diff --git a/0005-restore-registration-algorithm-order.bug897512.patch b/0005-restore-registration-algorithm-order.bug897512.patch deleted file mode 100644 index eb4ad60..0000000 --- a/0005-restore-registration-algorithm-order.bug897512.patch +++ /dev/null @@ -1,413 +0,0 @@ -From 76ad8a6f4c83c999b9eb6d1a3506b1a8e593307e Mon Sep 17 00:00:00 2001 -From: Tobias Brunner -Date: Fri, 20 Jun 2014 16:22:15 +0200 -Subject: [PATCH] Merge branch 'algorithm-order' -Upstream: yes -References: bsc#897512 - -Restores the behavior we had before 2e22333fb (except for RNGs), that is, -algorithms are stored in the registration order again. Which is not optimal -as we must rely on plugins to register them in a sensible order, but ordering -them by identifier definitely caused weaker algorithms to be proposed first -in the default proposal, which was even worse. ---- - src/libstrongswan/crypto/crypto_factory.c | 18 +- - src/libstrongswan/tests/Makefile.am | 1 + - .../tests/suites/test_crypto_factory.c | 312 +++++++++++++++++++++ - src/libstrongswan/tests/tests.h | 1 + - 4 files changed, 327 insertions(+), 5 deletions(-) - create mode 100644 src/libstrongswan/tests/suites/test_crypto_factory.c - -diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c -index 6dea30e..96fbc0d 100644 ---- a/src/libstrongswan/crypto/crypto_factory.c -+++ b/src/libstrongswan/crypto/crypto_factory.c -@@ -392,10 +392,10 @@ METHOD(crypto_factory_t, create_dh, diffie_hellman_t*, - /** - * Insert an algorithm entry to a list - * -- * Entries are sorted by algorithm identifier (which is important for RNGs) -- * while maintaining the order in which algorithms were added, unless they were -+ * Entries maintain the order in which algorithms were added, unless they were - * benchmarked and speed is provided, which then is used to order entries of - * the same algorithm. -+ * An exception are RNG entries, which are sorted by algorithm identifier. - */ - static void add_entry(private_crypto_factory_t *this, linked_list_t *list, - int algo, const char *plugin_name, -@@ -403,6 +403,7 @@ static void add_entry(private_crypto_factory_t *this, linked_list_t *list, - { - enumerator_t *enumerator; - entry_t *entry, *current; -+ bool sort = (list == this->rngs), found = FALSE; - - INIT(entry, - .algo = algo, -@@ -415,12 +416,19 @@ static void add_entry(private_crypto_factory_t *this, linked_list_t *list, - enumerator = list->create_enumerator(list); - while (enumerator->enumerate(enumerator, ¤t)) - { -- if (current->algo > algo) -+ if (sort && current->algo > algo) - { - break; - } -- else if (current->algo == algo && speed && -- current->speed < speed) -+ else if (current->algo == algo) -+ { -+ if (speed > current->speed) -+ { -+ break; -+ } -+ found = TRUE; -+ } -+ else if (found) - { - break; - } -diff --git a/src/libstrongswan/tests/Makefile.am b/src/libstrongswan/tests/Makefile.am -index 331a548..0bdf2b3 100644 ---- a/src/libstrongswan/tests/Makefile.am -+++ b/src/libstrongswan/tests/Makefile.am -@@ -42,6 +42,7 @@ tests_SOURCES = tests.h tests.c \ - suites/test_host.c \ - suites/test_hasher.c \ - suites/test_crypter.c \ -+ suites/test_crypto_factory.c \ - suites/test_pen.c \ - suites/test_asn1.c \ - suites/test_asn1_parser.c \ -diff --git a/src/libstrongswan/tests/suites/test_crypto_factory.c b/src/libstrongswan/tests/suites/test_crypto_factory.c -new file mode 100644 -index 0000000..94f45da ---- /dev/null -+++ b/src/libstrongswan/tests/suites/test_crypto_factory.c -@@ -0,0 +1,312 @@ -+/* -+ * Copyright (C) 2014 Tobias Brunner -+ * Hochschule fuer Technik Rapperswil -+ * -+ * This program is free software; you can redistribute it and/or modify it -+ * under the terms of the GNU General Public License as published by the -+ * Free Software Foundation; either version 2 of the License, or (at your -+ * option) any later version. See . -+ * -+ * This program is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -+ * for more details. -+ */ -+ -+#include "test_suite.h" -+ -+#include -+ -+static rng_t *rng_create(rng_quality_t quality) -+{ -+ rng_quality_t *q = malloc_thing(rng_quality_t); -+ *q = quality; -+ return (rng_t*)q; -+} -+ -+static rng_t *rng_create_weak(rng_quality_t quality) -+{ -+ ck_assert(quality == RNG_WEAK); -+ return rng_create(RNG_WEAK); -+} -+ -+static rng_t *rng_create_strong(rng_quality_t quality) -+{ -+ ck_assert(quality <= RNG_STRONG); -+ return rng_create(RNG_STRONG); -+} -+ -+static rng_t *rng_create_true(rng_quality_t quality) -+{ -+ ck_assert(quality <= RNG_TRUE); -+ return rng_create(RNG_TRUE); -+} -+ -+static rng_t *rng_create_true_second(rng_quality_t quality) -+{ -+ fail("should never be called"); -+ return rng_create(RNG_TRUE); -+} -+ -+static rng_quality_t rng_weak = RNG_WEAK; -+static rng_quality_t rng_strong = RNG_STRONG; -+static rng_quality_t rng_true = RNG_TRUE; -+ -+static struct { -+ rng_quality_t *exp_weak; -+ rng_quality_t *exp_strong; -+ rng_quality_t *exp_true; -+ struct { -+ rng_quality_t *q; -+ rng_constructor_t create; -+ } data[4]; -+} rng_data[] = { -+ { NULL, NULL, NULL, { -+ { NULL, NULL } -+ }}, -+ { &rng_weak, NULL, NULL, { -+ { &rng_weak, rng_create_weak }, -+ { NULL, NULL } -+ }}, -+ { &rng_strong, &rng_strong, NULL, { -+ { &rng_strong, rng_create_strong }, -+ { NULL, NULL } -+ }}, -+ { &rng_true, &rng_true, &rng_true, { -+ { &rng_true, rng_create_true }, -+ { NULL, NULL } -+ }}, -+ { &rng_true, &rng_true, &rng_true, { -+ { &rng_true, rng_create_true }, -+ { &rng_true, rng_create_true_second }, -+ { NULL, NULL } -+ }}, -+ { &rng_weak, &rng_true, &rng_true, { -+ { &rng_weak, rng_create_weak }, -+ { &rng_true, rng_create_true }, -+ { NULL, NULL } -+ }}, -+ { &rng_weak, &rng_strong, &rng_true, { -+ { &rng_true, rng_create_true }, -+ { &rng_strong, rng_create_strong }, -+ { &rng_weak, rng_create_weak }, -+ { NULL, NULL } -+ }}, -+ { &rng_weak, &rng_strong, &rng_true, { -+ { &rng_weak, rng_create_weak }, -+ { &rng_strong, rng_create_strong }, -+ { &rng_true, rng_create_true }, -+ { NULL, NULL } -+ }}, -+}; -+ -+static void verify_rng(crypto_factory_t *factory, rng_quality_t request, -+ rng_quality_t *expected) -+{ -+ rng_quality_t *res; -+ -+ res = (rng_quality_t*)factory->create_rng(factory, request); -+ if (!expected) -+ { -+ ck_assert(!res); -+ } -+ else -+ { -+ ck_assert(res); -+ ck_assert_int_eq(*expected, *res); -+ free(res); -+ } -+} -+ -+START_TEST(test_create_rng) -+{ -+ crypto_factory_t *factory; -+ int i; -+ -+ factory = crypto_factory_create(); -+ for (i = 0; rng_data[_i].data[i].q; i++) -+ { -+ ck_assert(factory->add_rng(factory, *rng_data[_i].data[i].q, "test", -+ rng_data[_i].data[i].create)); -+ } -+ verify_rng(factory, RNG_WEAK, rng_data[_i].exp_weak); -+ verify_rng(factory, RNG_STRONG, rng_data[_i].exp_strong); -+ verify_rng(factory, RNG_TRUE, rng_data[_i].exp_true); -+ for (i = 0; rng_data[_i].data[i].q; i++) -+ { -+ factory->remove_rng(factory, rng_data[_i].data[i].create); -+ } -+ factory->destroy(factory); -+} -+END_TEST -+ -+static diffie_hellman_t *dh_create(char *plugin) -+{ -+ return (diffie_hellman_t*)plugin; -+} -+ -+static diffie_hellman_t *dh_create_modp1024(diffie_hellman_group_t group, ...) -+{ -+ ck_assert(group == MODP_1024_BIT); -+ return dh_create("plugin1"); -+} -+ -+static diffie_hellman_t *dh_create_modp1024_second(diffie_hellman_group_t group, -+ ...) -+{ -+ ck_assert(group == MODP_1024_BIT); -+ return dh_create("plugin2"); -+} -+ -+static diffie_hellman_t *dh_create_modp2048(diffie_hellman_group_t group, ...) -+{ -+ ck_assert(group == MODP_2048_BIT); -+ return dh_create("plugin1"); -+} -+ -+static diffie_hellman_t *dh_create_modp2048_second(diffie_hellman_group_t group, -+ ...) -+{ -+ ck_assert(group == MODP_2048_BIT); -+ return dh_create("plugin2"); -+} -+ -+static struct { -+ char *exp1024; -+ char *exp2048; -+ struct { -+ diffie_hellman_group_t g; -+ dh_constructor_t create; -+ char *plugin; -+ } data[4]; -+} dh_data[] = { -+ { NULL, NULL, { -+ { MODP_NONE, NULL, NULL } -+ }}, -+ { "plugin1", NULL, { -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_NONE, NULL, NULL } -+ }}, -+ { "plugin1", NULL, { -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_1024_BIT, dh_create_modp1024_second, "plugin2" }, -+ { MODP_NONE, NULL, NULL } -+ }}, -+ { "plugin2", NULL, { -+ { MODP_1024_BIT, dh_create_modp1024_second, "plugin2" }, -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_NONE, NULL, NULL } -+ }}, -+ { "plugin1", "plugin1", { -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_2048_BIT, dh_create_modp2048, "plugin1" }, -+ { MODP_NONE, NULL } -+ }}, -+ { "plugin1", "plugin1", { -+ { MODP_2048_BIT, dh_create_modp2048, "plugin1" }, -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_NONE, NULL } -+ }}, -+ { "plugin1", "plugin1", { -+ { MODP_2048_BIT, dh_create_modp2048, "plugin1" }, -+ { MODP_2048_BIT, dh_create_modp2048_second, "plugin2" }, -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_NONE, NULL } -+ }}, -+ { "plugin1", "plugin2", { -+ { MODP_2048_BIT, dh_create_modp2048_second, "plugin2" }, -+ { MODP_2048_BIT, dh_create_modp2048, "plugin1" }, -+ { MODP_1024_BIT, dh_create_modp1024, "plugin1" }, -+ { MODP_NONE, NULL } -+ }}, -+}; -+ -+static void verify_dh(crypto_factory_t *factory, diffie_hellman_group_t request, -+ char *expected) -+{ -+ char *plugin; -+ -+ plugin = (char*)factory->create_dh(factory, request); -+ if (!expected) -+ { -+ ck_assert(!plugin); -+ } -+ else -+ { -+ ck_assert(plugin); -+ ck_assert_str_eq(expected, plugin); -+ } -+} -+ -+START_TEST(test_create_dh) -+{ -+ enumerator_t *enumerator; -+ crypto_factory_t *factory; -+ diffie_hellman_group_t group; -+ char *plugin; -+ int i, len = 0; -+ -+ -+ factory = crypto_factory_create(); -+ for (i = 0; dh_data[_i].data[i].g != MODP_NONE; i++) -+ { -+ ck_assert(factory->add_dh(factory, dh_data[_i].data[i].g, -+ dh_data[_i].data[i].plugin, -+ dh_data[_i].data[i].create)); -+ } -+ verify_dh(factory, MODP_1024_BIT, dh_data[_i].exp1024); -+ verify_dh(factory, MODP_2048_BIT, dh_data[_i].exp2048); -+ -+ len = countof(dh_data[_i].data); -+ enumerator = factory->create_dh_enumerator(factory); -+ for (i = 0; enumerator->enumerate(enumerator, &group, &plugin) && i < len;) -+ { -+ ck_assert_int_eq(dh_data[_i].data[i].g, group); -+ while (dh_data[_i].data[i].g == group) -+ { /* skip other entries by the same group */ -+ i++; -+ } -+ switch (group) -+ { -+ case MODP_1024_BIT: -+ ck_assert(dh_data[_i].exp1024); -+ ck_assert_str_eq(dh_data[_i].exp1024, plugin); -+ break; -+ case MODP_2048_BIT: -+ ck_assert(dh_data[_i].exp2048); -+ ck_assert_str_eq(dh_data[_i].exp2048, plugin); -+ break; -+ default: -+ fail("unexpected DH group"); -+ break; -+ } -+ } -+ ck_assert(!enumerator->enumerate(enumerator)); -+ ck_assert_int_eq(dh_data[_i].data[i].g, MODP_NONE); -+ enumerator->destroy(enumerator); -+ -+ for (i = 0; dh_data[_i].data[i].g != MODP_NONE; i++) -+ { -+ factory->remove_dh(factory, dh_data[_i].data[i].create); -+ } -+ factory->destroy(factory); -+} -+END_TEST -+ -+Suite *crypto_factory_suite_create() -+{ -+ Suite *s; -+ TCase *tc; -+ -+ s = suite_create("crypto-factory"); -+ -+ tc = tcase_create("create_rng"); -+ tcase_add_loop_test(tc, test_create_rng, 0, countof(rng_data)); -+ suite_add_tcase(s, tc); -+ -+ tc = tcase_create("create_dh"); -+ tcase_add_loop_test(tc, test_create_dh, 0, countof(dh_data)); -+ suite_add_tcase(s, tc); -+ -+ return s; -+} -diff --git a/src/libstrongswan/tests/tests.h b/src/libstrongswan/tests/tests.h -index 82a5137..ab0f642 100644 ---- a/src/libstrongswan/tests/tests.h -+++ b/src/libstrongswan/tests/tests.h -@@ -35,6 +35,7 @@ TEST_SUITE(host_suite_create) - TEST_SUITE(printf_suite_create) - TEST_SUITE(hasher_suite_create) - TEST_SUITE(crypter_suite_create) -+TEST_SUITE(crypto_factory_suite_create) - TEST_SUITE(pen_suite_create) - TEST_SUITE(asn1_suite_create) - TEST_SUITE(asn1_parser_suite_create) --- -2.1.2 - diff --git a/0006-strongswan-5.1.2-5.2.1_modp_custom.CVE-2014-9221.patch b/0006-strongswan-5.1.2-5.2.1_modp_custom.CVE-2014-9221.patch deleted file mode 100644 index aa3ff37..0000000 --- a/0006-strongswan-5.1.2-5.2.1_modp_custom.CVE-2014-9221.patch +++ /dev/null @@ -1,166 +0,0 @@ -From a78ecdd47509626711a13481f53696e01d4b8c62 Mon Sep 17 00:00:00 2001 -From: Tobias Brunner -Date: Mon, 1 Dec 2014 17:21:59 +0100 -Subject: [PATCH] crypto: Define MODP_CUSTOM outside of IKE DH range -References: bsc#910491,CVE-2014-9221 -Upstream: yes - -Before this fix it was possible to crash charon with an IKE_SA_INIT -message containing a KE payload with DH group MODP_CUSTOM(1025). -Defining MODP_CUSTOM outside of the two byte IKE DH identifier range -prevents it from getting negotiated. - -Fixes CVE-2014-9221 in version 5.1.2 and newer. ---- - src/charon-tkm/src/tkm/tkm_diffie_hellman.c | 2 +- - src/libstrongswan/crypto/diffie_hellman.c | 11 ++++++----- - src/libstrongswan/crypto/diffie_hellman.h | 6 ++++-- - src/libstrongswan/plugins/gcrypt/gcrypt_dh.c | 2 +- - src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c | 2 +- - src/libstrongswan/plugins/ntru/ntru_ke.c | 2 +- - src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c | 2 +- - src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c | 2 +- - src/libstrongswan/plugins/pkcs11/pkcs11_dh.c | 2 +- - 9 files changed, 17 insertions(+), 14 deletions(-) - -diff --git a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c -index 67db5e6d87d6..836e0b7f088d 100644 ---- a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c -+++ b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c -@@ -41,7 +41,7 @@ struct private_tkm_diffie_hellman_t { - /** - * Diffie Hellman group number. - */ -- u_int16_t group; -+ diffie_hellman_group_t group; - - /** - * Diffie Hellman public value. -diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c -index bada1c529951..ac106e9c4d45 100644 ---- a/src/libstrongswan/crypto/diffie_hellman.c -+++ b/src/libstrongswan/crypto/diffie_hellman.c -@@ -42,15 +42,16 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, ECP_512_BP, ECP_521_BIT, - "ECP_256_BP", - "ECP_384_BP", - "ECP_512_BP"); --ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_CUSTOM, ECP_512_BP, -- "MODP_NULL", -- "MODP_CUSTOM"); --ENUM_NEXT(diffie_hellman_group_names, NTRU_112_BIT, NTRU_256_BIT, MODP_CUSTOM, -+ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_NULL, ECP_512_BP, -+ "MODP_NULL"); -+ENUM_NEXT(diffie_hellman_group_names, NTRU_112_BIT, NTRU_256_BIT, MODP_NULL, - "NTRU_112", - "NTRU_128", - "NTRU_192", - "NTRU_256"); --ENUM_END(diffie_hellman_group_names, NTRU_256_BIT); -+ENUM_NEXT(diffie_hellman_group_names, MODP_CUSTOM, MODP_CUSTOM, NTRU_256_BIT, -+ "MODP_CUSTOM"); -+ENUM_END(diffie_hellman_group_names, MODP_CUSTOM); - - - /** -diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h -index 105db22f14d4..d5161d077bb2 100644 ---- a/src/libstrongswan/crypto/diffie_hellman.h -+++ b/src/libstrongswan/crypto/diffie_hellman.h -@@ -63,12 +63,14 @@ enum diffie_hellman_group_t { - /** insecure NULL diffie hellman group for testing, in PRIVATE USE */ - MODP_NULL = 1024, - /** MODP group with custom generator/prime */ -- MODP_CUSTOM = 1025, - /** Parameters defined by IEEE 1363.1, in PRIVATE USE */ - NTRU_112_BIT = 1030, - NTRU_128_BIT = 1031, - NTRU_192_BIT = 1032, -- NTRU_256_BIT = 1033 -+ NTRU_256_BIT = 1033, -+ /** internally used DH group with additional parameters g and p, outside -+ * of PRIVATE USE (i.e. IKEv2 DH group range) so it can't be negotiated */ -+ MODP_CUSTOM = 65536, - }; - - /** -diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c -index f418b941db86..299865da2e09 100644 ---- a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c -+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c -@@ -35,7 +35,7 @@ struct private_gcrypt_dh_t { - /** - * Diffie Hellman group number - */ -- u_int16_t group; -+ diffie_hellman_group_t group; - - /* - * Generator value -diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c -index b74d35169f44..9936f7e4518f 100644 ---- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c -+++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c -@@ -42,7 +42,7 @@ struct private_gmp_diffie_hellman_t { - /** - * Diffie Hellman group number. - */ -- u_int16_t group; -+ diffie_hellman_group_t group; - - /* - * Generator value. -diff --git a/src/libstrongswan/plugins/ntru/ntru_ke.c b/src/libstrongswan/plugins/ntru/ntru_ke.c -index abaa22336221..e64f32b91d0e 100644 ---- a/src/libstrongswan/plugins/ntru/ntru_ke.c -+++ b/src/libstrongswan/plugins/ntru/ntru_ke.c -@@ -56,7 +56,7 @@ struct private_ntru_ke_t { - /** - * Diffie Hellman group number. - */ -- u_int16_t group; -+ diffie_hellman_group_t group; - - /** - * NTRU Parameter Set -diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c -index ff3382473666..1e68ac59b838 100644 ---- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c -+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c -@@ -38,7 +38,7 @@ struct private_openssl_diffie_hellman_t { - /** - * Diffie Hellman group number. - */ -- u_int16_t group; -+ diffie_hellman_group_t group; - - /** - * Diffie Hellman object -diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c -index b487d59a59a3..50853d6f0bde 100644 ---- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c -+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c -@@ -40,7 +40,7 @@ struct private_openssl_ec_diffie_hellman_t { - /** - * Diffie Hellman group number. - */ -- u_int16_t group; -+ diffie_hellman_group_t group; - - /** - * EC private (public) key -diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c -index 36cc284bf2b5..23b63d2386af 100644 ---- a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c -+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c -@@ -47,7 +47,7 @@ struct private_pkcs11_dh_t { - /** - * Diffie Hellman group number. - */ -- u_int16_t group; -+ diffie_hellman_group_t group; - - /** - * Handle for own private value --- -1.9.1 -