5 changed files with 22 additions and 122 deletions
--- a/.booth.metadata
+++ b/.booth.metadata
@ -0,0 +1 @@
 1fe5851af81995b4187b6c24ffbb9e8edead7060 SOURCES/booth-1.0-283-9d4029a.tar.gz
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/booth-1.1.tar.gz
+SOURCES/booth-1.0-283-9d4029a.tar.gz
--- a/SOURCES/RHEL-32613-1-attr-Fix-reading-of-server_reply.patch
+++ b/SOURCES/RHEL-32613-1-attr-Fix-reading-of-server_reply.patch
@ -1,37 +0,0 @@
 From 4bdd96d767fc38239c4fac9e95404da99f61ac65 Mon Sep 17 00:00:00 2001
 From: Jan Friesse <jfriesse@redhat.com>
 Date: Wed, 21 Feb 2024 17:40:11 +0100
 Subject: [PATCH 1/4] attr: Fix reading of server_reply
 read_server_reply first reads boothc header and then rest of packet
 which contains hmac info. This should go in memory right after
 boothc_header and not after full length of packet, because full length
 of packet already contains hmac info.
 Solution is to simply use length of header and not length of packet.
 Longer term and better solution would be to drop read_server_reply
 completely and use recv_auth which is used for everything else but attr
 set and delete.
 Signed-off-by: Jan Friesse <jfriesse@redhat.com>
 ---
 src/attr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/src/attr.c b/src/attr.c
 index 44061e3..bc154f0 100644
 --- a/src/attr.c
 +++ b/src/attr.c
@@ -142,7 +142,7 @@ static int read_server_reply(
 		return -2;
 	}
 	len = ntohl(header->length);
 -	rv = tpt->recv(site, msg+len, len-sizeof(*header));
 +	rv = tpt->recv(site, msg+sizeof(*header), len-sizeof(*header));
 	if (rv < 0) {
 		return -1;
 	}
 -- 
 2.44.0
--- a/SOURCES/RHEL-32613-2-auth-Check-result-of-gcrypt-gcry_md_get_algo_dlen.patch
+++ b/SOURCES/RHEL-32613-2-auth-Check-result-of-gcrypt-gcry_md_get_algo_dlen.patch
@ -1,65 +0,0 @@
 From 91fcfb5708f829ecff7d098ed4c0fc8f2da6d599 Mon Sep 17 00:00:00 2001
 From: Jan Friesse <jfriesse@redhat.com>
 Date: Wed, 21 Feb 2024 18:12:28 +0100
 Subject: [PATCH 2/4] auth: Check result of gcrypt gcry_md_get_algo_dlen
 When unknown hash is passed to gcry_md_get_algo_dlen 0 is returned. This
 value is then used for memcmp so wrong hmac might be accepted as
 correct.
 Signed-off-by: Jan Friesse <jfriesse@redhat.com>
 ---
 src/auth.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)
 diff --git a/src/auth.c b/src/auth.c
 index 8f86b9a..a3b3d20 100644
 --- a/src/auth.c
 +++ b/src/auth.c
@@ -28,6 +28,11 @@ int calc_hmac(const void *data, size_t datalen,
 {
 	static gcry_md_hd_t digest;
 	gcry_error_t err;
 +	int hlen;
 +
 +	hlen = gcry_md_get_algo_dlen(hid);
 +	if (!hlen)
 +		return -1;
 	if (!digest) {
 		err = gcry_md_open(&digest, hid, GCRY_MD_FLAG_HMAC);
@@ -42,7 +47,7 @@ int calc_hmac(const void *data, size_t datalen,
 		}
 	}
 	gcry_md_write(digest, data, datalen);
 -	memcpy(result, gcry_md_read(digest, 0), gcry_md_get_algo_dlen(hid));
 +	memcpy(result, gcry_md_read(digest, 0), hlen);
 	gcry_md_reset(digest);
 	return 0;
 }
@@ -54,15 +59,20 @@ int verify_hmac(const void *data, size_t datalen,
 {
 	unsigned char *our_hmac;
 	int rc;
 +	int hlen;
 +
 +	hlen = gcry_md_get_algo_dlen(hid);
 +	if (!hlen)
 +		return -1;
 -	our_hmac = malloc(gcry_md_get_algo_dlen(hid));
 +	our_hmac = malloc(hlen);
 	if (!our_hmac)
 		return -1;
 	rc = calc_hmac(data, datalen, hid, our_hmac, key, keylen);
 	if (rc)
 		goto out_free;
 -	rc = memcmp(our_hmac, hmac, gcry_md_get_algo_dlen(hid));
 +	rc = memcmp(our_hmac, hmac, hlen);
 out_free:
 	if (our_hmac)
 -- 
 2.44.0
--- a/SPECS/booth.spec
+++ b/SPECS/booth.spec
@ -24,6 +24,22 @@
 %bcond_with run_build_tests
 %bcond_without include_unit_test
 # set following to the result of  `git describe --abbrev=128 $commit`
 # This will be used to fill booth_ver, booth_numcomm and booth_sha1.
 # It is important to keep abbrev to get full length sha1! When updating source use
 # `spectool -g booth.spec` to download source.
 %global git_describe_str v1.0-283-g9d4029aa14323a7f3b496215d25e40bd14f33632
 # Set this to 1 when rebasing (changing git_describe_str) and increase otherwise
 %global release 1
 # Run shell script to parse git_describe str into version, numcomm and sha1 hash
 %global booth_ver %(s=%{git_describe_str}; vver=${s%%%%-*}; echo ${vver:1})
 %global booth_numcomm %(s=%{git_describe_str}; t=${s#*-}; echo ${t%%%%-*})
 %global booth_sha1 %(s=%{git_describe_str}; t=${s##*-}; echo ${t:1})
 %global booth_short_sha1 %(s=%{booth_sha1}; echo ${s:0:7})
 %global booth_archive_name %{name}-%{booth_ver}-%{booth_numcomm}-%{booth_short_sha1}
 ## User and group to use for nonprivileged services (should be in sync with pacemaker)
 %global uname hacluster
 %global gname haclient
@ -40,15 +56,13 @@
 %global test_path   %{_datadir}/booth/tests
 Name:           booth
-Version:        1.1
+Version:        %{booth_ver}
-Release:        1%{?dist}.1
+Release:        %{booth_numcomm}.%{release}.%{booth_short_sha1}.git%{?dist}
 Summary:        Ticket Manager for Multi-site Clusters
 License:        GPLv2+
 Url:            https://github.com/%{github_owner}/%{name}
-Source0:        https://github.com/%{github_owner}/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.gz
+Source0:        https://github.com/%{github_owner}/%{name}/archive/%{booth_short_sha1}/%{booth_archive_name}.tar.gz
 Patch0:         rhel-specific-0001-config-Add-enable-authfile-option.patch
 Patch1:         RHEL-32613-1-attr-Fix-reading-of-server_reply.patch
 Patch2:         RHEL-32613-2-auth-Check-result-of-gcrypt-gcry_md_get_algo_dlen.patch
 # direct build process dependencies
 BuildRequires:  autoconf
@ -179,7 +193,7 @@ Automated tests for running Booth, ticket manager for multi-site clusters.
 # BUILD #
 %prep
-%autosetup -n %{name}-%{version} -S git_am
+%autosetup -n %{name}-%{booth_sha1} -S git_am
 %build
 ./autogen.sh
@ -297,19 +311,6 @@ VERBOSE=1 make check
 %{_usr}/lib/ocf/resource.d/booth/sharedrsc
 %changelog
 * Tue Apr 30 2024 Jan Friesse <jfriesse@redhat.com> - 1.1-1.1
 - Resolves: RHEL-32613
 - attr: Fix reading of server_reply
 - auth: Check result of gcrypt gcry_md_get_algo_dlen (fixes CVE-2024-3049)
 * Thu Nov 23 2023 Jan Friesse <jfriesse@redhat.com> - 1.1-1
 - Resolves: RHEL-15265
 - New upstream release (RHEL-15265)
 - Upstream releases should now be released regularly, so convert spec
  to use them instead of git snapshots (RHEL-15265)
 * Mon Nov 21 2022 Jan Friesse <jfriesse@redhat.com> - 1.0-283.1.9d4029a.git
 - Resolves: rhbz#2135865
		`@ -0,0 +1 @@`
							`1fe5851af81995b4187b6c24ffbb9e8edead7060 SOURCES/booth-1.0-283-9d4029a.tar.gz`
`@ -1 +1 @@`
	`SOURCES/booth-1.1.tar.gz`	`SOURCES/booth-1.0-283-9d4029a.tar.gz`