Hello community,
here is the log from the commit of package strongswan for openSUSE:Factory
checked in at 2015-06-09 08:49:35
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/strongswan (Old)
and /work/SRC/openSUSE:Factory/.strongswan.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "strongswan"
Changes:
--------
--- /work/SRC/openSUSE:Factory/strongswan/strongswan.changes 2015-06-02
10:12:06.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.strongswan.new/strongswan.changes
2015-06-09 08:50:35.000000000 +0200
@@ -1,0 +2,13 @@
+Thu Jun 4 10:54:29 UTC 2015 - m...@suse.de
+
+- Applied upstream fix for a rogue servers vulnerability, that may
+ enable rogue servers able to authenticate itself with certificate
+ issued by any CA the client trusts, to gain user credentials from
+ a client in certain IKEv2 setups (bsc#933591,CVE-2015-4171).
+ [+ 0006-strongswan-5.1.0-5.3.1_enforce_remote_auth.patch]
+- Fix to apply unknown_payload patch if fips is disabled (<= 13.1)
+ and renamed it to use number prefix corresponding with patch nr.
+ [- strongswan-5.2.2-5.3.0_unknown_payload.patch,
+ + 0005-strongswan-5.2.2-5.3.0_unknown_payload.patch]
+
+-------------------------------------------------------------------
Old:
----
strongswan-5.2.2-5.3.0_unknown_payload.patch
New:
----
0005-strongswan-5.2.2-5.3.0_unknown_payload.patch
0006-strongswan-5.1.0-5.3.1_enforce_remote_auth.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ strongswan.spec ++++++
--- /var/tmp/diff_new_pack.8RVH2s/_old 2015-06-09 08:50:36.000000000 +0200
+++ /var/tmp/diff_new_pack.8RVH2s/_new 2015-06-09 08:50:36.000000000 +0200
@@ -82,7 +82,8 @@
Patch3: %{name}_fipscheck.patch
Patch4: %{name}_fipsfilter.patch
%endif
-Patch5: %{name}-5.2.2-5.3.0_unknown_payload.patch
+Patch5: 0005-strongswan-5.2.2-5.3.0_unknown_payload.patch
+Patch6: 0006-strongswan-5.1.0-5.3.1_enforce_remote_auth.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison
BuildRequires: curl-devel
@@ -292,8 +293,9 @@
%if %{with fipscheck}
%patch3 -p0
%patch4 -p1
-%patch5 -p1
%endif
+%patch5 -p1
+%patch6 -p1
sed -e 's|@libexecdir@|%_libexecdir|g' \
< $RPM_SOURCE_DIR/strongswan.init.in \
> strongswan.init
++++++ 0005-strongswan-5.2.2-5.3.0_unknown_payload.patch ++++++
>From 7733b99198111ef1f30a964e15e93cb1e6d27a85 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tob...@strongswan.org>
Date: Fri, 15 May 2015 11:15:57 +0200
References: bsc#931272,CVE-2015-3991
Subject: [PATCH] unknown-payload: Use a new private payload type and make
original type available
This fixes a DoS and potential remote code execution vulnerability that was
caused because the original payload type that was returned previously was
used to cast such payload objects to payloads of the indicated type (e.g.
when logging notify payloads with a payload type for the wrong IKE version).
Fixes CVE-2015-3991.
---
src/libcharon/encoding/message.c | 2 +-
src/libcharon/encoding/payloads/payload.c | 2 ++
src/libcharon/encoding/payloads/payload.h | 7 ++++++-
src/libcharon/encoding/payloads/unknown_payload.c | 8 ++++++++
src/libcharon/encoding/payloads/unknown_payload.h | 8 ++++++++
src/libcharon/sa/ikev2/task_manager_v2.c | 18 ++++++++++--------
6 files changed, 35 insertions(+), 10 deletions(-)
diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index 1ee2cf81b035..478f531eae28 100644
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -2513,7 +2513,7 @@ static status_t decrypt_payloads(private_message_t *this,
keymat_t *keymat)
was_encrypted = "encrypted fragment payload";
}
- if (payload_is_known(type, this->major_version) &&
!was_encrypted &&
+ if (type != PL_UNKNOWN && !was_encrypted &&
!is_connectivity_check(this, payload) &&
this->exchange_type != AGGRESSIVE)
{
diff --git a/src/libcharon/encoding/payloads/payload.c
b/src/libcharon/encoding/payloads/payload.c
index a1cd2f945588..f7c2754e05c3 100644
--- a/src/libcharon/encoding/payloads/payload.c
+++ b/src/libcharon/encoding/payloads/payload.c
@@ -97,6 +97,7 @@ ENUM_NEXT(payload_type_names, PLV1_NAT_D_DRAFT_00_03,
PLV1_FRAGMENT, PLV2_FRAGME
#endif /* ME */
ENUM_NEXT(payload_type_names, PL_HEADER, PLV1_ENCRYPTED, PLV1_FRAGMENT,
"HEADER",
+ "UNKNOWN",
"PROPOSAL_SUBSTRUCTURE",
"PROPOSAL_SUBSTRUCTURE_V1",
"TRANSFORM_SUBSTRUCTURE",
@@ -167,6 +168,7 @@ ENUM_NEXT(payload_type_short_names, PLV1_NAT_D_DRAFT_00_03,
PLV1_FRAGMENT, PLV2_
#endif /* ME */
ENUM_NEXT(payload_type_short_names, PL_HEADER, PLV1_ENCRYPTED, PLV1_FRAGMENT,
"HDR",
+ "UNKN",
"PROP",
"PROP",
"TRANS",
diff --git a/src/libcharon/encoding/payloads/payload.h
b/src/libcharon/encoding/payloads/payload.h
index 920779bd1032..72003894f307 100644
--- a/src/libcharon/encoding/payloads/payload.h
+++ b/src/libcharon/encoding/payloads/payload.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2007 Tobias Brunner
+ * Copyright (C) 2007-2015 Tobias Brunner
* Copyright (C) 2005-2006 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
@@ -264,6 +264,11 @@ enum payload_type_t {
PL_HEADER = 256,
/**
+ * Used to handle unknown or invalid payload types.
+ */
+ PL_UNKNOWN,
+
+ /**
* PLV2_PROPOSAL_SUBSTRUCTURE, IKEv2 proposals in a SA payload.
*/
PLV2_PROPOSAL_SUBSTRUCTURE,
diff --git a/src/libcharon/encoding/payloads/unknown_payload.c
b/src/libcharon/encoding/payloads/unknown_payload.c
index 45b91fd0b32f..c69254fc008c 100644
--- a/src/libcharon/encoding/payloads/unknown_payload.c
+++ b/src/libcharon/encoding/payloads/unknown_payload.c
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2015 Tobias Brunner
* Copyright (C) 2005-2006 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
@@ -121,6 +122,12 @@ METHOD(payload_t, get_header_length, int,
METHOD(payload_t, get_payload_type, payload_type_t,
private_unknown_payload_t *this)
{
+ return PL_UNKNOWN;
+}
+
+METHOD(unknown_payload_t, get_type, payload_type_t,
+ private_unknown_payload_t *this)
+{
return this->type;
}
@@ -181,6 +188,7 @@ unknown_payload_t *unknown_payload_create(payload_type_t
type)
.destroy = _destroy,
},
.is_critical = _is_critical,
+ .get_type = _get_type,
.get_data = _get_data,
.destroy = _destroy,
},
diff --git a/src/libcharon/encoding/payloads/unknown_payload.h
b/src/libcharon/encoding/payloads/unknown_payload.h
index 326b550cd872..09341bcc79b5 100644
--- a/src/libcharon/encoding/payloads/unknown_payload.h
+++ b/src/libcharon/encoding/payloads/unknown_payload.h
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2015 Tobias Brunner
* Copyright (C) 2005-2006 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
@@ -42,6 +43,13 @@ struct unknown_payload_t {
payload_t payload_interface;
/**
+ * Get the original payload type as sent by the peer.
+ *
+ * @return type of the original payload
+ */
+ payload_type_t (*get_type) (unknown_payload_t *this);
+
+ /**
* Get the raw data of this payload, without
* the generic payload header.
*
diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c
b/src/libcharon/sa/ikev2/task_manager_v2.c
index 298167703cbf..4676867dfec2 100644
--- a/src/libcharon/sa/ikev2/task_manager_v2.c
+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
@@ -1184,15 +1184,17 @@ static status_t parse_message(private_task_manager_t
*this, message_t *msg)
enumerator = msg->create_payload_enumerator(msg);
while (enumerator->enumerate(enumerator, &payload))
{
- unknown = (unknown_payload_t*)payload;
- type = payload->get_type(payload);
- if (!payload_is_known(type,
msg->get_major_version(msg)) &&
- unknown->is_critical(unknown))
+ if (payload->get_type(payload) == PL_UNKNOWN)
{
- DBG1(DBG_ENC, "payload type %N is not
supported, "
- "but its critical!",
payload_type_names, type);
- status = NOT_SUPPORTED;
- break;
+ unknown = (unknown_payload_t*)payload;
+ if (unknown->is_critical(unknown))
+ {
+ type = unknown->get_type(unknown);
+ DBG1(DBG_ENC, "payload type %N is not
supported, "
+ "but its critical!",
payload_type_names, type);
+ status = NOT_SUPPORTED;
+ break;
+ }
}
}
enumerator->destroy(enumerator);
--
1.9.1
++++++ 0006-strongswan-5.1.0-5.3.1_enforce_remote_auth.patch ++++++
>From ca1a65cc6aef2e037b529574783b7c571d1d82a9 Mon Sep 17 00:00:00 2001
From: Martin Willi <mar...@strongswan.org>
Date: Wed, 3 Jun 2015 10:52:34 +0200
References: bsc#933591,CVE-2015-4171
Subject: [PATCH] ikev2: Enforce remote authentication config before proceeding
with own authentication
Previously the constraints in the authentication configuration of an
initiator were enforced only after all authentication rounds were
complete. This posed a problem if an initiator used EAP or PSK
authentication while the responder was authenticated with a certificate
and if a rogue server was able to authenticate itself with a valid
certificate issued by any CA the initiator trusted.
Because any constraints for the responder's identity (rightid) or other
aspects of the authentication (e.g. rightca) the initiator had were not
enforced until the initiator itself finished its authentication such a rogue
responder was able to acquire usernames and password hashes from the client.
And if a client supported EAP-GTC it was even possible to trick it into
sending plaintext passwords.
This patch enforces the configured constraints right after the responder's
authentication successfully finished for each round and before the initiator
starts with its own authentication.
Fixes CVE-2015-4171.
---
src/libcharon/sa/ikev2/tasks/ike_auth.c | 44 +++++++++++++++++++++++++++++++++
1 file changed, 44 insertions(+)
diff --git a/src/libcharon/sa/ikev2/tasks/ike_auth.c
b/src/libcharon/sa/ikev2/tasks/ike_auth.c
index bf747a49edde..2554496c1916 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_auth.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_auth.c
@@ -112,6 +112,11 @@ struct private_ike_auth_t {
* received an INITIAL_CONTACT?
*/
bool initial_contact;
+
+ /**
+ * Is EAP acceptable, did we strictly authenticate peer?
+ */
+ bool eap_acceptable;
};
/**
@@ -879,6 +884,37 @@ static void
send_auth_failed_informational(private_ike_auth_t *this,
message->destroy(message);
}
+/**
+ * Check if strict constraint fullfillment required to continue current auth
+ */
+static bool require_strict(private_ike_auth_t *this, bool mutual_eap)
+{
+ auth_cfg_t *cfg;
+
+ if (this->eap_acceptable)
+ {
+ return FALSE;
+ }
+
+ cfg = this->ike_sa->get_auth_cfg(this->ike_sa, TRUE);
+ switch ((uintptr_t)cfg->get(cfg, AUTH_RULE_AUTH_CLASS))
+ {
+ case AUTH_CLASS_EAP:
+ if (mutual_eap && this->my_auth)
+ {
+ this->eap_acceptable = TRUE;
+ return !this->my_auth->is_mutual(this->my_auth);
+ }
+ return TRUE;
+ case AUTH_CLASS_PSK:
+ return TRUE;
+ case AUTH_CLASS_PUBKEY:
+ case AUTH_CLASS_ANY:
+ default:
+ return FALSE;
+ }
+}
+
METHOD(task_t, process_i, status_t,
private_ike_auth_t *this, message_t *message)
{
@@ -1014,6 +1050,14 @@ METHOD(task_t, process_i, status_t,
}
}
+ if (require_strict(this, mutual_eap))
+ {
+ if (!update_cfg_candidates(this, TRUE))
+ {
+ goto peer_auth_failed;
+ }
+ }
+
if (this->my_auth)
{
switch (this->my_auth->process(this->my_auth, message))
--
1.9.1
