parent
5d1e3fadfc
commit
bda6a3fbeb
@ -1,4 +1,4 @@
|
|||||||
SOURCES/ikev1_dsa.fax.bz2
|
SOURCES/ikev1_dsa.fax.bz2
|
||||||
SOURCES/ikev1_psk.fax.bz2
|
SOURCES/ikev1_psk.fax.bz2
|
||||||
SOURCES/ikev2.fax.bz2
|
SOURCES/ikev2.fax.bz2
|
||||||
SOURCES/libreswan-4.9.tar.gz
|
SOURCES/libreswan-4.12.tar.gz
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
b35cd50b8bc0a08b9c07713bf19c72d53bfe66bb SOURCES/ikev1_dsa.fax.bz2
|
b35cd50b8bc0a08b9c07713bf19c72d53bfe66bb SOURCES/ikev1_dsa.fax.bz2
|
||||||
861d97bf488f9e296cad8c43ab72f111a5b1a848 SOURCES/ikev1_psk.fax.bz2
|
861d97bf488f9e296cad8c43ab72f111a5b1a848 SOURCES/ikev1_psk.fax.bz2
|
||||||
fcaf77f3deae3d8e99cdb3b1f8abea63167a0633 SOURCES/ikev2.fax.bz2
|
fcaf77f3deae3d8e99cdb3b1f8abea63167a0633 SOURCES/ikev2.fax.bz2
|
||||||
12b7351ca7e6ba1ac787239e67027a4d82f02f10 SOURCES/libreswan-4.9.tar.gz
|
786c14a4755311ea3103683a3294e1536b1e44a6 SOURCES/libreswan-4.12.tar.gz
|
||||||
|
@ -1,84 +0,0 @@
|
|||||||
From 7a6c217f47b1ae37e32b173dc6d3ea7fdb86d532 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Paul Wouters <paul.wouters@aiven.io>
|
|
||||||
Date: Tue, 28 Feb 2023 11:24:22 -0500
|
|
||||||
Subject: [PATCH 1/2] pluto: abort processing corrupt TS payloads
|
|
||||||
CVE-2023-23009
|
|
||||||
|
|
||||||
Latest updates on this issue at https://libreswan.org/security/CVE-2023-23009
|
|
||||||
---
|
|
||||||
programs/pluto/ikev2_ts.c | 5 +++++
|
|
||||||
1 file changed, 5 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/programs/pluto/ikev2_ts.c b/programs/pluto/ikev2_ts.c
|
|
||||||
index 3f7519ca38..f06c40ba46 100644
|
|
||||||
--- a/programs/pluto/ikev2_ts.c
|
|
||||||
+++ b/programs/pluto/ikev2_ts.c
|
|
||||||
@@ -437,6 +437,11 @@ static bool v2_parse_tss(struct payload_digest *const ts_pd,
|
|
||||||
d = pbs_in_struct(&ts_pd->pbs, &ikev2_ts_header_desc,
|
|
||||||
&ts_h, sizeof(ts_h), &ts_body_pbs);
|
|
||||||
|
|
||||||
+ if (d != NULL) {
|
|
||||||
+ llog_diag(RC_LOG, logger, &d, "%s", "");
|
|
||||||
+ return false;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
switch (ts_h.isath_type) {
|
|
||||||
case IKEv2_TS_IPV4_ADDR_RANGE:
|
|
||||||
case IKEv2_TS_IPV6_ADDR_RANGE:
|
|
||||||
--
|
|
||||||
2.39.2
|
|
||||||
|
|
||||||
|
|
||||||
From 52c19ccc9455ccd91fa4946b09f8e11222f1c923 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Andrew Cagney <cagney@gnu.org>
|
|
||||||
Date: Tue, 28 Feb 2023 14:10:44 -0500
|
|
||||||
Subject: [PATCH 2/2] ikev1: only clean up a connection when it isn't deleted
|
|
||||||
|
|
||||||
fix #1018 reported by Wolfgang.
|
|
||||||
see also ecb9c88910df1fb070488835bf3180096f3ccba3:
|
|
||||||
IKEv1: Remove all IPsec SA's of a connection when newest SA is removed.
|
|
||||||
---
|
|
||||||
programs/pluto/ikev1_main.c | 14 ++++++++++----
|
|
||||||
1 file changed, 10 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/programs/pluto/ikev1_main.c b/programs/pluto/ikev1_main.c
|
|
||||||
index a616c5ccf3..21765d4002 100644
|
|
||||||
--- a/programs/pluto/ikev1_main.c
|
|
||||||
+++ b/programs/pluto/ikev1_main.c
|
|
||||||
@@ -2130,15 +2130,16 @@ bool accept_delete(struct msg_digest *md,
|
|
||||||
ntohl(spi));
|
|
||||||
}
|
|
||||||
|
|
||||||
- struct connection *rc = dst->st_connection;
|
|
||||||
+ /* save for post delete_state() code */
|
|
||||||
+ co_serial_t rc_serialno = dst->st_connection->serialno;
|
|
||||||
|
|
||||||
if (nat_traversal_enabled && dst->st_connection->ikev1_natt != NATT_NONE) {
|
|
||||||
nat_traversal_change_port_lookup(md, dst);
|
|
||||||
v1_maybe_natify_initiator_endpoints(st, HERE);
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (rc->newest_ipsec_sa == dst->st_serialno &&
|
|
||||||
- (rc->policy & POLICY_UP)) {
|
|
||||||
+ if (dst->st_connection->newest_ipsec_sa == dst->st_serialno &&
|
|
||||||
+ (dst->st_connection->policy & POLICY_UP)) {
|
|
||||||
/*
|
|
||||||
* Last IPsec SA for a permanent
|
|
||||||
* connection that we have initiated.
|
|
||||||
@@ -2162,7 +2163,12 @@ bool accept_delete(struct msg_digest *md,
|
|
||||||
md->v1_st = NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (rc->newest_ipsec_sa == SOS_NOBODY) {
|
|
||||||
+ /*
|
|
||||||
+ * Either .newest_ipsec_sa matches DST
|
|
||||||
+ * and is cleared, or was never set.
|
|
||||||
+ */
|
|
||||||
+ struct connection *rc = connection_by_serialno(rc_serialno);
|
|
||||||
+ if (rc != NULL && rc->newest_ipsec_sa == SOS_NOBODY) {
|
|
||||||
dbg("%s() connection '%s' -POLICY_UP", __func__, rc->name);
|
|
||||||
rc->policy &= ~POLICY_UP;
|
|
||||||
if (!shared_phase1_connection(rc)) {
|
|
||||||
--
|
|
||||||
2.39.2
|
|
||||||
|
|
@ -1,129 +0,0 @@
|
|||||||
diff --git a/programs/pluto/ikev1.c b/programs/pluto/ikev1.c
|
|
||||||
index e0615323ed..401618b6dd 100644
|
|
||||||
--- a/programs/pluto/ikev1.c
|
|
||||||
+++ b/programs/pluto/ikev1.c
|
|
||||||
@@ -1101,10 +1101,20 @@ void process_v1_packet(struct msg_digest *md)
|
|
||||||
struct state *st = NULL;
|
|
||||||
enum state_kind from_state = STATE_UNDEFINED; /* state we started in */
|
|
||||||
|
|
||||||
+ /*
|
|
||||||
+ * For the initial responses, don't leak the responder's SPI.
|
|
||||||
+ * Hence the use of send_v1_notification_from_md().
|
|
||||||
+ *
|
|
||||||
+ * AGGR mode is a mess in that the R0->R1 transition happens
|
|
||||||
+ * well before the transition succeeds.
|
|
||||||
+ */
|
|
||||||
#define SEND_NOTIFICATION(t) \
|
|
||||||
{ \
|
|
||||||
pstats(ikev1_sent_notifies_e, t); \
|
|
||||||
- if (st != NULL) \
|
|
||||||
+ if (st != NULL && \
|
|
||||||
+ st->st_state->kind != STATE_AGGR_R0 && \
|
|
||||||
+ st->st_state->kind != STATE_AGGR_R1 && \
|
|
||||||
+ st->st_state->kind != STATE_MAIN_R0) \
|
|
||||||
send_v1_notification_from_state(st, from_state, t); \
|
|
||||||
else \
|
|
||||||
send_v1_notification_from_md(md, t); \
|
|
||||||
@@ -1168,17 +1178,26 @@ void process_v1_packet(struct msg_digest *md)
|
|
||||||
from_state = (md->hdr.isa_xchg == ISAKMP_XCHG_IDPROT ?
|
|
||||||
STATE_MAIN_R0 : STATE_AGGR_R0);
|
|
||||||
} else {
|
|
||||||
- /* not an initial message */
|
|
||||||
+ /*
|
|
||||||
+ * Possibly not an initial message. Possibly
|
|
||||||
+ * from initiator. Possibly from responder.
|
|
||||||
+ *
|
|
||||||
+ * Possibly. Which is probably hopeless.
|
|
||||||
+ */
|
|
||||||
|
|
||||||
st = find_state_ikev1(&md->hdr.isa_ike_spis,
|
|
||||||
md->hdr.isa_msgid);
|
|
||||||
|
|
||||||
if (st == NULL) {
|
|
||||||
/*
|
|
||||||
- * perhaps this is a first message
|
|
||||||
+ * Perhaps this is a first message
|
|
||||||
* from the responder and contains a
|
|
||||||
* responder cookie that we've not yet
|
|
||||||
* seen.
|
|
||||||
+ *
|
|
||||||
+ * Perhaps this is a random message
|
|
||||||
+ * with a bogus non-zero responder IKE
|
|
||||||
+ * SPI.
|
|
||||||
*/
|
|
||||||
st = find_state_ikev1_init(&md->hdr.isa_ike_initiator_spi,
|
|
||||||
md->hdr.isa_msgid);
|
|
||||||
@@ -1189,6 +1208,21 @@ void process_v1_packet(struct msg_digest *md)
|
|
||||||
/* XXX Could send notification back */
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
+ if (st->st_state->kind == STATE_AGGR_R0) {
|
|
||||||
+ /*
|
|
||||||
+ * The only way for this to
|
|
||||||
+ * happen is for the attacker
|
|
||||||
+ * to guess the responder's
|
|
||||||
+ * IKE SPI that hasn't been
|
|
||||||
+ * sent over the wire?
|
|
||||||
+ *
|
|
||||||
+ * Well that or played 1/2^32
|
|
||||||
+ * odds.
|
|
||||||
+ */
|
|
||||||
+ llog_pexpect(md->md_logger, HERE,
|
|
||||||
+ "phase 1 message matching AGGR_R0 state");
|
|
||||||
+ return;
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
from_state = st->st_state->kind;
|
|
||||||
}
|
|
||||||
@@ -2870,7 +2904,28 @@ void complete_v1_state_transition(struct state *st, struct msg_digest *md, stf_s
|
|
||||||
delete_state(st);
|
|
||||||
/* wipe out dangling pointer to st */
|
|
||||||
md->v1_st = NULL;
|
|
||||||
+ } else if (st->st_state->kind == STATE_AGGR_R0 ||
|
|
||||||
+ st->st_state->kind == STATE_AGGR_R1 ||
|
|
||||||
+ st->st_state->kind == STATE_MAIN_R0) {
|
|
||||||
+ /*
|
|
||||||
+ *
|
|
||||||
+ * Wipe out the incomplete larval state.
|
|
||||||
+ *
|
|
||||||
+ * ARGH! In <=v4.10, the aggr code flipped the
|
|
||||||
+ * larval state to R1 right at the start of
|
|
||||||
+ * the transition and not the end, so using
|
|
||||||
+ * state to figure things out is close to
|
|
||||||
+ * useless.
|
|
||||||
+ *
|
|
||||||
+ * Deleting the state means that pluto has no
|
|
||||||
+ * way to detect and ignore amplification
|
|
||||||
+ * attacks.
|
|
||||||
+ */
|
|
||||||
+ delete_state(st);
|
|
||||||
+ /* wipe out dangling pointer to st */
|
|
||||||
+ md->v1_st = NULL;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
diff --git a/programs/pluto/ikev1_aggr.c b/programs/pluto/ikev1_aggr.c
|
|
||||||
index 2732951beb..87be80cb6c 100644
|
|
||||||
--- a/programs/pluto/ikev1_aggr.c
|
|
||||||
+++ b/programs/pluto/ikev1_aggr.c
|
|
||||||
@@ -169,7 +169,7 @@ stf_status aggr_inI1_outR1(struct state *null_st UNUSED,
|
|
||||||
/* Set up state */
|
|
||||||
struct ike_sa *ike = new_v1_rstate(c, md);
|
|
||||||
md->v1_st = &ike->sa; /* (caller will reset cur_state) */
|
|
||||||
- change_v1_state(&ike->sa, STATE_AGGR_R1);
|
|
||||||
+ change_v1_state(&ike->sa, STATE_AGGR_R0);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Warn when peer is expected to use especially dangerous
|
|
||||||
@@ -197,7 +197,8 @@ stf_status aggr_inI1_outR1(struct state *null_st UNUSED,
|
|
||||||
|
|
||||||
if (!v1_decode_certs(md)) {
|
|
||||||
llog_sa(RC_LOG, ike, "X509: CERT payload bogus or revoked");
|
|
||||||
- return false;
|
|
||||||
+ /* XXX notification is in order! */
|
|
||||||
+ return STF_FAIL_v1N + v1N_INVALID_ID_INFORMATION;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
Loading…
Reference in new issue