From e31576eaaeb92e424b3bcbe21674a8cf804ad5bda7c617c8c2172524f217d603 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ismail=20D=C3=B6nmez?= Date: Tue, 6 Oct 2015 18:06:09 +0000 Subject: [PATCH 1/2] Accepting request 336730 from home:vitezslav_cizek:branches:network - add a compatibility flag to avoid checksum collisions (bsc#900914) * fixes rsync equivalent of librsync's CVE-2014-8242 * added rsync-equivalent_of_CVE-2014-8242.patch - modify rsync-add_back_use_slp_directive.patch OBS-URL: https://build.opensuse.org/request/show/336730 OBS-URL: https://build.opensuse.org/package/show/network/rsync?expand=0&rev=47 --- rsync-add_back_use_slp_directive.patch | 61 +++++++++++----- rsync-equivalent_of_CVE-2014-8242.patch | 95 +++++++++++++++++++++++++ rsync.changes | 8 +++ rsync.spec | 3 + 4 files changed, 148 insertions(+), 19 deletions(-) create mode 100644 rsync-equivalent_of_CVE-2014-8242.patch diff --git a/rsync-add_back_use_slp_directive.patch b/rsync-add_back_use_slp_directive.patch index ac6b9ed..361120b 100644 --- a/rsync-add_back_use_slp_directive.patch +++ b/rsync-add_back_use_slp_directive.patch @@ -1,7 +1,7 @@ Index: rsync-3.1.1/clientserver.c =================================================================== ---- rsync-3.1.1.orig/clientserver.c 2015-08-11 11:10:05.445550476 +0200 -+++ rsync-3.1.1/clientserver.c 2015-08-11 11:11:12.922400586 +0200 +--- rsync-3.1.1.orig/clientserver.c 2015-10-05 14:49:04.789801244 +0200 ++++ rsync-3.1.1/clientserver.c 2015-10-05 14:49:04.799801378 +0200 @@ -1200,7 +1200,7 @@ int daemon_main(void) * local address??? */ @@ -13,8 +13,8 @@ Index: rsync-3.1.1/clientserver.c } Index: rsync-3.1.1/loadparm.c =================================================================== ---- rsync-3.1.1.orig/loadparm.c 2015-08-11 11:10:05.445550476 +0200 -+++ rsync-3.1.1/loadparm.c 2015-08-11 11:32:41.294010307 +0200 +--- rsync-3.1.1.orig/loadparm.c 2015-10-05 14:49:04.790801257 +0200 ++++ rsync-3.1.1/loadparm.c 2015-10-05 15:40:06.561346152 +0200 @@ -101,6 +101,7 @@ typedef struct { int rsync_port; #ifdef HAVE_LIBSLP @@ -23,23 +23,26 @@ Index: rsync-3.1.1/loadparm.c #endif } global_vars; -@@ -322,6 +323,7 @@ static struct parm_struct parm_table[] = +@@ -181,6 +182,10 @@ static const all_vars Defaults = { + + /* listen_backlog; */ 5, + /* rsync_port; */ 0, ++#ifdef HAVE_LIBSLP ++ /* slp_refresh; */ 0, ++ /* use_slp; */ True, ++#endif + }, + + /* ==== local_vars ==== */ +@@ -322,6 +327,7 @@ static struct parm_struct parm_table[] = {"port", P_INTEGER,P_GLOBAL,&Vars.g.rsync_port, NULL,0}, #ifdef HAVE_LIBSLP {"slp refresh", P_INTEGER,P_GLOBAL,&Vars.g.slp_refresh, NULL,0}, -+ {"use slp", P_BOOL, P_GLOBAL,&Vars.g.use_slp, NULL,0}, ++ {"use slp", P_BOOL, P_GLOBAL,&Vars.g.use_slp, NULL,0}, #endif {"socket options", P_STRING, P_GLOBAL,&Vars.g.socket_options, NULL,0}, -@@ -376,6 +378,7 @@ static struct parm_struct parm_table[] = - static void reset_all_vars(void) - { - memcpy(&Vars, &Defaults, sizeof Vars); -+ Vars.g.use_slp = True; - } - - /* Expand %VAR% references. Any unknown vars or unrecognized -@@ -458,6 +461,7 @@ FN_GLOBAL_INTEGER(lp_listen_backlog, &Va +@@ -458,6 +464,7 @@ FN_GLOBAL_INTEGER(lp_listen_backlog, &Va FN_GLOBAL_INTEGER(lp_rsync_port, &Vars.g.rsync_port) #ifdef HAVE_LIBSLP FN_GLOBAL_INTEGER(lp_slp_refresh, &Vars.g.slp_refresh) @@ -49,8 +52,8 @@ Index: rsync-3.1.1/loadparm.c FN_LOCAL_STRING(lp_auth_users, auth_users) Index: rsync-3.1.1/rsyncd.conf.yo =================================================================== ---- rsync-3.1.1.orig/rsyncd.conf.yo 2015-08-11 11:10:05.447550501 +0200 -+++ rsync-3.1.1/rsyncd.conf.yo 2015-08-11 11:34:15.206231147 +0200 +--- rsync-3.1.1.orig/rsyncd.conf.yo 2015-10-05 14:49:04.791801270 +0200 ++++ rsync-3.1.1/rsyncd.conf.yo 2015-10-05 14:49:04.799801378 +0200 @@ -124,6 +124,10 @@ via the bf(--sockopts) command-line opti dit(bf(listen backlog)) You can override the default backlog value when the daemon listens for connections. It defaults to 5. @@ -64,8 +67,8 @@ Index: rsync-3.1.1/rsyncd.conf.yo you have Service Location Protocol support compiled in. If this is Index: rsync-3.1.1/socket.c =================================================================== ---- rsync-3.1.1.orig/socket.c 2015-08-11 11:10:05.447550501 +0200 -+++ rsync-3.1.1/socket.c 2015-08-11 11:35:25.434145276 +0200 +--- rsync-3.1.1.orig/socket.c 2015-10-05 14:49:04.791801270 +0200 ++++ rsync-3.1.1/socket.c 2015-10-05 14:49:04.799801378 +0200 @@ -546,7 +546,7 @@ void start_accept_loop(int port, int (*f int *sp, maxfd, i; #ifdef HAVE_LIBSLP @@ -75,3 +78,23 @@ Index: rsync-3.1.1/socket.c if (slp_timeout) { if (slp_timeout < SLP_MIN_TIMEOUT) slp_timeout = SLP_MIN_TIMEOUT; +Index: rsync-3.1.1/main.c +=================================================================== +--- rsync-3.1.1.orig/main.c 2015-10-05 14:49:04.790801257 +0200 ++++ rsync-3.1.1/main.c 2015-10-05 14:49:04.800801392 +0200 +@@ -1250,8 +1250,13 @@ static int start_client(int argc, char * + if (shell_machine && !shell_machine[0]) { + #ifdef HAVE_LIBSLP + /* User entered just rsync:// URI */ +- print_service_list(); +- exit_cleanup(0); ++ if (lp_use_slp()) { ++ print_service_list(); ++ exit_cleanup(0); ++ } else { ++ rprintf(FINFO, "SLP is disabled, cannot browse\n"); ++ exit_cleanup(RERR_SYNTAX); ++ } + #else /* No SLP, die here */ + rprintf(FINFO, "No SLP support, cannot browse\n"); + exit_cleanup(RERR_SYNTAX); diff --git a/rsync-equivalent_of_CVE-2014-8242.patch b/rsync-equivalent_of_CVE-2014-8242.patch new file mode 100644 index 0000000..be3a55d --- /dev/null +++ b/rsync-equivalent_of_CVE-2014-8242.patch @@ -0,0 +1,95 @@ +From eac858085e3ac94ec0ab5061d11f52652c90a869 Mon Sep 17 00:00:00 2001 +From: Wayne Davison +Date: Mon, 11 May 2015 12:36:20 -0700 +Subject: [PATCH] Add compat flag to allow proper seed checksum order. Fixes + the equivalent of librsync's CVE-2014-8242 issue. + +--- + checksum.c | 17 +++++++++++++---- + compat.c | 5 +++++ + options.c | 1 + + 3 files changed, 19 insertions(+), 4 deletions(-) + +Index: rsync-3.1.1/checksum.c +=================================================================== +--- rsync-3.1.1.orig/checksum.c 2015-10-06 11:18:33.293065513 +0200 ++++ rsync-3.1.1/checksum.c 2015-10-06 11:18:34.382078657 +0200 +@@ -23,6 +23,7 @@ + + extern int checksum_seed; + extern int protocol_version; ++extern int proper_seed_order; + + /* + a simple 32 bit checksum that can be upadted from either end +@@ -54,10 +55,18 @@ void get_checksum2(char *buf, int32 len, + if (protocol_version >= 30) { + uchar seedbuf[4]; + md5_begin(&m); +- md5_update(&m, (uchar *)buf, len); +- if (checksum_seed) { +- SIVALu(seedbuf, 0, checksum_seed); +- md5_update(&m, seedbuf, 4); ++ if (proper_seed_order) { ++ if (checksum_seed) { ++ SIVALu(seedbuf, 0, checksum_seed); ++ md5_update(&m, seedbuf, 4); ++ } ++ md5_update(&m, (uchar *)buf, len); ++ } else { ++ md5_update(&m, (uchar *)buf, len); ++ if (checksum_seed) { ++ SIVALu(seedbuf, 0, checksum_seed); ++ md5_update(&m, seedbuf, 4); ++ } + } + md5_result(&m, (uchar *)sum); + } else { +Index: rsync-3.1.1/compat.c +=================================================================== +--- rsync-3.1.1.orig/compat.c 2015-10-06 11:18:33.293065513 +0200 ++++ rsync-3.1.1/compat.c 2015-10-06 11:18:34.383078669 +0200 +@@ -27,6 +27,7 @@ int inc_recurse = 0; + int compat_flags = 0; + int use_safe_inc_flist = 0; + int want_xattr_optim = 0; ++int proper_seed_order = 0; + + extern int am_server; + extern int am_sender; +@@ -78,6 +79,7 @@ int filesfrom_convert = 0; + #define CF_SYMLINK_ICONV (1<<2) + #define CF_SAFE_FLIST (1<<3) + #define CF_AVOID_XATTR_OPTIM (1<<4) ++#define CF_CHKSUM_SEED_FIX (1<<5) + + static const char *client_info; + +@@ -257,12 +259,15 @@ void setup_protocol(int f_out,int f_in) + compat_flags |= CF_SAFE_FLIST; + if (local_server || strchr(client_info, 'x') != NULL) + compat_flags |= CF_AVOID_XATTR_OPTIM; ++ if (local_server || strchr(client_info, 'C') != NULL) ++ compat_flags |= CF_CHKSUM_SEED_FIX; + write_byte(f_out, compat_flags); + } else + compat_flags = read_byte(f_in); + /* The inc_recurse var MUST be set to 0 or 1. */ + inc_recurse = compat_flags & CF_INC_RECURSE ? 1 : 0; + want_xattr_optim = protocol_version >= 31 && !(compat_flags & CF_AVOID_XATTR_OPTIM); ++ proper_seed_order = compat_flags & CF_CHKSUM_SEED_FIX ? 1 : 0; + if (am_sender) { + receiver_symlink_times = am_server + ? strchr(client_info, 'L') != NULL +Index: rsync-3.1.1/options.c +=================================================================== +--- rsync-3.1.1.orig/options.c 2015-10-06 11:18:34.383078669 +0200 ++++ rsync-3.1.1/options.c 2015-10-06 11:19:37.630842114 +0200 +@@ -2505,6 +2505,7 @@ void server_options(char **args, int *ar + #endif + argstr[x++] = 'f'; /* flist I/O-error safety support */ + argstr[x++] = 'x'; /* xattr hardlink optimization not desired */ ++ argstr[x++] = 'C'; /* support checksum seed order fix */ + } + + if (x >= (int)sizeof argstr) { /* Not possible... */ diff --git a/rsync.changes b/rsync.changes index 669a1c7..8583572 100644 --- a/rsync.changes +++ b/rsync.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Tue Oct 6 11:16:55 UTC 2015 - vcizek@suse.com + +- add a compatibility flag to avoid checksum collisions (bsc#900914) + * fixes rsync equivalent of librsync's CVE-2014-8242 + * added rsync-equivalent_of_CVE-2014-8242.patch +- modify rsync-add_back_use_slp_directive.patch + ------------------------------------------------------------------- Tue Aug 11 09:40:36 UTC 2015 - vcizek@suse.com diff --git a/rsync.spec b/rsync.spec index 4be6d1d..c3e6ce4 100644 --- a/rsync.spec +++ b/rsync.spec @@ -44,7 +44,9 @@ Source12: %{name}.keyring Patch3: system-zlib.diff Patch4: rsync-CVE-2014-9512.patch Patch5: rsync-no-libattr.patch +#PATCH-FIX-SUSE boo#922710 slp Patch6: rsync-add_back_use_slp_directive.patch +Patch7: rsync-equivalent_of_CVE-2014-8242.patch BuildRequires: autoconf BuildRequires: libacl-devel BuildRequires: openslp-devel @@ -87,6 +89,7 @@ patch -p1 < patches/acls.diff patch -p1 < patches/xattrs.diff patch -p1 < patches/slp.diff %patch6 -p1 +%patch7 -p1 # fate#312479 patch -p1 < patches/time-limit.diff %patch5 -p1 From aee63f30ce3d7d9c369e87c440bb2b34a4d044d7dab05eebb478c89c31c32c15 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ismail=20D=C3=B6nmez?= Date: Wed, 7 Oct 2015 16:20:55 +0000 Subject: [PATCH 2/2] Accepting request 337003 from home:vitezslav_cizek:branches:network - better disable slp by default, it doesn't seem to be used much and it often caused problems (eg boo#898513, bsc#922710) * set "use slp" in rsyncd.conf to enable * modified rsync-add_back_use_slp_directive.patch OBS-URL: https://build.opensuse.org/request/show/337003 OBS-URL: https://build.opensuse.org/package/show/network/rsync?expand=0&rev=48 --- rsync-add_back_use_slp_directive.patch | 51 ++++++++++++++++++-------- rsync.changes | 8 ++++ 2 files changed, 43 insertions(+), 16 deletions(-) diff --git a/rsync-add_back_use_slp_directive.patch b/rsync-add_back_use_slp_directive.patch index 361120b..bab5f48 100644 --- a/rsync-add_back_use_slp_directive.patch +++ b/rsync-add_back_use_slp_directive.patch @@ -1,7 +1,7 @@ Index: rsync-3.1.1/clientserver.c =================================================================== ---- rsync-3.1.1.orig/clientserver.c 2015-10-05 14:49:04.789801244 +0200 -+++ rsync-3.1.1/clientserver.c 2015-10-05 14:49:04.799801378 +0200 +--- rsync-3.1.1.orig/clientserver.c 2015-10-07 14:58:43.767379915 +0200 ++++ rsync-3.1.1/clientserver.c 2015-10-07 14:59:24.515920754 +0200 @@ -1200,7 +1200,7 @@ int daemon_main(void) * local address??? */ @@ -13,8 +13,8 @@ Index: rsync-3.1.1/clientserver.c } Index: rsync-3.1.1/loadparm.c =================================================================== ---- rsync-3.1.1.orig/loadparm.c 2015-10-05 14:49:04.790801257 +0200 -+++ rsync-3.1.1/loadparm.c 2015-10-05 15:40:06.561346152 +0200 +--- rsync-3.1.1.orig/loadparm.c 2015-10-07 14:58:43.767379915 +0200 ++++ rsync-3.1.1/loadparm.c 2015-10-07 14:59:24.515920754 +0200 @@ -101,6 +101,7 @@ typedef struct { int rsync_port; #ifdef HAVE_LIBSLP @@ -29,7 +29,7 @@ Index: rsync-3.1.1/loadparm.c /* rsync_port; */ 0, +#ifdef HAVE_LIBSLP + /* slp_refresh; */ 0, -+ /* use_slp; */ True, ++ /* use_slp; */ False, +#endif }, @@ -52,14 +52,14 @@ Index: rsync-3.1.1/loadparm.c FN_LOCAL_STRING(lp_auth_users, auth_users) Index: rsync-3.1.1/rsyncd.conf.yo =================================================================== ---- rsync-3.1.1.orig/rsyncd.conf.yo 2015-10-05 14:49:04.791801270 +0200 -+++ rsync-3.1.1/rsyncd.conf.yo 2015-10-05 14:49:04.799801378 +0200 +--- rsync-3.1.1.orig/rsyncd.conf.yo 2015-10-07 14:58:43.767379915 +0200 ++++ rsync-3.1.1/rsyncd.conf.yo 2015-10-07 14:59:24.516920767 +0200 @@ -124,6 +124,10 @@ via the bf(--sockopts) command-line opti dit(bf(listen backlog)) You can override the default backlog value when the daemon listens for connections. It defaults to 5. +dit(bf(use slp)) This parameter is used to determine if the module names are -+advertised via slp. The default is for this to be enabled, which will ++advertised via slp. The default is for this to be disabled, which won't +advertise your public modules. + dit(bf(slp refresh)) This parameter is used to determine how long service @@ -67,8 +67,8 @@ Index: rsync-3.1.1/rsyncd.conf.yo you have Service Location Protocol support compiled in. If this is Index: rsync-3.1.1/socket.c =================================================================== ---- rsync-3.1.1.orig/socket.c 2015-10-05 14:49:04.791801270 +0200 -+++ rsync-3.1.1/socket.c 2015-10-05 14:49:04.799801378 +0200 +--- rsync-3.1.1.orig/socket.c 2015-10-07 14:58:43.767379915 +0200 ++++ rsync-3.1.1/socket.c 2015-10-07 14:59:24.516920767 +0200 @@ -546,7 +546,7 @@ void start_accept_loop(int port, int (*f int *sp, maxfd, i; #ifdef HAVE_LIBSLP @@ -80,21 +80,40 @@ Index: rsync-3.1.1/socket.c slp_timeout = SLP_MIN_TIMEOUT; Index: rsync-3.1.1/main.c =================================================================== ---- rsync-3.1.1.orig/main.c 2015-10-05 14:49:04.790801257 +0200 -+++ rsync-3.1.1/main.c 2015-10-05 14:49:04.800801392 +0200 -@@ -1250,8 +1250,13 @@ static int start_client(int argc, char * +--- rsync-3.1.1.orig/main.c 2015-10-07 14:58:43.767379915 +0200 ++++ rsync-3.1.1/main.c 2015-10-07 14:59:24.516920767 +0200 +@@ -1250,11 +1250,14 @@ static int start_client(int argc, char * if (shell_machine && !shell_machine[0]) { #ifdef HAVE_LIBSLP /* User entered just rsync:// URI */ - print_service_list(); - exit_cleanup(0); +-#else /* No SLP, die here */ + if (lp_use_slp()) { + print_service_list(); + exit_cleanup(0); + } else { + rprintf(FINFO, "SLP is disabled, cannot browse\n"); -+ exit_cleanup(RERR_SYNTAX); + } - #else /* No SLP, die here */ ++#else /* No SLP */ rprintf(FINFO, "No SLP support, cannot browse\n"); - exit_cleanup(RERR_SYNTAX); +- exit_cleanup(RERR_SYNTAX); + #endif + } + +Index: rsync-3.1.1/rsyncd.conf.5 +=================================================================== +--- rsync-3.1.1.orig/rsyncd.conf.5 2015-10-07 14:36:06.288364061 +0200 ++++ rsync-3.1.1/rsyncd.conf.5 2015-10-07 15:00:28.309767222 +0200 +@@ -142,6 +142,11 @@ via the \fB\-\-sockopts\fP command\-line + You can override the default backlog value when the + daemon listens for connections. It defaults to 5. + .IP ++.IP "\fBuse slp\fP" ++This parameter is used to determine if the module names are ++advertised via slp. The default is for this to be disabled, which won't ++advertise your public modules. ++.IP + .IP "\fBslp refresh\fP" + This parameter is used to determine how long service + advertisements are valid (measured in seconds), and is only applicable if diff --git a/rsync.changes b/rsync.changes index 8583572..a63de4b 100644 --- a/rsync.changes +++ b/rsync.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Wed Oct 7 12:26:26 UTC 2015 - vcizek@suse.com + +- better disable slp by default, it doesn't seem to be used much + and it often caused problems (eg boo#898513, bsc#922710) + * set "use slp" in rsyncd.conf to enable + * modified rsync-add_back_use_slp_directive.patch + ------------------------------------------------------------------- Tue Oct 6 11:16:55 UTC 2015 - vcizek@suse.com