jengelh/strongswan
SHA256
1
0
Fork 0
forked from pool/strongswan
Code Pull Requests Activity

- Disallow brainpool elliptic curve groups in fips mode (bnc#856322).

Browse Source 
[* strongswan_fipsfilter.patch]

- Applied an upstream fix for a denial-of-service vulnerability,
  which can be triggered by an IKEv2 Key Exchange payload, that
  contains the Diffie-Hellman group 1025 (bsc#910491,CVE-2014-9221).
  [+ 0006-strongswan-5.1.2-5.2.1_modp_custom.CVE-2014-9221.patch]
- Adjusted whilelist of approved algorithms in fips mode (bsc#856322).
  [* strongswan_fipsfilter.patch]
- Renamed patch file to match it's patch number:
  [- 0001-restore-registration-algorithm-order.bug897512.patch,
   + 0005-restore-registration-algorithm-order.bug897512.patch]

OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=84
This commit is contained in:
Marius Tomaschewski 2015-01-05 13:04:19 +00:00 committed by Git OBS Bridge
parent 820c7f86b7
commit fadffa6d60
5 changed files with 208 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
0001-restore-registration-algorithm-order.bug897512.patch → 0005-restore-registration-algorithm-order.bug897512.patch
View File

166
0006-strongswan-5.1.2-5.2.1_modp_custom.CVE-2014-9221.patch Normal file
View File

@ -0,0 +1,166 @@
From a78ecdd47509626711a13481f53696e01d4b8c62 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 1 Dec 2014 17:21:59 +0100
Subject: [PATCH] crypto: Define MODP_CUSTOM outside of IKE DH range
References: bsc#910491,CVE-2014-9221
Upstream: yes
Before this fix it was possible to crash charon with an IKE_SA_INIT
message containing a KE payload with DH group MODP_CUSTOM(1025).
Defining MODP_CUSTOM outside of the two byte IKE DH identifier range
prevents it from getting negotiated.
Fixes CVE-2014-9221 in version 5.1.2 and newer.
---
src/charon-tkm/src/tkm/tkm_diffie_hellman.c | 2 +-
src/libstrongswan/crypto/diffie_hellman.c | 11 ++++++-----
src/libstrongswan/crypto/diffie_hellman.h | 6 ++++--
src/libstrongswan/plugins/gcrypt/gcrypt_dh.c | 2 +-
src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c | 2 +-
src/libstrongswan/plugins/ntru/ntru_ke.c | 2 +-
src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c | 2 +-
src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c | 2 +-
src/libstrongswan/plugins/pkcs11/pkcs11_dh.c | 2 +-
9 files changed, 17 insertions(+), 14 deletions(-)
diff --git a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
index 67db5e6d87d6..836e0b7f088d 100644
--- a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
+++ b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
@@ -41,7 +41,7 @@ struct private_tkm_diffie_hellman_t {
/**
* Diffie Hellman group number.
*/
- u_int16_t group;
+ diffie_hellman_group_t group;
/**
* Diffie Hellman public value.
diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c
index bada1c529951..ac106e9c4d45 100644
--- a/src/libstrongswan/crypto/diffie_hellman.c
+++ b/src/libstrongswan/crypto/diffie_hellman.c
@@ -42,15 +42,16 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, ECP_512_BP, ECP_521_BIT,
"ECP_256_BP",
"ECP_384_BP",
"ECP_512_BP");
-ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_CUSTOM, ECP_512_BP,
- "MODP_NULL",
- "MODP_CUSTOM");
-ENUM_NEXT(diffie_hellman_group_names, NTRU_112_BIT, NTRU_256_BIT, MODP_CUSTOM,
+ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_NULL, ECP_512_BP,
+ "MODP_NULL");
+ENUM_NEXT(diffie_hellman_group_names, NTRU_112_BIT, NTRU_256_BIT, MODP_NULL,
"NTRU_112",
"NTRU_128",
"NTRU_192",
"NTRU_256");
-ENUM_END(diffie_hellman_group_names, NTRU_256_BIT);
+ENUM_NEXT(diffie_hellman_group_names, MODP_CUSTOM, MODP_CUSTOM, NTRU_256_BIT,
+ "MODP_CUSTOM");
+ENUM_END(diffie_hellman_group_names, MODP_CUSTOM);
/**
diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h
index 105db22f14d4..d5161d077bb2 100644
--- a/src/libstrongswan/crypto/diffie_hellman.h
+++ b/src/libstrongswan/crypto/diffie_hellman.h
@@ -63,12 +63,14 @@ enum diffie_hellman_group_t {
/** insecure NULL diffie hellman group for testing, in PRIVATE USE */
MODP_NULL = 1024,
/** MODP group with custom generator/prime */
- MODP_CUSTOM = 1025,
/** Parameters defined by IEEE 1363.1, in PRIVATE USE */
NTRU_112_BIT = 1030,
NTRU_128_BIT = 1031,
NTRU_192_BIT = 1032,
- NTRU_256_BIT = 1033
+ NTRU_256_BIT = 1033,
+ /** internally used DH group with additional parameters g and p, outside
+ * of PRIVATE USE (i.e. IKEv2 DH group range) so it can't be negotiated */
+ MODP_CUSTOM = 65536,
};
/**
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
index f418b941db86..299865da2e09 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
@@ -35,7 +35,7 @@ struct private_gcrypt_dh_t {
/**
* Diffie Hellman group number
*/
- u_int16_t group;
+ diffie_hellman_group_t group;
/*
* Generator value
diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
index b74d35169f44..9936f7e4518f 100644
--- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
+++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
@@ -42,7 +42,7 @@ struct private_gmp_diffie_hellman_t {
/**
* Diffie Hellman group number.
*/
- u_int16_t group;
+ diffie_hellman_group_t group;
/*
* Generator value.
diff --git a/src/libstrongswan/plugins/ntru/ntru_ke.c b/src/libstrongswan/plugins/ntru/ntru_ke.c
index abaa22336221..e64f32b91d0e 100644
--- a/src/libstrongswan/plugins/ntru/ntru_ke.c
+++ b/src/libstrongswan/plugins/ntru/ntru_ke.c
@@ -56,7 +56,7 @@ struct private_ntru_ke_t {
/**
* Diffie Hellman group number.
*/
- u_int16_t group;
+ diffie_hellman_group_t group;
/**
* NTRU Parameter Set
diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
index ff3382473666..1e68ac59b838 100644
--- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
@@ -38,7 +38,7 @@ struct private_openssl_diffie_hellman_t {
/**
* Diffie Hellman group number.
*/
- u_int16_t group;
+ diffie_hellman_group_t group;
/**
* Diffie Hellman object
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
index b487d59a59a3..50853d6f0bde 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
@@ -40,7 +40,7 @@ struct private_openssl_ec_diffie_hellman_t {
/**
* Diffie Hellman group number.
*/
- u_int16_t group;
+ diffie_hellman_group_t group;
/**
* EC private (public) key
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
index 36cc284bf2b5..23b63d2386af 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
@@ -47,7 +47,7 @@ struct private_pkcs11_dh_t {
/**
* Diffie Hellman group number.
*/
- u_int16_t group;
+ diffie_hellman_group_t group;
/**
* Handle for own private value
--
1.9.1

19
strongswan.changes
View File

@ -1,3 +1,22 @@
-------------------------------------------------------------------
Wed Dec 17 10:15:23 UTC 2014 - mt@suse.de
- Disallow brainpool elliptic curve groups in fips mode (bnc#856322).
[* strongswan_fipsfilter.patch]
-------------------------------------------------------------------
Thu Dec 11 10:21:01 UTC 2014 - mt@suse.de
- Applied an upstream fix for a denial-of-service vulnerability,
which can be triggered by an IKEv2 Key Exchange payload, that
contains the Diffie-Hellman group 1025 (bsc#910491,CVE-2014-9221).
[+ 0006-strongswan-5.1.2-5.2.1_modp_custom.CVE-2014-9221.patch]
- Adjusted whilelist of approved algorithms in fips mode (bsc#856322).
[* strongswan_fipsfilter.patch]
- Renamed patch file to match it's patch number:
[- 0001-restore-registration-algorithm-order.bug897512.patch,
+ 0005-restore-registration-algorithm-order.bug897512.patch]
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Nov 25 11:22:06 UTC 2014 - mt@suse.de Tue Nov 25 11:22:06 UTC 2014 - mt@suse.de

6
strongswan.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package strongswan # spec file for package strongswan
# #
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -82,7 +82,8 @@ Patch2: %{name}_ipsec_service.patch
Patch3: %{name}_fipscheck.patch Patch3: %{name}_fipscheck.patch
Patch4: %{name}_fipsfilter.patch Patch4: %{name}_fipsfilter.patch
%endif %endif
Patch5: 0001-restore-registration-algorithm-order.bug897512.patch Patch5: 0005-restore-registration-algorithm-order.bug897512.patch
Patch6: 0006-strongswan-5.1.2-5.2.1_modp_custom.CVE-2014-9221.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison BuildRequires: bison
BuildRequires: curl-devel BuildRequires: curl-devel
@ -294,6 +295,7 @@ and the load testing plugin for IKEv2 daemon.
%patch4 -p1 %patch4 -p1
%endif %endif
%patch5 -p1 %patch5 -p1
%patch6 -p1
sed -e 's|@libexecdir@|%_libexecdir|g' \ sed -e 's|@libexecdir@|%_libexecdir|g' \
< $RPM_SOURCE_DIR/strongswan.init.in \ < $RPM_SOURCE_DIR/strongswan.init.in \
> strongswan.init > strongswan.init

36
strongswan_fipsfilter.patch
View File

@ -1,5 +1,12 @@
From aa709f291994a74271271b6dd61563cc3844e3ad Mon Sep 17 00:00:00 2001
From: Marius Tomaschewski <mt@suse.de>
Date: Tue, 16 Dec 2014 23:19:20 +0100
Subject: [PATCH] strongswan: filter algorithms for fips mode
References: fate#316931,bnc#856322
diff --git a/src/libcharon/config/proposal.c b/src/libcharon/config/proposal.c diff --git a/src/libcharon/config/proposal.c b/src/libcharon/config/proposal.c
index 2ecdb4f..85767ab 100644 index 2ecdb4f..a858162 100644
--- a/src/libcharon/config/proposal.c --- a/src/libcharon/config/proposal.c
+++ b/src/libcharon/config/proposal.c +++ b/src/libcharon/config/proposal.c
@@ -26,6 +26,11 @@ @@ -26,6 +26,11 @@
@ -14,7 +21,7 @@ index 2ecdb4f..85767ab 100644
ENUM(protocol_id_names, PROTO_NONE, PROTO_IPCOMP, ENUM(protocol_id_names, PROTO_NONE, PROTO_IPCOMP,
"PROTO_NONE", "PROTO_NONE",
@@ -185,6 +190,130 @@ METHOD(proposal_t, strip_dh, void, @@ -185,6 +190,122 @@ METHOD(proposal_t, strip_dh, void,
enumerator->destroy(enumerator); enumerator->destroy(enumerator);
} }
@ -104,24 +111,16 @@ index 2ecdb4f..85767ab 100644
+ case DIFFIE_HELLMAN_GROUP: + case DIFFIE_HELLMAN_GROUP:
+ switch (alg) + switch (alg)
+ { + {
+ case MODP_1024_BIT:
+ case MODP_1536_BIT:
+ case MODP_2048_BIT: + case MODP_2048_BIT:
+ case MODP_3072_BIT: + case MODP_3072_BIT:
+ case MODP_4096_BIT: + case MODP_4096_BIT:
+ case MODP_8192_BIT: + case MODP_8192_BIT:
+ case MODP_1024_160:
+ case MODP_2048_224: + case MODP_2048_224:
+ case MODP_2048_256: + case MODP_2048_256:
+ case ECP_192_BIT:
+ case ECP_224_BIT: + case ECP_224_BIT:
+ case ECP_256_BIT: + case ECP_256_BIT:
+ case ECP_384_BIT: + case ECP_384_BIT:
+ case ECP_521_BIT: + case ECP_521_BIT:
+ case ECP_224_BP:
+ case ECP_256_BP:
+ case ECP_384_BP:
+ case ECP_512_BP:
+ return TRUE; + return TRUE;
+ default: + default:
+ break; + break;
@ -145,7 +144,7 @@ index 2ecdb4f..85767ab 100644
/** /**
* Select a matching proposal from this and other, insert into selected. * Select a matching proposal from this and other, insert into selected.
*/ */
@@ -500,6 +629,11 @@ static bool add_string_algo(private_proposal_t *this, const char *alg) @@ -500,6 +621,11 @@ static bool add_string_algo(private_proposal_t *this, const char *alg)
return FALSE; return FALSE;
} }
@ -157,7 +156,7 @@ index 2ecdb4f..85767ab 100644
add_algorithm(this, token->type, token->algorithm, token->keysize); add_algorithm(this, token->type, token->algorithm, token->keysize);
return TRUE; return TRUE;
@@ -639,6 +773,8 @@ static void proposal_add_supported_ike(private_proposal_t *this) @@ -639,6 +765,8 @@ static void proposal_add_supported_ike(private_proposal_t *this)
enumerator = lib->crypto->create_crypter_enumerator(lib->crypto); enumerator = lib->crypto->create_crypter_enumerator(lib->crypto);
while (enumerator->enumerate(enumerator, &encryption, &plugin_name)) while (enumerator->enumerate(enumerator, &encryption, &plugin_name))
{ {
@ -166,7 +165,7 @@ index 2ecdb4f..85767ab 100644
switch (encryption) switch (encryption)
{ {
case ENCR_AES_CBC: case ENCR_AES_CBC:
@@ -665,6 +801,9 @@ static void proposal_add_supported_ike(private_proposal_t *this) @@ -665,6 +793,9 @@ static void proposal_add_supported_ike(private_proposal_t *this)
enumerator = lib->crypto->create_aead_enumerator(lib->crypto); enumerator = lib->crypto->create_aead_enumerator(lib->crypto);
while (enumerator->enumerate(enumerator, &encryption, &plugin_name)) while (enumerator->enumerate(enumerator, &encryption, &plugin_name))
{ {
@ -176,7 +175,7 @@ index 2ecdb4f..85767ab 100644
switch (encryption) switch (encryption)
{ {
case ENCR_AES_CCM_ICV8: case ENCR_AES_CCM_ICV8:
@@ -690,6 +829,8 @@ static void proposal_add_supported_ike(private_proposal_t *this) @@ -690,6 +821,8 @@ static void proposal_add_supported_ike(private_proposal_t *this)
enumerator = lib->crypto->create_signer_enumerator(lib->crypto); enumerator = lib->crypto->create_signer_enumerator(lib->crypto);
while (enumerator->enumerate(enumerator, &integrity, &plugin_name)) while (enumerator->enumerate(enumerator, &integrity, &plugin_name))
{ {
@ -185,7 +184,7 @@ index 2ecdb4f..85767ab 100644
switch (integrity) switch (integrity)
{ {
case AUTH_HMAC_SHA1_96: case AUTH_HMAC_SHA1_96:
@@ -710,6 +851,8 @@ static void proposal_add_supported_ike(private_proposal_t *this) @@ -710,6 +843,8 @@ static void proposal_add_supported_ike(private_proposal_t *this)
enumerator = lib->crypto->create_prf_enumerator(lib->crypto); enumerator = lib->crypto->create_prf_enumerator(lib->crypto);
while (enumerator->enumerate(enumerator, &prf, &plugin_name)) while (enumerator->enumerate(enumerator, &prf, &plugin_name))
{ {
@ -194,7 +193,7 @@ index 2ecdb4f..85767ab 100644
switch (prf) switch (prf)
{ {
case PRF_HMAC_SHA1: case PRF_HMAC_SHA1:
@@ -730,6 +873,8 @@ static void proposal_add_supported_ike(private_proposal_t *this) @@ -730,6 +865,8 @@ static void proposal_add_supported_ike(private_proposal_t *this)
enumerator = lib->crypto->create_dh_enumerator(lib->crypto); enumerator = lib->crypto->create_dh_enumerator(lib->crypto);
while (enumerator->enumerate(enumerator, &group, &plugin_name)) while (enumerator->enumerate(enumerator, &group, &plugin_name))
{ {
@ -203,7 +202,7 @@ index 2ecdb4f..85767ab 100644
switch (group) switch (group)
{ {
case MODP_NULL: case MODP_NULL:
@@ -776,31 +921,35 @@ proposal_t *proposal_create_default(protocol_id_t protocol) @@ -776,31 +913,35 @@ proposal_t *proposal_create_default(protocol_id_t protocol)
{ {
private_proposal_t *this = (private_proposal_t*)proposal_create(protocol, 0); private_proposal_t *this = (private_proposal_t*)proposal_create(protocol, 0);
@ -252,3 +251,6 @@ index 2ecdb4f..85767ab 100644
return &this->public; return &this->public;
} }
--
2.2.0