name && !PKCS12_add_friendlyname(bag, name, strlen(name)))
 			goto err;
 		if(keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
 			goto err;
@@ -137,7 +137,7 @@
 				goto err;
 			}

-		if(name && !PKCS12_add_friendlyname(bag, name, -1))
+		if(name && !PKCS12_add_friendlyname(bag, name, strlen(name)))
 			goto err;
 		if(keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
 			goto err;

>Release-Note:

>Audit-Trail:
From: Wolfgang Solfrank <Wolfgang@Solfrank.net>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: security/39767: openssl pkcs12 dumps core
Date: Mon, 20 Oct 2008 12:39:47 +0200

 Hi,

 today I had a look at the current openssl sources.  There they fixed this
 bug differently, by in part reverting the change that made a length argument
 of -1 special.  Their diff can be found at:
 http://cvs.openssl.org/filediff?f=openssl/crypto/x509/x509_att.c&v1=1.14&v2=1.15

 Hope it helps.

 Ciao,
 Wolfgang
 -- 
 Wolfgang@Solfrank.net

From: Adrian Portelli <adrianp@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/39767 CVS commit: pkgsrc/security/openssl
Date: Sat, 25 Oct 2008 12:03:36 +0000 (UTC)

 Module Name:	pkgsrc
 Committed By:	adrianp
 Date:		Sat Oct 25 12:03:36 UTC 2008

 Modified Files:
 	pkgsrc/security/openssl: Makefile distinfo

 Log Message:
 OpenSSL is not JOBS_SAFE
 Pull in a fix from the OpenSSL CVS:
 http://cvs.openssl.org/filediff?f=openssl/crypto/x509/x509_att.c&v1=1.14&v2=1.15
 This should fix PR #39767 opened by Wolfgang Solfrank


 To generate a diff of this commit:
 cvs rdiff -r1.135 -r1.136 pkgsrc/security/openssl/Makefile
 cvs rdiff -r1.63 -r1.64 pkgsrc/security/openssl/distinfo

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: Adrian Portelli <adrianp@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/39767 CVS commit: src/crypto/dist/openssl/crypto/x509
Date: Sat, 25 Oct 2008 12:11:47 +0000 (UTC)

 Module Name:	src
 Committed By:	adrianp
 Date:		Sat Oct 25 12:11:47 UTC 2008

 Modified Files:
 	src/crypto/dist/openssl/crypto/x509: x509_att.c

 Log Message:
 Pull in a fix from the OpenSSL CVS:
 http://cvs.openssl.org/filediff?f=openssl/crypto/x509/x509_att.c&v1=1.14&v2=1.15
 This should fix PR #39767 opened by Wolfgang Solfrank


 To generate a diff of this commit:
 cvs rdiff -r1.1.1.4 -r1.2 src/crypto/dist/openssl/crypto/x509/x509_att.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: adrianp@NetBSD.org
State-Changed-When: Sat, 25 Oct 2008 12:21:59 +0000
State-Changed-Why:
Changes committed to HEAD and pkgsrc - thank for the PR !


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.