1
0
forked from pool/strongswan
strongswan/0007-strongswan-4.4.0-5.3.3_eap_mschapv2_state.patch

36 lines
1.0 KiB
Diff
Raw Normal View History

From 91762f11e223e33b82182150d7c4cf7c2ec3cefa Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 29 Oct 2015 11:18:27 +0100
References: CVE-2015-8023, bsc#953817
Subject: [PATCH] eap-mschapv2: Only succeed authentication if MSK was
established
An MSK is only established if the client successfully authenticated
itself and only then must we accept an MSCHAPV2_SUCCESS message.
Fixes CVE-2015-8023
---
src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
index f7f39f9841d2..931e3c41dde4 100644
--- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
+++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
@@ -1145,7 +1145,11 @@ METHOD(eap_method_t, process_server, status_t,
}
case MSCHAPV2_SUCCESS:
{
- return SUCCESS;
+ if (this->msk.ptr)
+ {
+ return SUCCESS;
+ }
+ break;
}
case MSCHAPV2_FAILURE:
{
--
1.9.1