Accepting request 514548 from home:ndas:branches:network:vpn

OBS-URL: https://build.opensuse.org/request/show/514548 OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=100
2017-08-04 11:47:37 +00:00 · 2017-08-04 11:47:37 +00:00 · 339326d8bc
commit 339326d8bc
parent 8cfc35877a
3 changed files with 0 additions and 53 deletions
--- a/0006-Fix-RSA-signature-verification-for-m.patch
+++ b/0006-Fix-RSA-signature-verification-for-m.patch
@ -1,49 +0,0 @@
-iFrom ed282e9a463c068146c945984fdea7828e663861 Mon Sep 17 00:00:00 2001
-From: Tobias Brunner <tobias@strongswan.org>
-Date: Mon, 29 May 2017 11:59:34 +0200
-Subject: [PATCH] gmp: Fix RSA signature verification for m >= n
-
-By definition, m must be <= n-1, we didn't enforce that and because
-mpz_export() returns NULL if the passed value is zero a crash could have
-been triggered with m == n.
-
-Fixes CVE-2017-11185.
---
- src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c | 12 +++++++++---
- 1 file changed, 9 insertions(+), 3 deletions(-)
-
-diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
-index 32a72ac9600b..a741f85d4f62 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
-+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
-@@ -78,11 +78,17 @@ static chunk_t rsaep(private_gmp_rsa_public_key_t *this, chunk_t data)
- 	mpz_t m, c;
- 	chunk_t encrypted;
- 
-	mpz_init(c);
- 	mpz_init(m);
-
- 	mpz_import(m, data.len, 1, 1, 1, 0, data.ptr);
- 
-+	if (mpz_cmp_ui(m, 0) <= 0 || mpz_cmp(m, this->n) >= 0)
-+	{	/* m must be <= n-1, but 0 is a valid value, doesn't really make sense
-+		 * here, though */
-+		mpz_clear(m);
-+		return chunk_empty;
-+	}
-+
-+	mpz_init(c);
- 	mpz_powm(c, m, this->e, this->n);
- 
- 	encrypted.len = this->k;
-@@ -150,7 +156,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
- 	 */
- 
- 	/* check magic bytes */
-	if (*(em.ptr) != 0x00 || *(em.ptr+1) != 0x01)
-+	if (em.len < 2 || *(em.ptr) != 0x00 || *(em.ptr+1) != 0x01)
- 	{
- 		goto end;
- 	}
-- 
-2.7.4
--- a/strongswan.changes
+++ b/strongswan.changes
@ -64,8 +64,6 @@ Mon Jul 31 18:30:28 CEST 2017 - ndas@suse.de
    [- 0006-Make-sure-the-modulus-is-odd-and-the-exponent-not-zero.patch,
     - 0007-asn1-parser-Fix-CHOICE-parsing.patch]
 - libhydra is removed as all kernel plugins moved to libcharon
- Fix RSA signature verification for m >= n (bsc#1051222 CVE-2017-11185)
-  [+ 0006-Fix-RSA-signature-verification-for-m.patch]

 -------------------------------------------------------------------
 Tue May 23 14:25:32 CEST 2017 - ndas@suse.de
--- a/strongswan.spec
+++ b/strongswan.spec
@ -83,7 +83,6 @@ Patch3:         %{name}_fipscheck.patch
 Patch4:         %{name}_fipsfilter.patch
 %endif
 Patch5:         0005-ikev1-Don-t-retransmit-Aggressive-Mode-response.patch
-Patch6:         0006-Fix-RSA-signature-verification-for-m.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  bison
 BuildRequires:  curl-devel
@ -295,7 +294,6 @@ and the load testing plugin for IKEv2 daemon.
 %patch4 -p1
 %endif
 %patch5 -p1
-%patch6 -p1
 sed -e 's|@libexecdir@|%_libexecdir|g'    \
     < $RPM_SOURCE_DIR/strongswan.init.in \
     > strongswan.init