From e88edba9c7892c051862775e5ccb323ad088b68d Mon Sep 17 00:00:00 2001
From: Tomáš Mráz <tmraz@fedoraproject.org>
Date: Nov 18 2009 14:03:10 +0000
Subject: - disable enforcement of the renegotiation extension on the client

    (#537962)
- add fixes from the current upstream snapshot

---

diff --git a/openssl-1.0.0-beta4-backports.patch b/openssl-1.0.0-beta4-backports.patch
new file mode 100644
index 0000000..ad4c7e4
--- /dev/null
+++ b/openssl-1.0.0-beta4-backports.patch
@@ -0,0 +1,45 @@
+diff -up openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c.backports openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c
+--- openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c.backports	2008-11-12 04:57:49.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c	2009-11-18 14:11:14.000000000 +0100
+@@ -87,9 +87,13 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PK
+ 		}
+ 	else	ret= *a;
+ 
+-	ret->save_type=type;
+-	ret->type=EVP_PKEY_type(type);
+-	switch (ret->type)
++	if (!EVP_PKEY_set_type(ret, type))
++		{
++		ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
++		goto err;
++		}
++
++	switch (EVP_PKEY_id(ret))
+ 		{
+ #ifndef OPENSSL_NO_RSA
+ 	case EVP_PKEY_RSA:
+diff -up openssl-1.0.0-beta4/crypto/evp/p_lib.c.backports openssl-1.0.0-beta4/crypto/evp/p_lib.c
+--- openssl-1.0.0-beta4/crypto/evp/p_lib.c.backports	2006-07-04 22:27:44.000000000 +0200
++++ openssl-1.0.0-beta4/crypto/evp/p_lib.c	2009-11-18 14:11:26.000000000 +0100
+@@ -220,7 +220,10 @@ static int pkey_set_type(EVP_PKEY *pkey,
+ #ifndef OPENSSL_NO_ENGINE
+ 		/* If we have an ENGINE release it */
+ 		if (pkey->engine)
++			{
+ 			ENGINE_finish(pkey->engine);
++			pkey->engine = NULL;
++			}
+ #endif
+ 		}
+ 	if (str)
+diff -up openssl-1.0.0-beta4/crypto/x509/x509_vfy.c.backports openssl-1.0.0-beta4/crypto/x509/x509_vfy.c
+--- openssl-1.0.0-beta4/crypto/x509/x509_vfy.c.backports	2009-10-31 20:21:47.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/x509/x509_vfy.c	2009-11-18 14:11:31.000000000 +0100
+@@ -1727,6 +1727,7 @@ int X509_cmp_time(const ASN1_TIME *ctm, 
+ 			offset= -offset;
+ 		}
+ 	atm.type=ctm->type;
++	atm.flags = 0;
+ 	atm.length=sizeof(buff2);
+ 	atm.data=(unsigned char *)buff2;
+ 
diff --git a/openssl-1.0.0-beta4-client-reneg.patch b/openssl-1.0.0-beta4-client-reneg.patch
new file mode 100644
index 0000000..11b9ab7
--- /dev/null
+++ b/openssl-1.0.0-beta4-client-reneg.patch
@@ -0,0 +1,35 @@
+Do not enforce the renegotiation extension on the client - too many broken servers remain.
+diff -up openssl-1.0.0-beta4/ssl/t1_lib.c.client-reneg openssl-1.0.0-beta4/ssl/t1_lib.c
+--- openssl-1.0.0-beta4/ssl/t1_lib.c.client-reneg	2009-11-12 15:17:29.000000000 +0100
++++ openssl-1.0.0-beta4/ssl/t1_lib.c	2009-11-18 14:04:19.000000000 +0100
+@@ -985,6 +985,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
+ 
+ 	if (data >= (d+n-2))
+ 		{
++#if 0
+ 		/* Because the client does not see any renegotiation during an
+ 		   attack, we must enforce this on all server hellos, even the
+ 		   first */
+@@ -994,6 +995,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
+ 			*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
+ 			return 0;
+ 			}
++#endif
+ 		return 1;
+ 		}
+ 
+@@ -1126,12 +1128,14 @@ int ssl_parse_serverhello_tlsext(SSL *s,
+ 		return 0;
+ 		}
+ 
++#if 0
+ 	if (!renegotiate_seen
+ 		&& !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+ 		{
+ 		*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
+ 		return 0;
+ 		}
++#endif
+ 
+ 	if (!s->hit && tlsext_servername == 1)
+ 		{
diff --git a/openssl.spec b/openssl.spec
index 62d1c52..8f1d2ba 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -23,7 +23,7 @@
 Summary: A general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.0
-Release: 0.12.%{beta}%{?dist}
+Release: 0.13.%{beta}%{?dist}
 # We remove certain patented algorithms from the openssl source tarball
 # with the hobble-openssl script which is included below.
 Source: openssl-%{version}-%{beta}-usa.tar.bz2
@@ -63,6 +63,9 @@ Patch50: openssl-1.0.0-beta4-dtls1-abi.patch
 Patch51: openssl-1.0.0-beta4-version.patch
 # Backported fixes including security fixes
 Patch60: openssl-1.0.0-beta4-reneg.patch
+# This one is not backported but has to be applied after reneg patch
+Patch61: openssl-1.0.0-beta4-client-reneg.patch
+Patch62: openssl-1.0.0-beta4-backports.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -143,6 +146,8 @@ from other formats to the formats used by the OpenSSL toolkit.
 %patch51 -p1 -b .version
 
 %patch60 -p1 -b .reneg
+%patch61 -p1 -b .client-reneg
+%patch62 -p1 -b .backports
 
 # Modify the various perl scripts to reference perl in the right location.
 perl util/perlpath.pl `dirname %{__perl}`
@@ -391,6 +396,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 %postun -p /sbin/ldconfig
 
 %changelog
+* Wed Nov 18 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.13.beta4
+- disable enforcement of the renegotiation extension on the client (#537962)
+- add fixes from the current upstream snapshot
+
 * Fri Nov 13 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.12.beta4
 - keep the beta status in version number at 3 so we do not have to rebuild
   openssh and possibly other dependencies with too strict version check