rjain/strongswan
SHA256
1
0
Fork 0
forked from jengelh/strongswan
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/strongswan?expand=0&rev=8

Browse Source
This commit is contained in:
OBS User unknown 2008-10-14 17:24:21 +00:00 committed by Git OBS Bridge
parent 15ae089190
commit ca63ce53ec
4 changed files with 183 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
strongswan.changes
View File

@ -1,3 +1,22 @@
-------------------------------------------------------------------
Tue Oct 14 16:29:59 CEST 2008 - mt@suse.de
- Applied fix for addr_in_subnet() extracted from strongswan-4.2.8
which caused insertion of wrong source routes for destination
subnets having netwmasks not being a multiple of 8 bits.
Thanks go to Wolfgang Steudel, TU Ilmenau for reporting this bug.
(bnc#435200)
-------------------------------------------------------------------
Fri Oct 10 08:08:35 CEST 2008 - mt@suse.de
- Applied fix for a Denial-of-Service vulnerability where an
IKE_SA_INIT message with a KE payload containing zeroes only can
cause a crash of the IKEv2 charon daemon due to a NULL pointer
returned by the mpz_export() function of the GNU Multi Precision
(GMP) library. Thanks go to Mu Dynamics Research Labs for making
us aware of this problem. (bnc#435194)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Aug 28 14:31:49 CEST 2008 - mt@suse.de Thu Aug 28 14:31:49 CEST 2008 - mt@suse.de

19
strongswan.spec
View File

@ -22,7 +22,7 @@ Name: strongswan
%define upstream_version 4.2.6 %define upstream_version 4.2.6
%define strongswan_docdir %{_docdir}/%{name} %define strongswan_docdir %{_docdir}/%{name}
Version: 4.2.6 Version: 4.2.6
Release: 3 Release: 12
License: GPL v2 or later License: GPL v2 or later
Group: Productivity/Networking/Security Group: Productivity/Networking/Security
Summary: StrongSwan -- OpenSource IPsec-based VPN Solution Summary: StrongSwan -- OpenSource IPsec-based VPN Solution
@ -40,6 +40,8 @@ Source3: %{name}-%{version}-rpmlintrc
Patch1: %{name}_modprobe_syslog.dif Patch1: %{name}_modprobe_syslog.dif
Patch2: %{name}-%{upstream_version}.dif Patch2: %{name}-%{upstream_version}.dif
Patch3: %{name}_update-dns-server.dif Patch3: %{name}_update-dns-server.dif
Patch4: %{name}_DoS_changeset_r4345.diff
Patch5: %{name}_addr_in_subnet.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison flex gmp-devel gperf pkg-config BuildRequires: bison flex gmp-devel gperf pkg-config
%if 0%{?suse_version} >= 1030 %if 0%{?suse_version} >= 1030
@ -137,6 +139,8 @@ Authors:
%patch1 -p0 %patch1 -p0
%patch2 -p0 %patch2 -p0
%patch3 -p0 %patch3 -p0
%patch4 -p2
%patch5 -p0
sed -e 's|@libexecdir@|%_libexecdir|g' \ sed -e 's|@libexecdir@|%_libexecdir|g' \
< $RPM_SOURCE_DIR/strongswan.init.in \ < $RPM_SOURCE_DIR/strongswan.init.in \
> strongswan.init > strongswan.init
@ -269,6 +273,19 @@ fi
%{_mandir}/man8/starter.8* %{_mandir}/man8/starter.8*
%changelog %changelog
* Tue Oct 14 2008 mt@suse.de
- Applied fix for addr_in_subnet() extracted from strongswan-4.2.8
which caused insertion of wrong source routes for destination
subnets having netwmasks not being a multiple of 8 bits.
Thanks go to Wolfgang Steudel, TU Ilmenau for reporting this bug.
(bnc#435200)
* Fri Oct 10 2008 mt@suse.de
- Applied fix for a Denial-of-Service vulnerability where an
IKE_SA_INIT message with a KE payload containing zeroes only can
cause a crash of the IKEv2 charon daemon due to a NULL pointer
returned by the mpz_export() function of the GNU Multi Precision
(GMP) library. Thanks go to Mu Dynamics Research Labs for making
us aware of this problem. (bnc#435194)
* Thu Aug 28 2008 mt@suse.de * Thu Aug 28 2008 mt@suse.de
- Fixed to use --enable-curl instead of --enable-http as before - Fixed to use --enable-curl instead of --enable-http as before
- Enabled the OpenSSL crypto plugin in the spec file. - Enabled the OpenSSL crypto plugin in the spec file.

103
strongswan_DoS_changeset_r4345.diff Normal file
View File

@ -0,0 +1,103 @@
Index: /trunk/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
===================================================================
--- /trunk/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c (revision 4317)
+++ /trunk/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c (revision 4345)
@@ -94,9 +94,13 @@
mpz_powm(c, m, this->e, this->n);
- encrypted.len = this->k;
- encrypted.ptr = mpz_export(NULL, NULL, 1, encrypted.len, 1, 0, c);
+ encrypted.len = this->k;
+ encrypted.ptr = mpz_export(NULL, NULL, 1, encrypted.len, 1, 0, c);
+ if (encrypted.ptr == NULL)
+ {
+ encrypted.len = 0;
+ }
mpz_clear(c);
- mpz_clear(m);
+ mpz_clear(m);
return encrypted;
Index: /trunk/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
===================================================================
--- /trunk/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c (revision 3806)
+++ /trunk/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c (revision 4345)
@@ -344,5 +344,5 @@
*/
mpz_t g;
-
+
/**
* My private value.
@@ -354,5 +354,5 @@
*/
mpz_t ya;
-
+
/**
* Other public value.
@@ -374,5 +374,5 @@
*/
size_t p_len;
-
+
/**
* True if shared secret is computed and stored in my_public_value.
@@ -441,5 +441,9 @@
}
value->len = this->p_len;
- value->ptr = mpz_export(NULL, NULL, 1, value->len, 1, 0, this->yb);
+ value->ptr = mpz_export(NULL, NULL, 1, value->len, 1, 0, this->yb);
+ if (value->ptr == NULL)
+ {
+ return FAILED;
+ }
return SUCCESS;
}
@@ -452,4 +456,8 @@
value->len = this->p_len;
value->ptr = mpz_export(NULL, NULL, 1, value->len, 1, 0, this->ya);
+ if (value->ptr == NULL)
+ {
+ value->len = 0;
+ }
}
@@ -464,5 +472,9 @@
}
secret->len = this->p_len;
- secret->ptr = mpz_export(NULL, NULL, 1, secret->len, 1, 0, this->zz);
+ secret->ptr = mpz_export(NULL, NULL, 1, secret->len, 1, 0, this->zz);
+ if (secret->ptr == NULL)
+ {
+ return FAILED;
+ }
return SUCCESS;
}
Index: /trunk/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
===================================================================
--- /trunk/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c (revision 4317)
+++ /trunk/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c (revision 4345)
@@ -192,4 +192,8 @@
decrypted.len = this->k;
decrypted.ptr = mpz_export(NULL, NULL, 1, decrypted.len, 1, 0, t1);
+ if (decrypted.ptr == NULL)
+ {
+ decrypted.len = 0;
+ }
mpz_clear_randomized(t1);
Index: /trunk/src/openac/openac.c
===================================================================
--- /trunk/src/openac/openac.c (revision 4318)
+++ /trunk/src/openac/openac.c (revision 4345)
@@ -104,4 +104,8 @@
chunk.len = 1 + mpz_sizeinbase(number, 2)/BITS_PER_BYTE;
chunk.ptr = mpz_export(NULL, NULL, 1, chunk.len, 1, 0, number);
+ if (chunk.ptr == NULL)
+ {
+ chunk.len = 0;
+ }
return chunk;
}

43
strongswan_addr_in_subnet.dif Normal file
View File

@ -0,0 +1,43 @@
--- src/charon/kernel/kernel_interface.c
+++ src/charon/kernel/kernel_interface.c 2008/10/14 14:10:13
@@ -1643,26 +1643,29 @@ static status_t manage_rule(private_kern
*/
static bool addr_in_subnet(chunk_t addr, chunk_t net, int net_len)
{
- int bit, byte;
+ static const u_char mask[] = { 0x00, 0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe };
+ int byte = 0;
- if (addr.len != net.len)
+ if (addr.len != net.len || net_len > 8 * net.len )
{
return FALSE;
}
- /* scan through all bits, beginning in the front */
- for (byte = 0; byte < addr.len; byte++)
+
+ /* scan through all bytes in network order */
+ while (net_len > 0)
{
- for (bit = 7; bit >= 0; bit--)
+ if (net_len < 8)
{
- /* check if bits are equal (or we reached the end of the net) */
- if (bit + byte * 8 > net_len)
- {
- return TRUE;
- }
- if (((1<<bit) & addr.ptr[byte]) != ((1<<bit) & net.ptr[byte]))
+ return (mask[net_len] & addr.ptr[byte]) == (mask[net_len] & net.ptr[byte]);
+ }
+ else
+ {
+ if (addr.ptr[byte] != net.ptr[byte])
{
return FALSE;
}
+ byte++;
+ net_len -= 8;
}
}
return TRUE;