main/nss: backport fix for CVE-2018-12384

fixes #9478
author: Natanael Copa <ncopa@alpinelinux.org> 2018-10-02 15:11:45 +0200
committer: Natanael Copa <ncopa@alpinelinux.org> 2018-10-02 15:11:45 +0200
commit: 447318e4bff01df5d8424ebddea8345bd4a29501 (patch)
tree: 053e9d935aaa076ee040a979b35c20d5f98077b5
parent: 044957741907d97afb7e6b1510a87e94b430de1e (diff)
2 files changed, 88 insertions, 2 deletions
diff --git a/main/nss/APKBUILD b/main/nss/APKBUILD
index 169a1df4664..6e7d33fbed8 100644
--- a/main/nss/APKBUILD
+++ b/main/nss/APKBUILD
@@ -3,7 +3,7 @@
 pkgname=nss
 pkgver=3.36.1
 _ver=${pkgver//./_}
-pkgrel=0
+pkgrel=1
 pkgdesc="Mozilla Network Security Services"
 url="http://www.mozilla.org/projects/security/pki/nss/"
 arch="all"
@@ -19,9 +19,14 @@ source="http://ftp.mozilla.org/pub/security/$pkgname/releases/NSS_${pkgver//./_}
 	nss-softokn.pc.in
 	nss-config.in
 	add_spi+cacert_ca_certs.patch
+	CVE-2018-12384.patch
 	"
 builddir="$srcdir/$pkgname-$pkgver"
 
+# secfixes:
+#   3.36.1-r1:
+#   - CVE-2018-12384
+
 prepare() {
 	default_prepare
 
@@ -152,4 +157,5 @@ sha512sums="096fe4360b6d584a746ac6156830f8cff821fd173bd889d7a396238919328a227fa4
 0f2efa8563b11da68669d281b4459289a56f5a3a906eb60382126f3adcfe47420cdcedc6ab57727a3afeeffa2bbb4c750b43bef8b5f343a75c968411dfa30e09  nss-util.pc.in
 09c69d4cc39ec9deebc88696a80d0f15eb2d8c94d9daa234a2adfec941b63805eb4ce7f2e1943857b938bddcaee1beac246a0ec627b71563d9f846e6119a4a15  nss-softokn.pc.in
 2971669e128f06a9af40a5ba88218fa7c9eecfeeae8b0cf42e14f31ed12bf6fa4c5ce60289e078f50e2669a9376b56b45d7c29d726a7eac69ebe1d1e22dc710b  nss-config.in
-6e04556858499aec465d6670818465327ba2cb099061c2afee4b5cac8aa61938e0095906acfb38df6a1b70a6bde6dd69f08bb4c00a9d188e4cb3131b26c1bc16  add_spi+cacert_ca_certs.patch"
+6e04556858499aec465d6670818465327ba2cb099061c2afee4b5cac8aa61938e0095906acfb38df6a1b70a6bde6dd69f08bb4c00a9d188e4cb3131b26c1bc16  add_spi+cacert_ca_certs.patch
+8dbaccb13187445f534fe6371462d71b178f156a405a8b6ac9c58df7412e28b82328e412ef6de06697dc39036d8af3ab7938dfbcf3feb6814a793563e0610b2e  CVE-2018-12384.patch"
diff --git a/main/nss/CVE-2018-12384.patch b/main/nss/CVE-2018-12384.patch
new file mode 100644
index 00000000000..51447f97b31
--- /dev/null
+++ b/main/nss/CVE-2018-12384.patch
@@ -0,0 +1,80 @@
+
+# HG changeset patch
+# User Martin Thomson <mt@mozilla.com>
+# Date 1535720767 -7200
+# Node ID 46f9a1f40c3dd53cf4627e007429530fe989f592
+# Parent  93108979390d163ae97d73db5a2df883d2bf8c62
+Bug 1483128, backported fix for CVE-2018-12384 to the NSS_3_36_BRANCH
+
+diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
+--- a/nss/lib/ssl/ssl3con.c
++++ b/nss/lib/ssl/ssl3con.c
+@@ -8077,24 +8077,16 @@ ssl3_HandleClientHello(sslSocket *ss, PR
+         rv = SECITEM_CopyItem(NULL, &ss->ssl3.hs.fakeSid, &sidBytes);
+         if (rv != SECSuccess) {
+             desc = internal_error;
+             errCode = PORT_GetError();
+             goto alert_loser;
+         }
+     }
+ 
+-    /* Generate the Server Random now so it is available
+-     * when we process the ClientKeyShare in TLS 1.3 */
+-    rv = ssl3_GetNewRandom(ss->ssl3.hs.server_random);
+-    if (rv != SECSuccess) {
+-        errCode = SSL_ERROR_GENERATE_RANDOM_FAILURE;
+-        goto loser;
+-    }
+-
+ #ifndef TLS_1_3_DRAFT_VERSION
+     /*
+      * [draft-ietf-tls-tls13-11 Section 6.3.1.1].
+      * TLS 1.3 server implementations which respond to a ClientHello with a
+      * client_version indicating TLS 1.2 or below MUST set the last eight
+      * bytes of their Random value to the bytes:
+      *
+      * 44 4F 57 4E 47 52 44 01
+@@ -8873,30 +8865,39 @@ loser:
+ 
+ SECStatus
+ ssl_ConstructServerHello(sslSocket *ss, PRBool helloRetry,
+                          const sslBuffer *extensionBuf, sslBuffer *messageBuf)
+ {
+     SECStatus rv;
+     SSL3ProtocolVersion version;
+     sslSessionID *sid = ss->sec.ci.sid;
++    const PRUint8 *random;
+ 
+     if (IS_DTLS(ss) && ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+         version = dtls_TLSVersionToDTLSVersion(ss->version);
+     } else {
+         version = PR_MIN(ss->version, SSL_LIBRARY_VERSION_TLS_1_2);
+     }
+ 
+     rv = sslBuffer_AppendNumber(messageBuf, version, 2);
+     if (rv != SECSuccess) {
+         return SECFailure;
+     }
+-    /* Random already generated in ssl3_HandleClientHello */
+-    rv = sslBuffer_Append(messageBuf, helloRetry ? ssl_hello_retry_random : ss->ssl3.hs.server_random,
+-                          SSL3_RANDOM_LENGTH);
++
++    if (helloRetry) {
++        random = ssl_hello_retry_random;
++    } else {
++        rv = ssl3_GetNewRandom(ss->ssl3.hs.server_random);
++        if (rv != SECSuccess) {
++            return SECFailure;
++        }
++        random = ss->ssl3.hs.server_random;
++    }
++    rv = sslBuffer_Append(messageBuf, random, SSL3_RANDOM_LENGTH);
+     if (rv != SECSuccess) {
+         return SECFailure;
+     }
+ 
+     if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+         if (sid) {
+             rv = sslBuffer_AppendVariable(messageBuf, sid->u.ssl3.sessionID,
+                                           sid->u.ssl3.sessionIDLength, 1);
+
author	Natanael Copa <ncopa@alpinelinux.org>	2018-10-02 15:11:45 +0200
committer	Natanael Copa <ncopa@alpinelinux.org>	2018-10-02 15:11:45 +0200
commit	447318e4bff01df5d8424ebddea8345bd4a29501 (patch)
tree	053e9d935aaa076ee040a979b35c20d5f98077b5
parent	044957741907d97afb7e6b1510a87e94b430de1e (diff)