diff -Nru openssl-1.0.1t/debian/changelog openssl-1.0.1t/debian/changelog --- openssl-1.0.1t/debian/changelog 2021-02-18 19:18:52.000000000 +0100 +++ openssl-1.0.1t/debian/changelog 2021-09-15 17:16:10.000000000 +0200 @@ -1,3 +1,13 @@ +openssl (1.0.1t-1+deb8u15) jessie-security; urgency=high + + * Non-maintainer upload by the LTS Security Team. + * Fix verification error with alternate chains. + Addresses issue with Let's Encrypt certificates starting 2021-10-01. + https://lists.debian.org/debian-lts/2021/09/msg00008.html + https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961889 + + -- Sylvain Beucler Wed, 15 Sep 2021 17:11:06 +0200 + openssl (1.0.1t-1+deb8u14) jessie-security; urgency=high * Non-maintainer upload by the ELTS team. diff -Nru openssl-1.0.1t/debian/patches/add-trusted_first-option-and-verify-flag.patch openssl-1.0.1t/debian/patches/add-trusted_first-option-and-verify-flag.patch --- openssl-1.0.1t/debian/patches/add-trusted_first-option-and-verify-flag.patch 1970-01-01 01:00:00.000000000 +0100 +++ openssl-1.0.1t/debian/patches/add-trusted_first-option-and-verify-flag.patch 2021-09-15 17:22:11.000000000 +0200 @@ -0,0 +1,60 @@ +Origin: https://github.com/openssl/openssl/commit/db28aa86e00b9121bee94d1e65506bf22d5ca6e3 +Reviewed-by: Sylvain Beucler +Last-Update: 2021-09-13 + +commit db28aa86e00b9121bee94d1e65506bf22d5ca6e3 +Author: Dr. Stephen Henson +Date: Thu Feb 25 12:21:48 2010 +0000 + + add -trusted_first option and verify flag + +Index: openssl-1.0.1t/apps/apps.c +=================================================================== +--- openssl-1.0.1t.orig/apps/apps.c ++++ openssl-1.0.1t/apps/apps.c +@@ -2239,6 +2239,8 @@ int args_verify(char ***pargs, int *parg + flags |= X509_V_FLAG_NOTIFY_POLICY; + else if (!strcmp(arg, "-check_ss_sig")) + flags |= X509_V_FLAG_CHECK_SS_SIGNATURE; ++ else if (!strcmp(arg, "-trusted_first")) ++ flags |= X509_V_FLAG_TRUSTED_FIRST; + else if (!strcmp(arg, "-no_alt_chains")) + flags |= X509_V_FLAG_NO_ALT_CHAINS; + else +Index: openssl-1.0.1t/crypto/x509/x509_vfy.c +=================================================================== +--- openssl-1.0.1t.orig/crypto/x509/x509_vfy.c ++++ openssl-1.0.1t/crypto/x509/x509_vfy.c +@@ -208,6 +208,19 @@ int X509_verify_cert(X509_STORE_CTX *ctx + /* If we are self signed, we break */ + if (ctx->check_issued(ctx, x, x)) + break; ++ /* If asked see if we can find issuer in trusted store first */ ++ if (ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST) { ++ ok = ctx->get_issuer(&xtmp, ctx, x); ++ if (ok < 0) ++ return ok; ++ /* If successful for now free up cert so it ++ * will be picked up again later. ++ */ ++ if (ok > 0) { ++ X509_free(xtmp); ++ break; ++ } ++ } + + /* If we were passed a cert chain, use it first */ + if (ctx->untrusted != NULL) { +Index: openssl-1.0.1t/crypto/x509/x509_vfy.h +=================================================================== +--- openssl-1.0.1t.orig/crypto/x509/x509_vfy.h ++++ openssl-1.0.1t/crypto/x509/x509_vfy.h +@@ -405,6 +405,8 @@ void X509_STORE_CTX_set_depth(X509_STORE + # define X509_V_FLAG_USE_DELTAS 0x2000 + /* Check selfsigned CA signature */ + # define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000 ++/* Use trusted store first */ ++#define X509_V_FLAG_TRUSTED_FIRST 0x8000 + /* + * If the initial chain is not trusted, do not attempt to build an alternative + * chain. Alternate chain checking was introduced in 1.0.1n/1.0.2b. Setting diff -Nru openssl-1.0.1t/debian/patches/Check-chain-extensions-also-for-trusted-certificates.patch openssl-1.0.1t/debian/patches/Check-chain-extensions-also-for-trusted-certificates.patch --- openssl-1.0.1t/debian/patches/Check-chain-extensions-also-for-trusted-certificates.patch 1970-01-01 01:00:00.000000000 +0100 +++ openssl-1.0.1t/debian/patches/Check-chain-extensions-also-for-trusted-certificates.patch 2021-09-15 17:21:19.000000000 +0200 @@ -0,0 +1,49 @@ +Origin: https://github.com/openssl/openssl/commit/0daccd4dc1f1ac62181738a91714f35472e50f3c +Origin: https://github.com/openssl/openssl/commit/cb22d2ae5a5b6069dbf66dbcce07223ac15a16de +Reviewed-by: Sylvain Beucler +Last-Update: 2021-09-13 + +commit 0daccd4dc1f1ac62181738a91714f35472e50f3c +Author: Viktor Dukhovni +Date: Thu Jan 28 03:01:45 2016 -0500 + + Check chain extensions also for trusted certificates + + This includes basic constraints, key usages, issuer EKUs and auxiliary + trust OIDs (given a trust suitably related to the intended purpose). + + Added tests and updated documentation. + + Reviewed-by: Dr. Stephen Henson + +--- +Also revert testcase change from +cb22d2ae5a5b6069dbf66dbcce07223ac15a16de +aligning it with later OpenSSL versions. + +Index: openssl-1.0.1t/crypto/x509/x509_vpm.c +=================================================================== +--- openssl-1.0.1t.orig/crypto/x509/x509_vpm.c ++++ openssl-1.0.1t/crypto/x509/x509_vpm.c +@@ -324,7 +324,7 @@ static const X509_VERIFY_PARAM default_t + "default", /* X509 default parameters */ + 0, /* Check time */ + 0, /* internal flags */ +- 0, /* flags */ ++ X509_V_FLAG_TRUSTED_FIRST, /* flags */ + 0, /* purpose */ + 0, /* trust */ + 100, /* depth */ +Index: openssl-1.0.1t/crypto/x509/verify_extra_test.c +=================================================================== +--- openssl-1.0.1t.orig/crypto/x509/verify_extra_test.c ++++ openssl-1.0.1t/crypto/x509/verify_extra_test.c +@@ -169,7 +169,7 @@ static int test_alt_chains_cert_forgery( + i = X509_verify_cert(sctx); + + if(i == 0 && X509_STORE_CTX_get_error(sctx) +- == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT) { ++ == X509_V_ERR_INVALID_CA) { + /* This is the result we were expecting: Test passed */ + ret = 1; + } diff -Nru openssl-1.0.1t/debian/patches/series openssl-1.0.1t/debian/patches/series --- openssl-1.0.1t/debian/patches/series 2021-02-18 19:20:00.000000000 +0100 +++ openssl-1.0.1t/debian/patches/series 2021-09-15 17:17:22.000000000 +0200 @@ -54,3 +54,6 @@ CVE-2018-0734-3.patch CVE-2021-23840.patch CVE-2021-23841.patch + +add-trusted_first-option-and-verify-flag.patch +Check-chain-extensions-also-for-trusted-certificates.patch