fix CVE-2015-3420: SSL/TLS handshake failures leading to a crash of the login process
This commit is contained in:
parent
907076b191
commit
51f4fff5f1
62
dovecot-2.1.6-86f535375750.patch
Normal file
62
dovecot-2.1.6-86f535375750.patch
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
|
||||||
|
# HG changeset patch
|
||||||
|
# User Timo Sirainen <tss@iki.fi>
|
||||||
|
# Date 1430213224 -7200
|
||||||
|
# Node ID 86f5353757500a8c53aa708282bbdd77ac270011
|
||||||
|
# Parent a2d342257b25e10e7c6c1aaade9e49d22d849c05
|
||||||
|
*-login: Don't try to flush SSL output if SSL handshake fails.
|
||||||
|
This fixes a crash on failed handshakes on some OpenSSL builds.
|
||||||
|
|
||||||
|
diff -r a2d342257b25 -r 86f535375750 src/login-common/ssl-proxy-openssl.c
|
||||||
|
--- a/src/login-common/ssl-proxy-openssl.c Sat Apr 25 12:16:07 2015 +0300
|
||||||
|
+++ b/src/login-common/ssl-proxy-openssl.c Tue Apr 28 11:27:04 2015 +0200
|
||||||
|
@@ -80,6 +80,7 @@
|
||||||
|
unsigned int cert_broken:1;
|
||||||
|
unsigned int client_proxy:1;
|
||||||
|
unsigned int flushing:1;
|
||||||
|
+ unsigned int failed:1;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct ssl_parameters {
|
||||||
|
@@ -131,6 +132,12 @@
|
||||||
|
static int ssl_proxy_ctx_get_pkey_ec_curve_name(const struct master_service_ssl_settings *set);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+static void ssl_proxy_destroy_failed(struct ssl_proxy *proxy)
|
||||||
|
+{
|
||||||
|
+ proxy->failed = TRUE;
|
||||||
|
+ ssl_proxy_destroy(proxy);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static unsigned int ssl_server_context_hash(const struct ssl_server_context *ctx)
|
||||||
|
{
|
||||||
|
unsigned int i, g, h = 0;
|
||||||
|
@@ -462,7 +469,7 @@
|
||||||
|
|
||||||
|
if (errstr != NULL) {
|
||||||
|
proxy->last_error = i_strdup(errstr);
|
||||||
|
- ssl_proxy_destroy(proxy);
|
||||||
|
+ ssl_proxy_destroy_failed(proxy);
|
||||||
|
}
|
||||||
|
ssl_proxy_unref(proxy);
|
||||||
|
}
|
||||||
|
@@ -492,7 +499,7 @@
|
||||||
|
|
||||||
|
if (proxy->handshake_callback != NULL) {
|
||||||
|
if (proxy->handshake_callback(proxy->handshake_context) < 0)
|
||||||
|
- ssl_proxy_destroy(proxy);
|
||||||
|
+ ssl_proxy_destroy_failed(proxy);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -822,7 +829,8 @@
|
||||||
|
if (proxy->destroyed || proxy->flushing)
|
||||||
|
return;
|
||||||
|
proxy->flushing = TRUE;
|
||||||
|
- ssl_proxy_flush(proxy);
|
||||||
|
+ if (!proxy->failed && proxy->handshaked)
|
||||||
|
+ ssl_proxy_flush(proxy);
|
||||||
|
proxy->destroyed = TRUE;
|
||||||
|
|
||||||
|
ssl_proxy_count--;
|
||||||
|
|
@ -5,7 +5,7 @@ Name: dovecot
|
|||||||
Epoch: 1
|
Epoch: 1
|
||||||
Version: 2.2.16
|
Version: 2.2.16
|
||||||
%global prever %{nil}
|
%global prever %{nil}
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
#dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2
|
#dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2
|
||||||
License: MIT and LGPLv2
|
License: MIT and LGPLv2
|
||||||
Group: System Environment/Daemons
|
Group: System Environment/Daemons
|
||||||
@ -37,6 +37,9 @@ Patch5: dovecot-2.1-privatetmp.patch
|
|||||||
Patch6: dovecot-2.1.10-waitonline.patch
|
Patch6: dovecot-2.1.10-waitonline.patch
|
||||||
Patch7: dovecot-2.2.13-online.patch
|
Patch7: dovecot-2.2.13-online.patch
|
||||||
|
|
||||||
|
# for dovecot <= 2.2.16, rhbz#1216057
|
||||||
|
Patch8: dovecot-2.1.6-86f535375750.patch
|
||||||
|
|
||||||
Source15: prestartscript
|
Source15: prestartscript
|
||||||
|
|
||||||
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
@ -133,6 +136,7 @@ This package provides the development files for dovecot.
|
|||||||
%patch5 -p1 -b .privatetmp
|
%patch5 -p1 -b .privatetmp
|
||||||
%patch6 -p1 -b .waitonline
|
%patch6 -p1 -b .waitonline
|
||||||
%patch7 -p1 -b .online
|
%patch7 -p1 -b .online
|
||||||
|
%patch8 -p1 -b .86f535375750
|
||||||
#pushd dovecot-2*2-pigeonhole-%{pigeonholever}
|
#pushd dovecot-2*2-pigeonhole-%{pigeonholever}
|
||||||
#popd
|
#popd
|
||||||
sed -i '/DEFAULT_INCLUDES *=/s|$| '"$(pkg-config --cflags libclucene-core)|" src/plugins/fts-lucene/Makefile.in
|
sed -i '/DEFAULT_INCLUDES *=/s|$| '"$(pkg-config --cflags libclucene-core)|" src/plugins/fts-lucene/Makefile.in
|
||||||
@ -492,6 +496,9 @@ make check
|
|||||||
%{_libdir}/%{name}/dict/libdriver_pgsql.so
|
%{_libdir}/%{name}/dict/libdriver_pgsql.so
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Apr 28 2015 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.16-2
|
||||||
|
- fix CVE-2015-3420: SSL/TLS handshake failures leading to a crash of the login process
|
||||||
|
|
||||||
* Mon Mar 16 2015 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.16-1
|
* Mon Mar 16 2015 Michal Hlavinka <mhlavink@redhat.com> - 1:2.2.16-1
|
||||||
- dovecot updated to 2.2.16
|
- dovecot updated to 2.2.16
|
||||||
- auth: Don't crash if master user login is attempted without
|
- auth: Don't crash if master user login is attempted without
|
||||||
|
Loading…
Reference in New Issue
Block a user