[openssl] master update

bernd.edlinger at hotmail.de bernd.edlinger at hotmail.de
Tue Feb 8 12:27:45 UTC 2022


The branch master has been updated
       via  14db620282bea38dc44479e562cf9bb61a716444 (commit)
       via  9362a1b32b7330e24d3bca230b412557caea095b (commit)
      from  eafd3e9d07e99583a1439bb027e4d6af43e2df27 (commit)


- Log -----------------------------------------------------------------
commit 14db620282bea38dc44479e562cf9bb61a716444
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Sun Jan 16 17:59:17 2022 +0100

    Check for presence of 1.1.x openssl runtime
    
    if the newly loaded engine contains the symbol
    EVP_PKEY_base_id, we know it is linked to 1.1.x openssl.
    Abort loading this engine, as it will definitely crash.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17112)

commit 9362a1b32b7330e24d3bca230b412557caea095b
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Mon Nov 22 21:50:04 2021 +0100

    Prevent crash with engine using different openssl runtime
    
    This problem happens usually because an application
    links libcrypto and/or libssl statically which
    installs an atexit handler, but later an engine using
    a shared instance of libcrypto is installed.
    The problem is in simple words that both instances
    of libcrypto have an atexit handler installed,
    but both are unable to coordinate with each other,
    which causes a crash, typically a use-after-free
    in the engine's destroy function.
    
    Work around that by preventing the engine's
    libcrypto to install the atexit handler.
    This may result in a small memory leak, but that
    memory is still reachable.
    
    Fixes #15898
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17112)

-----------------------------------------------------------------------

Summary of changes:
 crypto/engine/eng_dyn.c  | 11 ++++++++++-
 include/openssl/engine.h |  1 +
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
index c8a54f7d44..68b9ac311d 100644
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@@ -451,8 +451,17 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
          * We fail if the version checker veto'd the load *or* if it is
          * deferring to us (by returning its version) and we think it is too
          * old.
+         * Unfortunately the version checker does not distinguish between
+         * engines built for openssl 1.1.x and openssl 3.x, but loading
+         * an engine that is built for openssl 1.1.x will cause a fatal
+         * error.  Detect such engines, since EVP_PKEY_base_id is exported
+         * as a function in openssl 1.1.x, while it is a macro in openssl 3.x,
+         * and therefore only the symbol EVP_PKEY_get_base_id is available
+         * in openssl 3.x.
          */
-        if (vcheck_res < OSSL_DYNAMIC_OLDEST) {
+        if (vcheck_res < OSSL_DYNAMIC_OLDEST
+                || DSO_bind_func(ctx->dynamic_dso,
+                                 "EVP_PKEY_base_id") != NULL) {
             /* Fail */
             ctx->bind_engine = NULL;
             ctx->v_check = NULL;
diff --git a/include/openssl/engine.h b/include/openssl/engine.h
index 25c3cf7c19..70c856a9cd 100644
--- a/include/openssl/engine.h
+++ b/include/openssl/engine.h
@@ -801,6 +801,7 @@ typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
             CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \
                                      fns->mem_fns.realloc_fn, \
                                      fns->mem_fns.free_fn); \
+            OPENSSL_init_crypto(OPENSSL_INIT_NO_ATEXIT, NULL); \
         skip_cbs: \
             if (!fn(e, id)) return 0; \
             return 1; }


More information about the openssl-commits mailing list