Fix for openssl 1.0.2 backport

Default Comment by Bridge

The change looks obvious.

Is this upstreamed already? What is the upstream commit id?

Can you please provide the following info:

[Impact]

 * An explanation of the effects of the bug on users and

 * justification for backporting the fix to the stable release.

 * In addition, it is helpful, but not required, to include an
   explanation of how the upload fixes this bug.

[Test Case]

 * detailed instructions how to reproduce the bug

 * these should allow someone who is not familiar with the affected
   package to reproduce the bug and verify that the updated package fixes
   the problem.

[Regression Potential]

 * discussion of how regressions are most likely to manifest as a result of this change.

 * It is assumed that any SRU candidate patch is well-tested before
   upload and has a low overall risk of regression, but it's important
   to make the effort to think about what ''could'' happen in the
   event of a regression.

 * This both shows the SRU team that the risks have been considered,
   and provides guidance to testers in regression-testing the SRU.

It should be fairly straightforward for you to explain above I hope. Specifically how to test/excercise this code path?

------- Comment From <email address hidden> 2018-06-06 05:16 EDT-------
> Is this upstreamed already? What is the upstream commit id?

As i said in #1, openssl upstream/master and 1.1.0 backports are not affected. The bug was introduced with the 1.0.2 backport (of upstream commit 96530eea93d27e536f4e93956256cf8dcda7d469).

> An explanation of the effects of the bug on users

Using openssl tls 1.2 with aes-gcm cipher-suites on s390 can lead to unexpected authentication failures.

> justification for backporting the fix to the stable release

Fix unexpected authentication failures when using openssl tls 1.2 with aes-gcm cipher-suites on s390.

> In addition, it is helpful, but not required, to include an explanation of how the upload fixes this bug

After openssl 1.0.2 most data structures were made opaque. Backporting to 1.0.2 means reversing this process. In case of this backport, accidentially the wrong structure member was assessed in one place in the s390 platform-specific aes-gcm tls code path. The uploaded fixes this bug by accessing the right structure member.

> detailed instructions how to reproduce the bug
> these should allow someone who is not familiar with the affected package to reproduce the bug and verify that the updated package fixes the problem.

Apply original backport patches to openssl 1.0.2 source. Build and run the test suite (make test). Observe test case failure when testing aes-gcm cipher suites. Apply the uploaded fix and repeat. Observe the test suite pass.

> [Regression Potential] ...

I dont see any risk for regression regarding this fix.

> Specifically how to test/excercise this code path?

As noted above, the openssl test suite exercises this code path (at least with high probability i.e., i hit the problem at 5/5 runs).

------- Comment From <email address hidden> 2018-11-28 06:02 EDT-------
@Canonical. any update available here? Thx

------- Comment From <email address hidden> 2019-02-07 09:42 EDT-------
@Canonical. any update available here? Thx

This will be uploaded into the unapproved queue for SRU review on 27th of February.

https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1743750
is [18.04 FEAT] Add support for CPACF enhancements to openssl
also known as ltc-163655 and is only present in bionic.

In xenial:
we have src:openssl, 1.0.2 which does not have CPACF backport, and therefore the attached patch does not apply at all, and also there are no issues to fix there either. Unless, you mean openssl-ibmca is also affected in xenial? in that case do you have a patch for openssl-ibmca?

In bionic:
we have src:openssl, 1.1.0 which is not affected as you say, as the default openssl version.
we also have src:openssl1.0 which does have CPACF backport and the attached patch applies to. Please note, that openssl1.0 is only used by a small amount of packages in bionic. We are preparing the update for that package.

openssl1.0 is removed from disco.

This bug was fixed in the package openssl1.0 - 1.0.2n-1ubuntu6.2

---------------
openssl1.0 (1.0.2n-1ubuntu6.2) cosmic-security; urgency=medium

  * SECURITY UPDATE: 0-byte record padding oracle
    - debian/patches/CVE-2019-1559.patch: go into the error state if a
      fatal alert is sent or received in ssl/d1_pkt.c, ssl/s3_pkt.c.
    - CVE-2019-1559
  * debian/patches/s390x-fix-aes-gcm-tls.patch: fix typo in backported
    s390x hw acceleration patch. (LP: #1775018)

 -- Marc Deslauriers <email address hidden> Tue, 26 Feb 2019 14:45:07 -0500

This bug was fixed in the package openssl1.0 - 1.0.2n-1ubuntu5.3

---------------
openssl1.0 (1.0.2n-1ubuntu5.3) bionic-security; urgency=medium

  * SECURITY UPDATE: 0-byte record padding oracle
    - debian/patches/CVE-2019-1559.patch: go into the error state if a
      fatal alert is sent or received in ssl/d1_pkt.c, ssl/s3_pkt.c.
    - CVE-2019-1559
  * debian/patches/s390x-fix-aes-gcm-tls.patch: fix typo in backported
    s390x hw acceleration patch. (LP: #1775018)

 -- Marc Deslauriers <email address hidden> Tue, 26 Feb 2019 14:46:16 -0500

------- Comment From <email address hidden> 2019-02-28 03:46 EDT-------
IBM bugzilla status -> closed, Fix Release for all requested distros