Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.com/openssl/openssl Commit: 01b533540a555fc3a9eee4957c3feec1168cd709 https://github.com/openssl/openssl/commit/01b533540a555fc3a9eee4957c3feec1168cd709 Author: Adam Joseph <a...@westernsemico.com> Date: 2022-10-03 (Mon, 03 Oct 2022)
Changed paths: M Configurations/10-main.conf Log Message: ----------- Configurations: mips64*-linux-*abin32 needs bn_ops SIXTY_FOUR_BIT The IRIX mips64-cpu, n32-abi configurations include SIXTY_FOUR_BIT in bn_ops, but it is missing from mips64*-linux-*abin32 (which OpenSSL calls "linux-mips64"). This causes heap corruption when verifying TLS certificates (which tend to be RSA-signed) with openssl 1.1.1q: ``` nix@oak:~$ /nix/store/4k04dh6a1zs6hxiacwcg4a4nvxvgli2j-openssl-mips64el-unknown-linux-gnuabin32-1.1.1q-bin/bin/openssl s_client -host www.google.com -port 443free(): invalid pointer Aborted ``` and a slightly different failure with current HEAD: ``` nix@oak:~$ /nix/store/9bqxharxajsl9fid0c8ls6fb9wxp8kdc-openssl-mips64el-unknown-linux-gnuabin32-1.1.1q-bin/bin/openssl s_client -host www.google.com -port 443 Connecting to 142.250.180.4 CONNECTED(00000003) Fatal glibc error: malloc assertion failure in sysmalloc: (old_top == initial_top (av) && old_size == 0) || ((unsigned long) (old_size) >= MINSIZE && prev_inuse (old_top) && ((unsigned long) old_end & (pagesize - 1)) == 0) Aborted ``` Applying this patch and recompiling produces the expected output instead of a crash. Note that Gentoo (and to my knowledge all other other distributions which support mips64n32) use the `linux-generic32` configuration, which uses only 32-bit arithmetic (rather than full 64-bit arithmetic) and lacks assembler implementations for the SHA hash functions: https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/openssl/files/gentoo.config-1.0.2#n102 For support in nixpkgs we would like to use the full 64-bit integer registers and perlasm routines, so I'm submitting this upstream as well. Fixes #19319 CLA: trivial Reviewed-by: Tomas Mraz <to...@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlin...@hotmail.de> Reviewed-by: Paul Dale <pa...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19320) (cherry picked from commit d250e8563fa400fd3d9b93cff609c7503149b908)