jengelh/strongswan
SHA256
1
0
Fork 0
forked from pool/strongswan
Code Pull Requests Activity

- Applied upstream fix for a authentication bypass vulnerability

Browse Source 
in the eap-mschapv2 plugin (CVE-2015-8023,bsc#953817).
  [+ 0007-strongswan-4.4.0-5.3.3_eap_mschapv2_state.patch]

OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=95
This commit is contained in:
Marius Tomaschewski 2015-11-16 15:23:01 +00:00 committed by Git OBS Bridge
parent cfde0c0ea7
commit 406171b31d
3 changed files with 44 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
0007-strongswan-4.4.0-5.3.3_eap_mschapv2_state.patch Normal file
View File

@ -0,0 +1,35 @@
From 91762f11e223e33b82182150d7c4cf7c2ec3cefa Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 29 Oct 2015 11:18:27 +0100
References: CVE-2015-8023, bsc#953817
Subject: [PATCH] eap-mschapv2: Only succeed authentication if MSK was
established
An MSK is only established if the client successfully authenticated
itself and only then must we accept an MSCHAPV2_SUCCESS message.
Fixes CVE-2015-8023
---
src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
index f7f39f9841d2..931e3c41dde4 100644
--- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
+++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
@@ -1145,7 +1145,11 @@ METHOD(eap_method_t, process_server, status_t,
}
case MSCHAPV2_SUCCESS:
{
- return SUCCESS;
+ if (this->msk.ptr)
+ {
+ return SUCCESS;
+ }
+ break;
}
case MSCHAPV2_FAILURE:
{
--
1.9.1

7
strongswan.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Fri Nov 13 10:25:59 UTC 2015 - mt@suse.de
- Applied upstream fix for a authentication bypass vulnerability
in the eap-mschapv2 plugin (CVE-2015-8023,bsc#953817).
[+ 0007-strongswan-4.4.0-5.3.3_eap_mschapv2_state.patch]
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jun 4 10:54:29 UTC 2015 - mt@suse.de Thu Jun 4 10:54:29 UTC 2015 - mt@suse.de

2
strongswan.spec
View File

@ -84,6 +84,7 @@ Patch4: %{name}_fipsfilter.patch
%endif %endif
Patch5: 0005-strongswan-5.2.2-5.3.0_unknown_payload.patch Patch5: 0005-strongswan-5.2.2-5.3.0_unknown_payload.patch
Patch6: 0006-strongswan-5.1.0-5.3.1_enforce_remote_auth.patch Patch6: 0006-strongswan-5.1.0-5.3.1_enforce_remote_auth.patch
Patch7: 0007-strongswan-4.4.0-5.3.3_eap_mschapv2_state.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison BuildRequires: bison
BuildRequires: curl-devel BuildRequires: curl-devel
@ -296,6 +297,7 @@ and the load testing plugin for IKEv2 daemon.
%endif %endif
%patch5 -p1 %patch5 -p1
%patch6 -p1 %patch6 -p1
%patch7 -p1
sed -e 's|@libexecdir@|%_libexecdir|g' \ sed -e 's|@libexecdir@|%_libexecdir|g' \
< $RPM_SOURCE_DIR/strongswan.init.in \ < $RPM_SOURCE_DIR/strongswan.init.in \
> strongswan.init > strongswan.init