From 21f807019c383496afa0155d221b028dbf02efab Mon Sep 17 00:00:00 2001 From: Jan Friesse Date: Wed, 3 Aug 2022 18:27:01 +0200 Subject: [PATCH] - Resolves: rhbz#2111669 - Fix authfile directive handling in booth config file (fixes CVE-2022-2553) - Add enable-authfile option Signed-off-by: Jan Friesse --- booth.spec | 11 +- ...or-main-substitute-is_auth_req-macro.patch | 30 +++++ ...-2-config-Add-enable-authfile-option.patch | 106 ++++++++++++++++++ 3 files changed, 146 insertions(+), 1 deletion(-) create mode 100644 bz2111669-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch create mode 100644 bz2111669-2-config-Add-enable-authfile-option.patch diff --git a/booth.spec b/booth.spec index f8620ca..c22c0d0 100644 --- a/booth.spec +++ b/booth.spec @@ -31,7 +31,7 @@ %global git_describe_str v1.0-251-gbfb2f924c07db823f5c934d1aafbc5181bb25148 # Set this to 1 when rebasing (changing git_describe_str) and increase otherwise -%global release 2 +%global release 3 # Run shell script to parse git_describe str into version, numcomm and sha1 hash %global booth_ver %(s=%{git_describe_str}; vver=${s%%%%-*}; echo ${vver:1}) @@ -62,6 +62,8 @@ Summary: Ticket Manager for Multi-site Clusters License: GPLv2+ Url: https://github.com/%{github_owner}/%{name} Source0: https://github.com/%{github_owner}/%{name}/archive/%{booth_short_sha1}/%{booth_archive_name}.tar.gz +Patch0: bz2111669-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch +Patch1: bz2111669-2-config-Add-enable-authfile-option.patch # direct build process dependencies BuildRequires: autoconf @@ -310,6 +312,13 @@ VERBOSE=1 make check %{_usr}/lib/ocf/resource.d/booth/sharedrsc %changelog +* Wed Aug 03 2022 Jan Friesse - 1.0-251.3.bfb2f92.git +- Resolves: rhbz#2111669 + +- Fix authfile directive handling in booth config file + (fixes CVE-2022-2553) +- Add enable-authfile option + * Mon Aug 09 2021 Mohan Boddu - 1.0-251.2.bfb2f92.git - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 diff --git a/bz2111669-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch b/bz2111669-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch new file mode 100644 index 0000000..3ab2586 --- /dev/null +++ b/bz2111669-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch @@ -0,0 +1,30 @@ +From 35bf0b7b048d715f671eb68974fb6b4af6528c67 Mon Sep 17 00:00:00 2001 +From: Jan Friesse +Date: Mon, 4 Jul 2022 09:39:47 +0200 +Subject: [PATCH] Revert "Refactor: main: substitute is_auth_req macro" + +This reverts commit da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c. + +authfile != authkey + +Signed-off-by: Jan Friesse +--- + src/main.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/main.c b/src/main.c +index b50a883..b4a174f 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -364,7 +364,7 @@ static int setup_config(int type) + if (rv < 0) + goto out; + +- if (is_auth_req()) { ++ if (booth_conf->authfile[0] != '\0') { + rv = read_authkey(); + if (rv < 0) + goto out; +-- +2.37.1 + diff --git a/bz2111669-2-config-Add-enable-authfile-option.patch b/bz2111669-2-config-Add-enable-authfile-option.patch new file mode 100644 index 0000000..a3adc72 --- /dev/null +++ b/bz2111669-2-config-Add-enable-authfile-option.patch @@ -0,0 +1,106 @@ +From 466246c2fa8ea1bcc06593fbf7b900d0665606b1 Mon Sep 17 00:00:00 2001 +From: Jan Friesse +Date: Tue, 26 Jul 2022 18:39:38 +0200 +Subject: [PATCH] config: Add enable-authfile option + +This option enables (or disables) usage of authfile. Can be 'yes' or 'no'. +Default is 'no'. + +Booth usage of authfile was broken for long time (since commit +da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c). + +Pcs was adding authfile by default, but it was not used. Once booth bug +was fixed problem appears because mixed clusters (with fixed version and +without fixed one) stops working. + +This non-upstream option is added and used to allow use of +authfile without breaking compatibility for clusters +consisting of mixed versions (usually happens before all nodes are +updated) of booth (user have to explicitly +enable usage of authfile). + +This patch is transitional and will be removed in future major version of +distribution. + +Signed-off-by: Jan Friesse +--- + docs/boothd.8.txt | 7 +++++++ + src/config.c | 17 +++++++++++++++++ + src/config.h | 1 + + src/main.c | 2 +- + 4 files changed, 26 insertions(+), 1 deletion(-) + +diff --git a/docs/boothd.8.txt b/docs/boothd.8.txt +index f58f27e..12f66f9 100644 +--- a/docs/boothd.8.txt ++++ b/docs/boothd.8.txt +@@ -230,6 +230,13 @@ will always bind and listen to both UDP and TCP ports. + parameter to a higher value. The time skew test is performed + only in concert with authentication. + ++*'enable-authfile'*:: ++ Enables (or disables) usage of authfile. Can be 'yes' or 'no'. ++ Default is 'no'. ++ This is non-upstream option used to allow use of authfile without ++ breaking compatibility for clusters consisting of mixed ++ versions of booth. ++ + *'site'*:: + Defines a site Raft member with the given IP. Sites can + acquire tickets. The sites' IP should be managed by the cluster. +diff --git a/src/config.c b/src/config.c +index 8e41553..b9df3e3 100644 +--- a/src/config.c ++++ b/src/config.c +@@ -729,6 +729,23 @@ no_value: + booth_conf->maxtimeskew = atoi(val); + continue; + } ++ ++ if (strcmp(key, "enable-authfile") == 0) { ++ if (strcasecmp(val, "yes") == 0 || ++ strcasecmp(val, "on") == 0 || ++ strcasecmp(val, "1") == 0) { ++ booth_conf->enable_authfile = 1; ++ } else if (strcasecmp(val, "no") == 0 || ++ strcasecmp(val, "off") == 0 || ++ strcasecmp(val, "0") == 0) { ++ booth_conf->enable_authfile = 0; ++ } else { ++ error = "Expected yes/no value for enable-authfile"; ++ goto err; ++ } ++ ++ continue; ++ } + #endif + + if (strcmp(key, "site") == 0) { +diff --git a/src/config.h b/src/config.h +index bca73bc..da1e917 100644 +--- a/src/config.h ++++ b/src/config.h +@@ -297,6 +297,7 @@ struct booth_config { + struct stat authstat; + char authkey[BOOTH_MAX_KEY_LEN]; + int authkey_len; ++ int enable_authfile; + /** Maximum time skew between peers allowed */ + int maxtimeskew; + +diff --git a/src/main.c b/src/main.c +index b4a174f..0fdb295 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -364,7 +364,7 @@ static int setup_config(int type) + if (rv < 0) + goto out; + +- if (booth_conf->authfile[0] != '\0') { ++ if (booth_conf->authfile[0] != '\0' && booth_conf->enable_authfile) { + rv = read_authkey(); + if (rv < 0) + goto out; +-- +2.37.1 +