diff --git a/0001-restore-registration-algorithm-order.bug897512.patch b/0001-restore-registration-algorithm-order.bug897512.patch deleted file mode 100644 index eb4ad60..0000000 --- a/0001-restore-registration-algorithm-order.bug897512.patch +++ /dev/null @@ -1,413 +0,0 @@ -From 76ad8a6f4c83c999b9eb6d1a3506b1a8e593307e Mon Sep 17 00:00:00 2001 -From: Tobias Brunner -Date: Fri, 20 Jun 2014 16:22:15 +0200 -Subject: [PATCH] Merge branch 'algorithm-order' -Upstream: yes -References: bsc#897512 - -Restores the behavior we had before 2e22333fb (except for RNGs), that is, -algorithms are stored in the registration order again. Which is not optimal -as we must rely on plugins to register them in a sensible order, but ordering -them by identifier definitely caused weaker algorithms to be proposed first -in the default proposal, which was even worse. ---- - src/libstrongswan/crypto/crypto_factory.c | 18 +- - src/libstrongswan/tests/Makefile.am | 1 + - .../tests/suites/test_crypto_factory.c | 312 +++++++++++++++++++++ - src/libstrongswan/tests/tests.h | 1 + - 4 files changed, 327 insertions(+), 5 deletions(-) - create mode 100644 src/libstrongswan/tests/suites/test_crypto_factory.c - -diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c -index 6dea30e..96fbc0d 100644 ---- a/src/libstrongswan/crypto/crypto_factory.c -+++ b/src/libstrongswan/crypto/crypto_factory.c -@@ -392,10 +392,10 @@ METHOD(crypto_factory_t, create_dh, diffie_hellman_t*, - /** - * Insert an algorithm entry to a list - * -- * Entries are sorted by algorithm identifier (which is important for RNGs) -- * while maintaining the order in which algorithms were added, unless they were -+ * Entries maintain the order in which algorithms were added, unless they were - * benchmarked and speed is provided, which then is used to order entries of - * the same algorithm. -+ * An exception are RNG entries, which are sorted by algorithm identifier. - */ - static void add_entry(private_crypto_factory_t *this, linked_list_t *list, - int algo, const char *plugin_name, -@@ -403,6 +403,7 @@ static void add_entry(private_crypto_factory_t *this, linked_list_t *list, - { - enumerator_t *enumerator; - entry_t *entry, *current; -+ bool sort = (list == this->rngs), found = FALSE; - - INIT(entry, - .algo = algo, -@@ -415,12 +416,19 @@ static void add_entry(private_crypto_factory_t *this, linked_list_t *list, - enumerator = list->create_enumerator(list); - while (enumerator->enumerate(enumerator, ¤t)) - { -- if (current->algo > algo) -+ if (sort && current->algo > algo) - { - break; - } -- else if (current->algo == algo && speed && -- current->speed < speed) -+ else if (current->algo == algo) -+ { -+ if (speed > current->speed) -+ { -+ break; -+ } -+ found = TRUE; -+ } -+ else if (found) - { - break; - } -diff --git a/src/libstrongswan/tests/Makefile.am b/src/libstrongswan/tests/Makefile.am -index 331a548..0bdf2b3 100644 ---- a/src/libstrongswan/tests/Makefile.am -+++ b/src/libstrongswan/tests/Makefile.am -@@ -42,6 +42,7 @@ tests_SOURCES = tests.h tests.c \ - suites/test_host.c \ - suites/test_hasher.c \ - suites/test_crypter.c \ -+ suites/test_crypto_factory.c \ - suites/test_pen.c \ - suites/test_asn1.c \ - suites/test_asn1_parser.c \ -diff --git a/src/libstrongswan/tests/suites/test_crypto_factory.c b/src/libstrongswan/tests/suites/test_crypto_factory.c -new file mode 100644 -index 0000000..94f45da ---- /dev/null -+++ b/src/libstrongswan/tests/suites/test_crypto_factory.c -@@ -0,0 +1,312 @@ -+/* -+ * Copyright (C) 2014 Tobias Brunner -+ * Hochschule fuer Technik Rapperswil -+ * -+ * This program is free software; you can redistribute it and/or modify it -+ * under the terms of the GNU General Public License as published by the -+ * Free Software Foundation; either version 2 of the License, or (at your -+ * option) any later version. See . -+ * -+ * This program is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -+ * for more details. -+ */ -+ -+#include "test_suite.h" -+ -+#include -+ -+static rng_t *rng_create(rng_quality_t quality) -+{ -+ rng_quality_t *q = malloc_thing(rng_quality_t); -+ *q = quality; -+ return (rng_t*)q; -+} -+ -+static rng_t *rng_create_weak(rng_quality_t quality) -+{ -+ ck_assert(quality == RNG_WEAK); -+ return rng_create(RNG_WEAK); -+} -+ -+static rng_t *rng_create_strong(rng_quality_t quality) -+{ -+ ck_assert(quality <= RNG_STRONG); -+ return rng_create(RNG_STRONG); -+} -+ -+static rng_t *rng_create_true(rng_quality_t quality) -+{ -+ ck_assert(quality <= RNG_TRUE); -+ return rng_create(RNG_TRUE); -+} -+ -+static rng_t *rng_create_true_second(rng_quality_t quality) -+{ -+ fail("should never be called"); -+ return rng_create(RNG_TRUE); -+} -+ -+static rng_quality_t rng_weak = RNG_WEAK; -+static rng_quality_t rng_strong = RNG_STRONG; -+static rng_quality_t rng_true = RNG_TRUE; -+ -+static struct { -+ rng_quality_t *exp_weak; -+ rng_quality_t *exp_strong; -+ rng_quality_t *exp_true; -+ struct { -+ rng_quality_t *q; -+ rng_constructor_t create; -+ } data[4]; -+} rng_data[] = { -+ { NULL, NULL, NULL, { -+ { NULL, NULL } -+ }}, -+ { &rng_weak, NULL, NULL, { -+ { &rng_weak, rng_create_weak }, -+ { NULL, NULL } -+ }}, -+ { &rng_strong, &rng_strong, NULL, { -+ { &rng_strong, rng_create_strong }, -+ { NULL, NULL } -+ }}, -+ { &rng_true, &rng_true, &rng_true, { -+ { &rng_true, rng_create_true }, -+ { NULL, NULL } -+ }}, -+ { &rng_true, &rng_true, &rng_true, { -+ { &rng_true, rng_create_true }, -+ { &rng_true, rng_create_true_second }, -+ { NULL, NULL } -+ }}, -+ { &rng_weak, &rng_true, &rng_true, { -+ { &rng_weak, rng_create_weak }, -+ { &rng_true, rng_create_true }, -+ { NULL, NULL } -+ }}, -+ { &rng_weak, &rng_strong, &rng_true, { -+ { &rng_true, rng_create_true }, -+ { &rng_strong, rng_create_strong }, -+ { &rng_weak, rng_create_weak }, -+ { NULL, NULL } -+ }}, -+ { &rng_weak, &rng_strong, &rng_true, { -+ { &rng_weak, rng_create_weak }, -+ { &rng_strong, rng_create_strong }, -+ { &rng_true, rng_create_true }, -+ { NULL, NULL } -+ }}, -+}; -+ -+static void verify_rng(crypto_factory_t *factory, rng_quality_t request, -+ rng_quality_t *expected) -+{ -+ rng_quality_t *res; -+ -+ res = (rng_quality_t*)factory->create_rng(factory, request); -+ if (!expected) -+ { -+ ck_assert(!res); -+ } -+ else -+ { -+ ck_assert(res); -+ ck_assert_int_eq(*expected, *res); -+ free(res); -+ } -+} -+ -+START_TEST(test_create_rng) -+{ -+ crypto_factory_t *factory; -+ int i; -+ -+ factory = crypto_factory_create(); -+ for (i = 0; rng_data[_i].data[i].q; i++) -+ { -+ ck_assert(factory->add_rng(factory, *rng_data[_i].data[i].q, "test", -+ rng_data[_i].data[i].create)); -+ } -+ verify_rng(factory, RNG_WEAK, rng_data[_i].exp_weak); -+ verify_rng(factory, RNG_STRONG, rng_data[_i].exp_strong); -+ verify_rng(factory, RNG_TRUE, rng_data[_i].exp_true); -+ for (i = 0; rng_data[_i].data[i].q; i++) -+ { -+ factory->remove_rng(factory, rng_data[_i].data[i].create); -+ } -+ factory->destroy(factory); -+} -+END_TEST -+ -+static diffie_hellman_t *dh_create(char *plugin) -+{ -+ return (diffie_hellman_t*)plugin; -+} -+ -+static diffie_hellman_t *dh_create_modp1024(diffie_hellman_group_t group, ...) -+{ -+ ck_assert(group == MODP_1024_BIT); -+ return dh_create("plugin1"); -+} -+ -+static diffie_hellman_t *dh_create_modp1024_second(diffie_hellman_group_t group, -+ ...) -+{ -+ ck_assert(group == MODP_1024_BIT); -+ return dh_create("plugin2"); -+} -+ -+static diffie_hellman_t *dh_create_modp2048(diffie_hellman_group_t group, ...) -+{ -+ ck_assert(group == MODP_2048_BIT); -+ return dh_create("plugin1"); -+} -+ -+static diffie_hellman_t *dh_create_modp2048_second(diffie_hellman_group_t group, -+ ...) -+{ -+ ck_assert(group == MODP_2048_BIT); -+ return dh_create("plugin2"); -+} -+ -+static struct { -+ char *exp1024; -+ char *exp2048; -+ struct { -+ diffie_hellman_group_t g; -+ dh_constructor_t create; -+ char *plugin; -+ } data[4]; -+} dh_data[] = { -+ { NULL, NULL, { -+ { MODP_NONE, NULL, NULL } -+ }}, -+ { "plugin1", NULL, { -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_NONE, NULL, NULL } -+ }}, -+ { "plugin1", NULL, { -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_1024_BIT, dh_create_modp1024_second, "plugin2" }, -+ { MODP_NONE, NULL, NULL } -+ }}, -+ { "plugin2", NULL, { -+ { MODP_1024_BIT, dh_create_modp1024_second, "plugin2" }, -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_NONE, NULL, NULL } -+ }}, -+ { "plugin1", "plugin1", { -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_2048_BIT, dh_create_modp2048, "plugin1" }, -+ { MODP_NONE, NULL } -+ }}, -+ { "plugin1", "plugin1", { -+ { MODP_2048_BIT, dh_create_modp2048, "plugin1" }, -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_NONE, NULL } -+ }}, -+ { "plugin1", "plugin1", { -+ { MODP_2048_BIT, dh_create_modp2048, "plugin1" }, -+ { MODP_2048_BIT, dh_create_modp2048_second, "plugin2" }, -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_NONE, NULL } -+ }}, -+ { "plugin1", "plugin2", { -+ { MODP_2048_BIT, dh_create_modp2048_second, "plugin2" }, -+ { MODP_2048_BIT, dh_create_modp2048, "plugin1" }, -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_NONE, NULL } -+ }}, -+}; -+ -+static void verify_dh(crypto_factory_t *factory, diffie_hellman_group_t request, -+ char *expected) -+{ -+ char *plugin; -+ -+ plugin = (char*)factory->create_dh(factory, request); -+ if (!expected) -+ { -+ ck_assert(!plugin); -+ } -+ else -+ { -+ ck_assert(plugin); -+ ck_assert_str_eq(expected, plugin); -+ } -+} -+ -+START_TEST(test_create_dh) -+{ -+ enumerator_t *enumerator; -+ crypto_factory_t *factory; -+ diffie_hellman_group_t group; -+ char *plugin; -+ int i, len = 0; -+ -+ -+ factory = crypto_factory_create(); -+ for (i = 0; dh_data[_i].data[i].g != MODP_NONE; i++) -+ { -+ ck_assert(factory->add_dh(factory, dh_data[_i].data[i].g, -+ dh_data[_i].data[i].plugin, -+ dh_data[_i].data[i].create)); -+ } -+ verify_dh(factory, MODP_1024_BIT, dh_data[_i].exp1024); -+ verify_dh(factory, MODP_2048_BIT, dh_data[_i].exp2048); -+ -+ len = countof(dh_data[_i].data); -+ enumerator = factory->create_dh_enumerator(factory); -+ for (i = 0; enumerator->enumerate(enumerator, &group, &plugin) && i < len;) -+ { -+ ck_assert_int_eq(dh_data[_i].data[i].g, group); -+ while (dh_data[_i].data[i].g == group) -+ { /* skip other entries by the same group */ -+ i++; -+ } -+ switch (group) -+ { -+ case MODP_1024_BIT: -+ ck_assert(dh_data[_i].exp1024); -+ ck_assert_str_eq(dh_data[_i].exp1024, plugin); -+ break; -+ case MODP_2048_BIT: -+ ck_assert(dh_data[_i].exp2048); -+ ck_assert_str_eq(dh_data[_i].exp2048, plugin); -+ break; -+ default: -+ fail("unexpected DH group"); -+ break; -+ } -+ } -+ ck_assert(!enumerator->enumerate(enumerator)); -+ ck_assert_int_eq(dh_data[_i].data[i].g, MODP_NONE); -+ enumerator->destroy(enumerator); -+ -+ for (i = 0; dh_data[_i].data[i].g != MODP_NONE; i++) -+ { -+ factory->remove_dh(factory, dh_data[_i].data[i].create); -+ } -+ factory->destroy(factory); -+} -+END_TEST -+ -+Suite *crypto_factory_suite_create() -+{ -+ Suite *s; -+ TCase *tc; -+ -+ s = suite_create("crypto-factory"); -+ -+ tc = tcase_create("create_rng"); -+ tcase_add_loop_test(tc, test_create_rng, 0, countof(rng_data)); -+ suite_add_tcase(s, tc); -+ -+ tc = tcase_create("create_dh"); -+ tcase_add_loop_test(tc, test_create_dh, 0, countof(dh_data)); -+ suite_add_tcase(s, tc); -+ -+ return s; -+} -diff --git a/src/libstrongswan/tests/tests.h b/src/libstrongswan/tests/tests.h -index 82a5137..ab0f642 100644 ---- a/src/libstrongswan/tests/tests.h -+++ b/src/libstrongswan/tests/tests.h -@@ -35,6 +35,7 @@ TEST_SUITE(host_suite_create) - TEST_SUITE(printf_suite_create) - TEST_SUITE(hasher_suite_create) - TEST_SUITE(crypter_suite_create) -+TEST_SUITE(crypto_factory_suite_create) - TEST_SUITE(pen_suite_create) - TEST_SUITE(asn1_suite_create) - TEST_SUITE(asn1_parser_suite_create) --- -2.1.2 - diff --git a/strongswan-5.1.3.tar.bz2 b/strongswan-5.1.3.tar.bz2 deleted file mode 100644 index b52ba2d..0000000 --- a/strongswan-5.1.3.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:84e46d5ce801e1b874e2bfba8d21dbd78b432e23b7fb1f4f2d637359e7a183a8 -size 3807212 diff --git a/strongswan-5.1.3.tar.bz2.sig b/strongswan-5.1.3.tar.bz2.sig deleted file mode 100644 index 7884d97..0000000 --- a/strongswan-5.1.3.tar.bz2.sig +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.11 (GNU/Linux) - -iQGcBAABAgAGBQJTS9jUAAoJEN9CwXCzTbp3E3cMAJuQv7IsG5XDNQB/Wcb66hLQ -2DSZN2zXRI2Ku5ONXDqnzCzyGRO84SOsGVzX9AQTHactr29B0n9rZxSCKZrm+ZRX -lMKu6UNsS+jSKhXkXfmDSilFnM7ap7tAlFUuH/7uz8LcG34643W5BOJH0oMq7Rx3 -WN/7/TbrYf1aE0s3C8tcJXc5OghkvAfsE0jBPWhwT7dwi5eczluPMyYYdGxg8zNP -LdBdoHTfnFRnMcL18SGwUYl09hj2YkZMoo+2Qt4I6WNy3yIINRIQluPSl2f91HHG -VXyzGLpC3W63WYxXhPmjdmkpaT9+kulF6WVhgt3i6VMOv6nSNitHs5/X0W6N5xuX -BhPmJRFmT0Oej3MJVxSKqUy89Ny3DyRmai5bERAFe+FOt9HN1UWqpK+qYFI+YQw/ -dMS9kviW2UhSq4BM9F9F+QrL66Bz0gc5+jXolm971FII62cV4i6n9U6veGPY9qkg -+Jcn6XpKOe2JXLsIeIMQgc0GitIaEHq/zdST/pn2Gw== -=NZ/K ------END PGP SIGNATURE----- diff --git a/strongswan-5.1.3-rpmlintrc b/strongswan-5.2.2-rpmlintrc similarity index 100% rename from strongswan-5.1.3-rpmlintrc rename to strongswan-5.2.2-rpmlintrc diff --git a/strongswan-5.2.2.tar.bz2 b/strongswan-5.2.2.tar.bz2 new file mode 100644 index 0000000..83aec16 --- /dev/null +++ b/strongswan-5.2.2.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:cf2fbfdf200a5eced796f00dc11fea67ce477d38c54d5f073ac6c51618b172f4 +size 4169095 diff --git a/strongswan-5.2.2.tar.bz2.sig b/strongswan-5.2.2.tar.bz2.sig new file mode 100644 index 0000000..93fa0e0 --- /dev/null +++ b/strongswan-5.2.2.tar.bz2.sig @@ -0,0 +1,14 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iQGcBAABAgAGBQJUn/PYAAoJEN9CwXCzTbp3+PML/2IJQEI240BwPOpXEGrJ0jnR +Mmq7qXD3QLnUtpyX2/dXVV6X6PzdXiCubOj9m59VNSD6Qsr5W3d44rg90Vf9VxX6 +5nwAWP9fWl1L8xKtC93dyPAe8eet9tMqIf6QY5LYCmKRXi9aotoARiyEjKRUsWdy +O+nDS43PrwjcgHcV+dVbpA1FyFSwoX2zoDu0d1MMzOb+b8np9+2SdtsNVKaIqW5c +39PphkQgpqBqM1nkO0LUydsdCpE+/Xq4yNP77eSio7b6b2eyAjD9gBlNsE4FHoU0 +gyDKgdcOIPYmS8VD2J4efxQDjGpj6VV4wvXAo9tE7x/joIFT+Eg9LsD42l7yReaY +G/G87HVgA0DH67lBjoMfkhZcHCSTofM4cm7eOC7s48PF4HvnAM1L5bH7UzoehV9c +YvIUO/Q+7on6nvnW4AYUVXc/fAq7IUB6hYYCX6CHsb1U7gkEa7NseLwcoLmbMIfB +QaziGo6KHG4XFTdlu1LrQBip8NdJZh7v7fYJd/sFjA== +=bacU +-----END PGP SIGNATURE----- diff --git a/strongswan.changes b/strongswan.changes index eb5afb9..84ad58f 100644 --- a/strongswan.changes +++ b/strongswan.changes @@ -1,3 +1,102 @@ +------------------------------------------------------------------- +Mon Jan 5 14:38:46 UTC 2015 - mt@suse.de + +- Updated to strongSwan 5.2.2 providing the following changes: + Changes in version 5.2.2: + * Fixed a denial-of-service vulnerability triggered by an IKEv2 Key Exchange + payload that contains the Diffie-Hellman group 1025. This identifier was + used internally for DH groups with custom generator and prime. Because + these arguments are missing when creating DH objects based on the KE + payload an invalid pointer dereference occurred. This allowed an attacker + to crash the IKE daemon with a single IKE_SA_INIT message containing such + a KE payload. The vulnerability has been registered as CVE-2014-9221. + * The left/rightid options in ipsec.conf, or any other identity in + strongSwan, now accept prefixes to enforce an explicit type, such as + email: or fqdn:. Note that no conversion is done for the remaining string, + refer to ipsec.conf(5) for details. + * The post-quantum Bimodal Lattice Signature Scheme (BLISS) can be used as + an IKEv2 public key authentication method. The pki tool offers full + support for the generation of BLISS key pairs and certificates. + * Fixed mapping of integrity algorithms negotiated for AH via IKEv1. + This could cause interoperability issues when connecting to older versions + of charon. + Changes in version 5.2.1: + * The new charon-systemd IKE daemon implements an IKE daemon tailored for + use with systemd. It avoids the dependency on ipsec starter and uses + swanctl as configuration backend, building a simple and lightweight + solution. It supports native systemd journal logging. + * Support for IKEv2 fragmentation as per RFC 7383 has been added. Like IKEv1 + fragmentation it can be enabled by setting fragmentation=yes in ipsec.conf. + * Support of the TCG TNC IF-M Attribute Segmentation specification proposal. + All attributes can be segmented. Additionally TCG/SWID Tag, TCG/SWID Tag ID + and IETF/Installed Packages attributes can be processed incrementally on a + per segment basis. + * The new ext-auth plugin calls an external script to implement custom IKE_SA + authorization logic, courtesy of Vyronas Tsingaras. + * For the vici plugin a ruby gem has been added to allow ruby applications to + control or monitor the IKE daemon. The vici documentation has been updated + to include a description of the available operations and some simple + examples using both the libvici C interface and the ruby gem. + Changes in version 5.2.0: + * strongSwan has been ported to the Windows platform. Using a MinGW toolchain, + many parts of the strongSwan codebase run natively on Windows 7 / 2008 R2 + and newer releases. charon-svc implements a Windows IKE service based on + libcharon, the kernel-iph and kernel-wfp plugins act as networking and IPsec + backend on the Windows platform. socket-win provides a native IKE socket + implementation, while winhttp fetches CRL and OCSP information using the + WinHTTP API. + * The new vici plugin provides a Versatile IKE Configuration Interface for + charon. Using the stable IPC interface, external applications can configure, + control and monitor the IKE daemon. Instead of scripting the ipsec tool + and generating ipsec.conf, third party applications can use the new interface + for more control and better reliability. + * Built upon the libvici client library, swanctl implements the first user of + the VICI interface. Together with a swanctl.conf configuration file, + connections can be defined, loaded and managed. swanctl provides a portable, + complete IKE configuration and control interface for the command line. + The first six swanctl example scenarios have been added. + * The SWID IMV implements a JSON-based REST API which allows the exchange + of SWID tags and Software IDs with the strongTNC policy manager. + * The SWID IMC can extract all installed packages from the dpkg (Debian, + Ubuntu, Linux Mint etc.), rpm (Fedora, RedHat, OpenSUSE, etc.), or + pacman (Arch Linux, Manjaro, etc.) package managers, respectively, using + the swidGenerator (https://github.com/strongswan/swidGenerator) which + generates SWID tags according to the new ISO/IEC 19770-2:2014 standard. + * All IMVs now share the access requestor ID, device ID and product info + of an access requestor via a common imv_session object. + * The Attestation IMC/IMV pair supports the IMA-NG measurement format + introduced with the Linux 3.13 kernel. + * The aikgen tool generates an Attestation Identity Key bound to a TPM. + * Implemented the PT-EAP transport protocol (RFC 7171) for Trusted Network + Connect. + * The ipsec.conf replay_window option defines connection specific IPsec + replay windows. Original patch courtesy of Zheng Zhong and Christophe + Gouault from 6Wind. +- Adjusted file lists and removed obsolete patches + [- 0005-restore-registration-algorithm-order.bug897512.patch, + - 0006-strongswan-5.1.2-5.2.1_modp_custom.CVE-2014-9221.patch] +- Adopted/Merged fipscheck patches + [* strongswan_fipscheck.patch, strongswan_fipsfilter.patch] + +------------------------------------------------------------------- +Wed Dec 17 10:15:23 UTC 2014 - mt@suse.de + +- Disallow brainpool elliptic curve groups in fips mode (bnc#856322). + [* strongswan_fipsfilter.patch] + +------------------------------------------------------------------- +Thu Dec 11 10:21:01 UTC 2014 - mt@suse.de + +- Applied an upstream fix for a denial-of-service vulnerability, + which can be triggered by an IKEv2 Key Exchange payload, that + contains the Diffie-Hellman group 1025 (bsc#910491,CVE-2014-9221). + [+ 0006-strongswan-5.1.2-5.2.1_modp_custom.CVE-2014-9221.patch] +- Adjusted whilelist of approved algorithms in fips mode (bsc#856322). + [* strongswan_fipsfilter.patch] +- Renamed patch file to match it's patch number: + [- 0001-restore-registration-algorithm-order.bug897512.patch, + + 0005-restore-registration-algorithm-order.bug897512.patch] + ------------------------------------------------------------------- Tue Nov 25 11:22:06 UTC 2014 - mt@suse.de diff --git a/strongswan.spec b/strongswan.spec index 0807214..7e6acc0 100644 --- a/strongswan.spec +++ b/strongswan.spec @@ -1,7 +1,7 @@ # # spec file for package strongswan # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: strongswan -Version: 5.1.3 +Version: 5.2.2 Release: 0 %define upstream_version %{version} %define strongswan_docdir %{_docdir}/%{name} @@ -82,7 +82,6 @@ Patch2: %{name}_ipsec_service.patch Patch3: %{name}_fipscheck.patch Patch4: %{name}_fipsfilter.patch %endif -Patch5: 0001-restore-registration-algorithm-order.bug897512.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bison BuildRequires: curl-devel @@ -293,7 +292,6 @@ and the load testing plugin for IKEv2 daemon. %patch3 -p0 %patch4 -p1 %endif -%patch5 -p1 sed -e 's|@libexecdir@|%_libexecdir|g' \ < $RPM_SOURCE_DIR/strongswan.init.in \ > strongswan.init @@ -643,10 +641,11 @@ fi %config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon.conf %config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-logging.conf %config(noreplace) %attr(600,root,root) %{strongswan_configs}/imcv.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/pki.conf %config(noreplace) %attr(600,root,root) %{strongswan_configs}/pool.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/scepclient.conf %config(noreplace) %attr(600,root,root) %{strongswan_configs}/starter.conf %config(noreplace) %attr(600,root,root) %{strongswan_configs}/tnc.conf -%config(noreplace) %attr(600,root,root) %{strongswan_configs}/tools.conf %config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/addrblock.conf %config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/aes.conf %if %{with afalg} @@ -949,10 +948,11 @@ fi %{strongswan_templates}/config/strongswan.d/charon-logging.conf %{strongswan_templates}/config/strongswan.d/charon.conf %{strongswan_templates}/config/strongswan.d/imcv.conf +%{strongswan_templates}/config/strongswan.d/pki.conf %{strongswan_templates}/config/strongswan.d/pool.conf +%{strongswan_templates}/config/strongswan.d/scepclient.conf %{strongswan_templates}/config/strongswan.d/starter.conf %{strongswan_templates}/config/strongswan.d/tnc.conf -%{strongswan_templates}/config/strongswan.d/tools.conf %{strongswan_templates}/database/imv/data.sql %{strongswan_templates}/database/imv/tables.sql @@ -982,6 +982,7 @@ fi %dir %{strongswan_templates}/database %dir %{strongswan_templates}/database/sql %{strongswan_templates}/config/plugins/mysql.conf +%{strongswan_templates}/database/imv/tables-mysql.sql %{strongswan_templates}/database/sql/mysql.sql %endif diff --git a/strongswan_fipscheck.patch b/strongswan_fipscheck.patch index b49cbd0..18839be 100644 --- a/strongswan_fipscheck.patch +++ b/strongswan_fipscheck.patch @@ -1,6 +1,6 @@ --- src/ipsec/_ipsec.in -+++ src/ipsec/_ipsec.in 2014/11/07 11:28:25 -@@ -44,6 +44,26 @@ export IPSEC_DIR IPSEC_BINDIR IPSEC_SBIN ++++ src/ipsec/_ipsec.in +@@ -44,6 +44,26 @@ export IPSEC_DIR IPSEC_BINDIR IPSEC_SBINDIR IPSEC_CONFDIR IPSEC_PIDDIR IPSEC_SCR IPSEC_DISTRO="Institute for Internet Technologies and Applications\nUniversity of Applied Sciences Rapperswil, Switzerland" @@ -26,8 +26,8 @@ + case "$1" in '') - echo "Usage: $IPSEC_SCRIPT command argument ..." -@@ -166,6 +186,7 @@ rereadall|purgeocsp|listcounters|resetco + echo "$IPSEC_SCRIPT command [arguments]" +@@ -155,6 +175,7 @@ rereadall|purgeocsp|listcounters|resetcounters) shift if [ -e $IPSEC_CHARON_PID ] then @@ -35,7 +35,7 @@ $IPSEC_STROKE "$op" "$@" rc="$?" fi -@@ -175,6 +196,7 @@ purgeike|purgecrls|purgecerts) +@@ -164,6 +185,7 @@ purgeike|purgecrls|purgecerts) rc=7 if [ -e $IPSEC_CHARON_PID ] then @@ -43,7 +43,7 @@ $IPSEC_STROKE "$1" rc="$?" fi -@@ -208,6 +230,7 @@ route|unroute) +@@ -197,6 +219,7 @@ route|unroute) fi if [ -e $IPSEC_CHARON_PID ] then @@ -51,7 +51,7 @@ $IPSEC_STROKE "$op" "$1" rc="$?" fi -@@ -217,6 +240,7 @@ secrets) +@@ -206,6 +229,7 @@ secrets) rc=7 if [ -e $IPSEC_CHARON_PID ] then @@ -59,7 +59,7 @@ $IPSEC_STROKE rereadsecrets rc="$?" fi -@@ -224,6 +248,7 @@ secrets) +@@ -213,6 +237,7 @@ secrets) ;; start) shift @@ -67,7 +67,7 @@ if [ -d /var/lock/subsys ]; then touch /var/lock/subsys/ipsec fi -@@ -297,6 +322,7 @@ up) +@@ -286,6 +311,7 @@ up) rc=7 if [ -e $IPSEC_CHARON_PID ] then @@ -75,7 +75,7 @@ $IPSEC_STROKE up "$1" rc="$?" fi -@@ -332,6 +358,11 @@ esac +@@ -325,6 +351,11 @@ esac cmd="$1" shift diff --git a/strongswan_fipsfilter.patch b/strongswan_fipsfilter.patch index 81eee37..94b5db0 100644 --- a/strongswan_fipsfilter.patch +++ b/strongswan_fipsfilter.patch @@ -1,5 +1,12 @@ +From 8f3f1bd6907df8221a93c849ed4b43474444e13b Mon Sep 17 00:00:00 2001 +From: Marius Tomaschewski +Date: Mon, 5 Jan 2015 14:57:39 +0100 +Subject: [PATCH] strongswan: filter algorithms for fips mode + +References: fate#316931,bnc#856322 + diff --git a/src/libcharon/config/proposal.c b/src/libcharon/config/proposal.c -index 2ecdb4f..85767ab 100644 +index e59dcd9..f07f4a2 100644 --- a/src/libcharon/config/proposal.c +++ b/src/libcharon/config/proposal.c @@ -26,6 +26,11 @@ @@ -14,7 +21,7 @@ index 2ecdb4f..85767ab 100644 ENUM(protocol_id_names, PROTO_NONE, PROTO_IPCOMP, "PROTO_NONE", -@@ -185,6 +190,130 @@ METHOD(proposal_t, strip_dh, void, +@@ -185,6 +190,122 @@ METHOD(proposal_t, strip_dh, void, enumerator->destroy(enumerator); } @@ -104,24 +111,16 @@ index 2ecdb4f..85767ab 100644 + case DIFFIE_HELLMAN_GROUP: + switch (alg) + { -+ case MODP_1024_BIT: -+ case MODP_1536_BIT: + case MODP_2048_BIT: + case MODP_3072_BIT: + case MODP_4096_BIT: + case MODP_8192_BIT: -+ case MODP_1024_160: + case MODP_2048_224: + case MODP_2048_256: -+ case ECP_192_BIT: + case ECP_224_BIT: + case ECP_256_BIT: + case ECP_384_BIT: + case ECP_521_BIT: -+ case ECP_224_BP: -+ case ECP_256_BP: -+ case ECP_384_BP: -+ case ECP_512_BP: + return TRUE; + default: + break; @@ -145,7 +144,7 @@ index 2ecdb4f..85767ab 100644 /** * Select a matching proposal from this and other, insert into selected. */ -@@ -500,6 +629,11 @@ static bool add_string_algo(private_proposal_t *this, const char *alg) +@@ -502,6 +623,11 @@ static bool add_string_algo(private_proposal_t *this, const char *alg) return FALSE; } @@ -157,63 +156,69 @@ index 2ecdb4f..85767ab 100644 add_algorithm(this, token->type, token->algorithm, token->keysize); return TRUE; -@@ -639,6 +773,8 @@ static void proposal_add_supported_ike(private_proposal_t *this) - enumerator = lib->crypto->create_crypter_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &encryption, &plugin_name)) - { -+ if (!fips_filter(PROTO_IKE, ENCRYPTION_ALGORITHM, encryption)) -+ continue; - switch (encryption) +@@ -643,6 +769,9 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead) + enumerator = lib->crypto->create_aead_enumerator(lib->crypto); + while (enumerator->enumerate(enumerator, &encryption, &plugin_name)) { - case ENCR_AES_CBC: -@@ -665,6 +801,9 @@ static void proposal_add_supported_ike(private_proposal_t *this) - enumerator = lib->crypto->create_aead_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &encryption, &plugin_name)) - { -+ if (!fips_filter(PROTO_IKE, ENCRYPTION_ALGORITHM, encryption)) -+ continue; ++ if (!fips_filter(PROTO_IKE, ENCRYPTION_ALGORITHM, encryption)) ++ continue; + - switch (encryption) + switch (encryption) + { + case ENCR_AES_CCM_ICV8: +@@ -675,6 +804,9 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead) + enumerator = lib->crypto->create_crypter_enumerator(lib->crypto); + while (enumerator->enumerate(enumerator, &encryption, &plugin_name)) { - case ENCR_AES_CCM_ICV8: -@@ -690,6 +829,8 @@ static void proposal_add_supported_ike(private_proposal_t *this) - enumerator = lib->crypto->create_signer_enumerator(lib->crypto); - while (enumerator->enumerate(enumerator, &integrity, &plugin_name)) - { -+ if (!fips_filter(PROTO_IKE, INTEGRITY_ALGORITHM, integrity)) -+ continue; - switch (integrity) ++ if (!fips_filter(PROTO_IKE, ENCRYPTION_ALGORITHM, encryption)) ++ continue; ++ + switch (encryption) + { + case ENCR_AES_CBC: +@@ -706,6 +838,9 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead) + enumerator = lib->crypto->create_signer_enumerator(lib->crypto); + while (enumerator->enumerate(enumerator, &integrity, &plugin_name)) { - case AUTH_HMAC_SHA1_96: -@@ -710,6 +851,8 @@ static void proposal_add_supported_ike(private_proposal_t *this) ++ if (!fips_filter(PROTO_IKE, INTEGRITY_ALGORITHM, integrity)) ++ continue; ++ + switch (integrity) + { + case AUTH_HMAC_SHA1_96: +@@ -727,6 +862,9 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead) enumerator = lib->crypto->create_prf_enumerator(lib->crypto); while (enumerator->enumerate(enumerator, &prf, &plugin_name)) { + if (!fips_filter(PROTO_IKE, PSEUDO_RANDOM_FUNCTION, prf)) + continue; ++ switch (prf) { case PRF_HMAC_SHA1: -@@ -730,6 +873,8 @@ static void proposal_add_supported_ike(private_proposal_t *this) +@@ -747,6 +885,9 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead) enumerator = lib->crypto->create_dh_enumerator(lib->crypto); while (enumerator->enumerate(enumerator, &group, &plugin_name)) { + if (!fips_filter(PROTO_IKE, DIFFIE_HELLMAN_GROUP, group)) + continue; ++ switch (group) { case MODP_NULL: -@@ -776,31 +921,35 @@ proposal_t *proposal_create_default(protocol_id_t protocol) +@@ -795,6 +936,10 @@ proposal_t *proposal_create_default(protocol_id_t protocol) { private_proposal_t *this = (private_proposal_t*)proposal_create(protocol, 0); +#define fips_add_algorithm(this, type, alg, len) \ + if (fips_filter(this->protocol, type, alg)) \ + add_algorithm(this, type, alg, len); ++ switch (protocol) { case PROTO_IKE: - proposal_add_supported_ike(this); +@@ -805,25 +950,28 @@ proposal_t *proposal_create_default(protocol_id_t protocol) + } break; case PROTO_ESP: - add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128); @@ -248,7 +253,12 @@ index 2ecdb4f..85767ab 100644 default: break; } ++ +#undef fips_add_algorithm ++ return &this->public; } +-- +2.2.1 +