import freeradius-3.0.17-7.module+el8.2.0+4847+336970e8

SOURCES/freeradius-EAP-PWD-information-leak-10-iterations.patch

@@ -0,0 +1,38 @@
+From 3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef <mathy.vanhoef@nyu.edu>
+Date: Wed, 5 Jun 2019 19:21:06 +0000
+Subject: [PATCH] EAP-pwd: fix side-channel leak where 1 in 2018 handshakes
+ fail
+
+Previously the Hunting and Pecking algorithm of EAP-pwd aborted when
+more than 10 iterations are needed. Every iteration has a 50% chance
+of finding the password element. This means one in every 2048 handshakes
+will fail, in which case an error frame is sent to the client. This
+event leaks information that can be abused in an offline password
+brute-force attack. More precisely, the adversary learns that all 10
+iterations failed for the given random EAP-pwd token. Using the same
+techniques as in the Dragonblood attack, this can be used to brute-force
+the password.
+
+This patch fixes the above issue by executing enough iterations such that
+the password element is always found eventually.
+
+Note that timing and cache leaks remain a risk against the current
+implementation of EAP-pwd.
+---
+ src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c b/src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c
+index c54f08c030..d94851c3aa 100644
+--- a/src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c
++++ b/src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c
+@@ -192,7 +192,7 @@ int compute_password_element (pwd_session_t *session, uint16_t grp_num,
+ 	}
+ 	ctr = 0;
+ 	while (1) {
+-		if (ctr > 10) {
++		if (ctr > 100) {
+ 			DEBUG("unable to find random point on curve for group %d, something's fishy", grp_num);
+ 			goto fail;
+ 		}

SPECS/freeradius.spec

@@ -9,7 +9,7 @@
 Summary: High-performance and highly configurable free RADIUS server
 Name: freeradius
 Version: 3.0.17
-Release: 6%{?dist}
+Release: 7%{?dist}
 License: GPLv2+ and LGPLv2+
 Group: System Environment/Daemons
 URL: http://www.freeradius.org/
@@ -38,6 +38,8 @@ Patch6: freeradius-OpenSSL-HMAC-SHA1.patch
 Patch7: freeradius-python2-shebangs.patch
 Patch8: freeradius-EAP-PWD-curve-handling.patch
 Patch9: freeradius-listen-ipv6-fix.patch
+Patch10: freeradius-EAP-PWD-information-leak-10-iterations.patch
+
 
 %global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}
 
@@ -164,7 +166,8 @@ Obsoletes: %{name}-python < %{version}-%{release}
 
 %description -n python2-freeradius
 This plugin provides the Python support for the FreeRADIUS server project.
-%endif # with python2
+# endif: with python2
+%endif
 
 %package mysql
 Summary: MySQL support for freeradius
@@ -225,6 +228,7 @@ This plugin provides the REST support for the FreeRADIUS server project.
 %patch7 -p1
 %patch8 -p1
 %patch9 -p1
+%patch10 -p1
 
 %build
 # Force compile/link options, extra security for network facing daemon
@@ -751,7 +755,8 @@ exit 0
 /etc/raddb/mods-config/python/example.py*
 /etc/raddb/mods-config/python/radiusd.py*
 %{_libdir}/freeradius/rlm_python.so
-%endif # with python2
+# endif: with python2
+%endif
 
 %files mysql
 %dir %attr(750,root,radiusd) /etc/raddb/mods-config/sql/counter/mysql
@@ -852,6 +857,10 @@ exit 0
 %attr(640,root,radiusd) %config(noreplace) /etc/raddb/mods-available/rest
 
 %changelog
+* Fri Nov 22 2019 Alexander Scheel <ascheel@redhat.com> - 3.0.17-7
+- Fix information leak due to aborting when needing more than 10 iterations
+  Resolves: bz#1751797
+
 * Fri Jun 14 2019 Alexander Scheel <ascheel@redhat.com> - 3.0.17-6
 - Fix handling of IPv6-only hostnames with listen.ipaddr
   Resolves: bz#1685546