Check more errors in OpenSSL crypto backend
This commit is contained in:
Robbie Harwood
parent
aa800df204
commit
9d9730eb07
88
Check-more-errors-in-OpenSSL-crypto-backend.patch
Normal file
88
Check-more-errors-in-OpenSSL-crypto-backend.patch
Normal file
@ -0,0 +1,88 @@
|
||||
From 27bc3f5a90533af509202d851374ea40f3982864 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Mon, 22 Apr 2019 14:26:42 -0400
|
||||
Subject: [PATCH] Check more errors in OpenSSL crypto backend
|
||||
|
||||
In krb5int_hmac_keyblock() and krb5int_pbkdf2_hmac(), check for errors
|
||||
from previously unchecked OpenSSL function calls and return
|
||||
KRB5_CRYPTO_INTERNAL if they fail.
|
||||
|
||||
HMAC_Init() is deprecated in OpenSSL 1.0 and later; as we are
|
||||
modifying the call to check for errors, call HMAC_Init_ex() instead.
|
||||
|
||||
ticket: 8799 (new)
|
||||
(cherry picked from commit 2298e5c2ff1122bcaff715129f5b746e77c3f42a)
|
||||
---
|
||||
src/lib/crypto/openssl/hmac.c | 18 +++++++++---------
|
||||
src/lib/crypto/openssl/pbkdf2.c | 9 +++++----
|
||||
2 files changed, 14 insertions(+), 13 deletions(-)
|
||||
|
||||
diff --git a/src/lib/crypto/openssl/hmac.c b/src/lib/crypto/openssl/hmac.c
|
||||
index d94d9ac94..769a50c00 100644
|
||||
--- a/src/lib/crypto/openssl/hmac.c
|
||||
+++ b/src/lib/crypto/openssl/hmac.c
|
||||
@@ -121,7 +121,7 @@ krb5int_hmac_keyblock(const struct krb5_hash_provider *hash,
|
||||
const krb5_crypto_iov *data, size_t num_data,
|
||||
krb5_data *output)
|
||||
{
|
||||
- unsigned int i = 0, md_len = 0;
|
||||
+ unsigned int i = 0, md_len = 0, ok;
|
||||
unsigned char md[EVP_MAX_MD_SIZE];
|
||||
HMAC_CTX *ctx;
|
||||
size_t hashsize, blocksize;
|
||||
@@ -141,22 +141,22 @@ krb5int_hmac_keyblock(const struct krb5_hash_provider *hash,
|
||||
if (ctx == NULL)
|
||||
return ENOMEM;
|
||||
|
||||
- HMAC_Init(ctx, keyblock->contents, keyblock->length, map_digest(hash));
|
||||
- for (i = 0; i < num_data; i++) {
|
||||
+ ok = HMAC_Init_ex(ctx, keyblock->contents, keyblock->length,
|
||||
+ map_digest(hash), NULL);
|
||||
+ for (i = 0; ok && i < num_data; i++) {
|
||||
const krb5_crypto_iov *iov = &data[i];
|
||||
|
||||
if (SIGN_IOV(iov))
|
||||
- HMAC_Update(ctx, (uint8_t *)iov->data.data, iov->data.length);
|
||||
+ ok = HMAC_Update(ctx, (uint8_t *)iov->data.data, iov->data.length);
|
||||
}
|
||||
- HMAC_Final(ctx, md, &md_len);
|
||||
- if ( md_len <= output->length) {
|
||||
+ if (ok)
|
||||
+ ok = HMAC_Final(ctx, md, &md_len);
|
||||
+ if (ok && md_len <= output->length) {
|
||||
output->length = md_len;
|
||||
memcpy(output->data, md, output->length);
|
||||
}
|
||||
HMAC_CTX_free(ctx);
|
||||
- return 0;
|
||||
-
|
||||
-
|
||||
+ return ok ? 0 : KRB5_CRYPTO_INTERNAL;
|
||||
}
|
||||
|
||||
krb5_error_code
|
||||
diff --git a/src/lib/crypto/openssl/pbkdf2.c b/src/lib/crypto/openssl/pbkdf2.c
|
||||
index 00c2116fc..732ec6405 100644
|
||||
--- a/src/lib/crypto/openssl/pbkdf2.c
|
||||
+++ b/src/lib/crypto/openssl/pbkdf2.c
|
||||
@@ -35,6 +35,7 @@ krb5int_pbkdf2_hmac(const struct krb5_hash_provider *hash,
|
||||
const krb5_data *pass, const krb5_data *salt)
|
||||
{
|
||||
const EVP_MD *md = NULL;
|
||||
+ int ok;
|
||||
|
||||
/* Get the message digest handle corresponding to the hash. */
|
||||
if (hash == &krb5int_hash_sha1)
|
||||
@@ -46,8 +47,8 @@ krb5int_pbkdf2_hmac(const struct krb5_hash_provider *hash,
|
||||
if (md == NULL)
|
||||
return KRB5_CRYPTO_INTERNAL;
|
||||
|
||||
- PKCS5_PBKDF2_HMAC(pass->data, pass->length, (unsigned char *)salt->data,
|
||||
- salt->length, count, md, out->length,
|
||||
- (unsigned char *)out->data);
|
||||
- return 0;
|
||||
+ ok = PKCS5_PBKDF2_HMAC(pass->data, pass->length,
|
||||
+ (unsigned char *)salt->data, salt->length, count,
|
||||
+ md, out->length, (unsigned char *)out->data);
|
||||
+ return ok ? 0 : KRB5_CRYPTO_INTERNAL;
|
||||
}
|
||||
@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system
|
||||
Name: krb5
|
||||
Version: 1.17
|
||||
# for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces)
|
||||
Release: 12%{?dist}
|
||||
Release: 13%{?dist}
|
||||
|
||||
# lookaside-cached sources; two downloads and a build artifact
|
||||
Source0: https://web.mit.edu/kerberos/dist/krb5/1.16/krb5-%{version}%{prerelease}.tar.gz
|
||||
@ -84,6 +84,7 @@ Patch111: Fix-config-realm-change-logic-in-FILE-remove_cred.patch
|
||||
Patch112: Remove-confvalidator-utility.patch
|
||||
Patch113: Remove-ovsec_adm_export-dump-format-support.patch
|
||||
Patch114: Fix-potential-close-1-in-cc_file.c.patch
|
||||
Patch115: Check-more-errors-in-OpenSSL-crypto-backend.patch
|
||||
|
||||
License: MIT
|
||||
URL: http://web.mit.edu/kerberos/www/
|
||||
@ -720,6 +721,9 @@ exit 0
|
||||
%{_libdir}/libkadm5srv_mit.so.*
|
||||
|
||||
%changelog
|
||||
* Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-13
|
||||
- Check more errors in OpenSSL crypto backend
|
||||
|
||||
* Mon Apr 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-12
|
||||
- Fix potential close(-1) in cc_file.c
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user