diff --git a/cyrus-sasl-2.1.27-cumulative-digestmd5.patch b/cyrus-sasl-2.1.27-cumulative-digestmd5.patch index d61130f..f7ee718 100644 --- a/cyrus-sasl-2.1.27-cumulative-digestmd5.patch +++ b/cyrus-sasl-2.1.27-cumulative-digestmd5.patch @@ -1,6 +1,6 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c ---- cyrus-sasl-2.1.27/plugins/digestmd5.c 2021-09-30 17:13:06.573093526 -0400 -+++ cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c 2021-09-30 17:26:31.818378442 -0400 +--- cyrus-sasl-2.1.27/plugins/digestmd5.c 2022-09-08 12:22:03.782961573 -0400 ++++ cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c 2022-09-08 12:24:20.289994669 -0400 @@ -80,6 +80,12 @@ # endif #endif /* WITH_DES */ @@ -105,7 +105,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug /* setup dec context */ c++; -@@ -1102,60 +1114,139 @@ +@@ -1102,34 +1114,83 @@ memcpy(c->ivec, ((char *) deckey) + 8, 8); @@ -201,16 +201,14 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug } static int init_rc4(context_t *text, - unsigned char enckey[16], - unsigned char deckey[16]) - { -+ const EVP_CIPHER *cipher; +@@ -1139,23 +1200,57 @@ EVP_CIPHER_CTX *ctx; int rc; - ctx = EVP_CIPHER_CTX_new(); - if (ctx == NULL) return SASL_NOMEM; +#if OPENSSL_VERSION_NUMBER >= 0x30000000L ++ EVP_CIPHER *cipher; + ossl3_context_t *ossl3_ctx; - rc = EVP_EncryptInit_ex(ctx, EVP_rc4(), NULL, enckey, NULL); @@ -221,6 +219,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug + ossl3_ctx = (ossl3_context_t *)text->crypto.libctx; + cipher = EVP_CIPHER_fetch(ossl3_ctx->libctx, "RC4", ""); +#else ++ const EVP_CIPHER *cipher; + cipher = EVP_rc4(); +#endif @@ -241,25 +240,28 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug + goto done; + } + text->crypto.enc_ctx = (void *)ctx; - -- text->cipher_dec_context = (void *)ctx; ++ + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) { + rc = SASL_NOMEM; + goto done; + } - -- return SASL_OK; ++ + rc = EVP_DecryptInit_ex(ctx, cipher, NULL, deckey, NULL); + if (rc != 1) { + rc = SASL_FAIL; + goto done; + } + text->crypto.dec_ctx = (void *)ctx; -+ + +- text->cipher_dec_context = (void *)ctx; + rc = SASL_OK; -+ + +- return SASL_OK; +done: ++#if OPENSSL_VERSION_NUMBER >= 0x30000000L ++ EVP_CIPHER_free(cipher); ++#endif + if (rc != SASL_OK) { + free_rc4(text); + } @@ -267,7 +269,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug } static int dec_rc4(context_t *text, -@@ -1169,14 +1260,14 @@ +@@ -1169,14 +1264,14 @@ int rc; /* decrypt the text part & HMAC */ @@ -284,7 +286,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug (unsigned char *)output + len, &len); if (rc != 1) return SASL_FAIL; -@@ -1198,7 +1289,7 @@ +@@ -1198,7 +1293,7 @@ int len; int rc; /* encrypt the text part */ @@ -293,7 +295,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug (unsigned char *)output, &len, (const unsigned char *)input, inputlen); if (rc != 1) return SASL_FAIL; -@@ -1206,14 +1297,14 @@ +@@ -1206,14 +1301,14 @@ *outputlen = len; /* encrypt the `MAC part */ @@ -310,7 +312,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug (unsigned char *)output + *outputlen, &len); if (rc != 1) return SASL_FAIL; -@@ -1221,188 +1312,11 @@ +@@ -1221,188 +1316,11 @@ return SASL_OK; } @@ -499,7 +501,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug { "rc4", 128, 16, 0x04, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 }, #endif #ifdef WITH_DES -@@ -2815,6 +2729,7 @@ +@@ -2815,6 +2733,7 @@ } if (cptr->name) { @@ -507,7 +509,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug text->cipher_enc = cptr->cipher_enc; text->cipher_dec = cptr->cipher_dec; text->cipher_init = cptr->cipher_init; -@@ -2958,7 +2873,10 @@ +@@ -2958,7 +2877,10 @@ if (text->cipher_init) { if (text->cipher_init(text, enckey, deckey) != SASL_OK) { sparams->utils->seterror(sparams->utils->conn, 0, @@ -519,7 +521,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug } } } -@@ -3509,6 +3427,7 @@ +@@ -3509,6 +3431,7 @@ oparams->mech_ssf = ctext->cipher->ssf; nbits = ctext->cipher->n; @@ -527,7 +529,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug text->cipher_enc = ctext->cipher->cipher_enc; text->cipher_dec = ctext->cipher->cipher_dec; text->cipher_free = ctext->cipher->cipher_free; -@@ -3733,7 +3652,13 @@ +@@ -3733,7 +3656,13 @@ /* initialize cipher if need be */ if (text->cipher_init) { diff --git a/cyrus-sasl.spec b/cyrus-sasl.spec index 6b3cff7..3f023f2 100644 --- a/cyrus-sasl.spec +++ b/cyrus-sasl.spec @@ -9,7 +9,7 @@ Summary: The Cyrus SASL library Name: cyrus-sasl Version: 2.1.27 -Release: 20%{?dist} +Release: 21%{?dist} License: BSD with advertising URL: https://www.cyrusimap.org/sasl/ @@ -401,11 +401,14 @@ getent passwd %{username} >/dev/null || useradd -r -g %{username} -d %{homedir} %{_sbindir}/sasl2-shared-mechlist %changelog -* Thu Feb 23 2022 Simo Sorce - 2.1.27-6 +* Mon Aug 1 2022 Simo Sorce - 2.1.27-21 +- Fix memleak + +* Wed Feb 23 2022 Simo Sorce - 2.1.27-20 - Fix for CVE-2022-24407 - Resolves: rhbz#2055848 -* Mon Feb 9 2022 Simo Sorce - 2.1.27-19 +* Wed Feb 9 2022 Simo Sorce - 2.1.27-19 - Fix a memleak in one of the OpenSSL 3 compat patches found by covscan