From 6b97172a282e0826f577da922b0f2009b59c13a4 Mon Sep 17 00:00:00 2001
From: cperciva <cperciva@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Date: Thu, 3 Dec 2009 09:18:40 +0000
Subject: [PATCH] Disable SSL renegotiation in order to protect against a
 serious protocol flaw. [09:15]

Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]

Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:15.ssl
Security:	FreeBSD-SA-09:16.rtld
Security:	FreeBSD-SA-09:17.freebsd-udpate


git-svn-id: svn://svn.freebsd.org/base/releng/7.2@200054 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
---
 UPDATING                                  | 11 +++++++++++
 crypto/openssl/ssl/s3_lib.c               |  3 +++
 crypto/openssl/ssl/s3_pkt.c               |  7 ++-----
 crypto/openssl/ssl/s3_srvr.c              |  7 +++++++
 etc/mtree/BSD.var.dist                    |  2 +-
 libexec/rtld-elf/rtld.c                   | 11 ++++++-----
 usr.sbin/freebsd-update/freebsd-update.sh |  1 +
 7 files changed, 31 insertions(+), 11 deletions(-)

diff --git a/UPDATING b/UPDATING
index 6e613aa5..db3e1633 100644
--- a/UPDATING
+++ b/UPDATING
@@ -8,6 +8,17 @@ Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before running
 portupgrade.
 
+20091203:	p5	FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:16.rtld,
+			FreeBSD-SA-09:17.freebsd-update
+	Disable SSL renegotiation in order to protect against a serious
+	protocol flaw. [09:15]
+
+	Correctly handle failures from unsetenv resulting from a corrupt
+	environment in rtld-elf. [09:16]
+
+	Fix permissions in freebsd-update in order to prevent leakage of
+	sensitive files. [09:17]
+
 20091002:	p4	FreeBSD-SA-09:14.devfs FreeBSD-EN-09:05.null
 	Fix devfs / VFS NULL pointer race condition. [SA-09:14]
 
diff --git a/crypto/openssl/ssl/s3_lib.c b/crypto/openssl/ssl/s3_lib.c
index 28eaf9dd..3d18c66f 100644
--- a/crypto/openssl/ssl/s3_lib.c
+++ b/crypto/openssl/ssl/s3_lib.c
@@ -2375,6 +2375,9 @@ int ssl3_renegotiate(SSL *s)
 	if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
 		return(0);
 
+	if (1)
+		return(0);
+
 	s->s3->renegotiate=1;
 	return(1);
 	}
diff --git a/crypto/openssl/ssl/s3_pkt.c b/crypto/openssl/ssl/s3_pkt.c
index 44c7c143..be4bfed2 100644
--- a/crypto/openssl/ssl/s3_pkt.c
+++ b/crypto/openssl/ssl/s3_pkt.c
@@ -976,9 +976,7 @@ start:
 		if (s->msg_callback)
 			s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg);
 
-		if (SSL_is_init_finished(s) &&
-			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
-			!s->s3->renegotiate)
+		if (0)
 			{
 			ssl3_renegotiate(s);
 			if (ssl3_renegotiate_check(s))
@@ -1109,8 +1107,7 @@ start:
 	/* Unexpected handshake message (Client Hello, or protocol violation) */
 	if ((s->s3->handshake_fragment_len >= 4) &&	!s->in_handshake)
 		{
-		if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
-			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
+		if (0)
 			{
 #if 0 /* worked only because C operator preferences are not as expected (and
        * because this is not really needed for clients except for detecting
diff --git a/crypto/openssl/ssl/s3_srvr.c b/crypto/openssl/ssl/s3_srvr.c
index 38ab6820..494381e8 100644
--- a/crypto/openssl/ssl/s3_srvr.c
+++ b/crypto/openssl/ssl/s3_srvr.c
@@ -672,6 +672,13 @@ int ssl3_get_client_hello(SSL *s)
 #endif
 	STACK_OF(SSL_CIPHER) *ciphers=NULL;
 
+	if (s->new_session)
+		{
+		al=SSL_AD_HANDSHAKE_FAILURE;
+		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+		goto f_err;
+		}
+
 	/* We do this so that we will respond with our native type.
 	 * If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
 	 * This down switching should be handled by a different method.
diff --git a/etc/mtree/BSD.var.dist b/etc/mtree/BSD.var.dist
index 29b48622..f55fbbb2 100644
--- a/etc/mtree/BSD.var.dist
+++ b/etc/mtree/BSD.var.dist
@@ -32,7 +32,7 @@
     db
         entropy         uname=operator gname=operator mode=0700
         ..
-        freebsd-update
+        freebsd-update  mode=0700
         ..
         ipf             mode=0700
         ..
diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
index 2eefb408..ed5022e3 100644
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@@ -360,11 +360,12 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp)
      * future processes to honor the potentially un-safe variables.
      */
     if (!trust) {
-        unsetenv(LD_ "PRELOAD");
-        unsetenv(LD_ "LIBMAP");
-        unsetenv(LD_ "LIBRARY_PATH");
-        unsetenv(LD_ "LIBMAP_DISABLE");
-        unsetenv(LD_ "DEBUG");
+        if (unsetenv(LD_ "PRELOAD") || unsetenv(LD_ "LIBMAP") ||
+	    unsetenv(LD_ "LIBRARY_PATH") || unsetenv(LD_ "LIBMAP_DISABLE") ||
+	    unsetenv(LD_ "DEBUG")) {
+		_rtld_error("environment corrupt; aborting");
+		die();
+	}
     }
     ld_debug = getenv(LD_ "DEBUG");
     libmap_disable = getenv(LD_ "LIBMAP_DISABLE") != NULL;
diff --git a/usr.sbin/freebsd-update/freebsd-update.sh b/usr.sbin/freebsd-update/freebsd-update.sh
index 331ef101..9d28c190 100644
--- a/usr.sbin/freebsd-update/freebsd-update.sh
+++ b/usr.sbin/freebsd-update/freebsd-update.sh
@@ -533,6 +533,7 @@ fetch_check_params () {
 		echo ${WORKDIR}
 		exit 1
 	fi
+	chmod 700 ${WORKDIR}
 	cd ${WORKDIR} || exit 1
 
 	# Generate release number.  The s/SECURITY/RELEASE/ bit exists
-- 
2.42.0