rpms/libreswan
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import libreswan-3.32-6.el8

Browse Source
This commit is contained in:
CentOS Sources 2020-11-03 07:02:35 -05:00 committed by Andrew Lukoshko
parent 2c8c851501
commit 5e46a8e789
16 changed files with 280 additions and 3045 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1,4 +1,4 @@
SOURCES/ikev1_dsa.fax.bz2
SOURCES/ikev1_psk.fax.bz2
SOURCES/ikev2.fax.bz2
SOURCES/libreswan-3.29.tar.gz
SOURCES/libreswan-3.32.tar.gz

2
.libreswan.metadata
View File

@ -1,4 +1,4 @@
b35cd50b8bc0a08b9c07713bf19c72d53bfe66bb SOURCES/ikev1_dsa.fax.bz2
861d97bf488f9e296cad8c43ab72f111a5b1a848 SOURCES/ikev1_psk.fax.bz2
fcaf77f3deae3d8e99cdb3b1f8abea63167a0633 SOURCES/ikev2.fax.bz2
492cd1cf18c06e47b2864a57a355a7f5393f80cc SOURCES/libreswan-3.29.tar.gz
d752c8df37c90733a01c24849d439733acd4e8f0 SOURCES/libreswan-3.32.tar.gz

13
SOURCES/libreswan-3.25-1724200-halfopen-shunt.patch
View File

@ -1,13 +0,0 @@
diff -Naur libreswan-3.25-orig/programs/pluto/state.c libreswan-3.25/programs/pluto/state.c
--- libreswan-3.25-orig/programs/pluto/state.c 2019-07-03 15:52:47.246474906 -0400
+++ libreswan-3.25/programs/pluto/state.c 2019-07-03 15:54:37.671850020 -0400
@@ -1101,7 +1101,8 @@
#endif
/* If we are failed OE initiator, make shunt bare */
- if (IS_IKE_SA(st) && (c->policy & POLICY_OPPORTUNISTIC) &&
+ if (IS_IKE_SA(st) && c->newest_isakmp_sa == st->st_serialno &&
+ (c->policy & POLICY_OPPORTUNISTIC) &&
(st->st_state == STATE_PARENT_I1 || st->st_state == STATE_PARENT_I2)) {
ipsec_spi_t failure_shunt = shunt_policy_spi(c, FALSE /* failure_shunt */);
ipsec_spi_t nego_shunt = shunt_policy_spi(c, TRUE /* negotiation shunt */);

13
SOURCES/libreswan-3.27-CVE-2020-1763.patch
View File

@ -1,13 +0,0 @@
diff --git a/programs/pluto/ikev1.c b/programs/pluto/ikev1.c
index 38dfe060db..b5ad3e4560 100644
--- a/programs/pluto/ikev1.c
+++ b/programs/pluto/ikev1.c
@@ -2047,7 +2047,7 @@ void process_packet_tail(struct msg_digest **mdp)
"%smessage ignored because it contains a payload type (%s) unexpected by state %s",
excuse,
enum_show(&ikev1_payload_names, np),
- st->st_state_name);
+ (st == NULL) ? "<no state>" : st->st_state_name);
if (!md->encrypted) {
SEND_NOTIFICATION(INVALID_PAYLOAD_TYPE);
}

38
SOURCES/libreswan-3.29-1699318-show.patch
View File

@ -1,38 +0,0 @@
diff -Naur libreswan-3.29-orig/programs/show/show.in libreswan-3.29/programs/show/show.in
--- libreswan-3.29-orig/programs/show/show.in 2019-07-31 20:03:51.794714920 -0400
+++ libreswan-3.29/programs/show/show.in 2019-07-31 20:02:38.792224647 -0400
@@ -1,7 +1,7 @@
#!/usr/bin/python
import sys
-import commands
+import subprocess
import argparse
try:
import ipaddress
@@ -42,14 +42,14 @@
source = args.source
else:
getsrccmd = "ip -o ro get %s" % dest
- status, output = commands.getstatusoutput(getsrccmd)
+ output = subprocess.getoutput([getsrccmd])
try:
source = output.split("src")[1].strip().split(" ")[0]
except Exception:
sys.exit("failed to find source ip for destination %s" % dest)
if args.debug:
- print "Need to find matching IPsec policy for %s/32 <=> %s/32" % (source, dest)
+ print("Need to find matching IPsec policy for %s/32 <=> %s/32" % (source, dest))
if dest:
if "/" in source:
@@ -65,7 +65,7 @@
sys.exit(1)
ipxfrmcmd = 'ip -o xfrm pol | grep -v socket | grep "dir out"'
- status, output = commands.getstatusoutput(ipxfrmcmd)
+ output = subprocess.getoutput([ipxfrmcmd])
polsrc = ""
poldst = ""
for line in output.split("\n"):

770
SOURCES/libreswan-3.29-1714331-nss-kdf.patch
View File

@ -1,770 +0,0 @@
diff -Naur libreswan-3.29-orig/lib/libswan/ike_alg_aes.c libreswan-3.29/lib/libswan/ike_alg_aes.c
--- libreswan-3.29-orig/lib/libswan/ike_alg_aes.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/lib/libswan/ike_alg_aes.c 2019-08-11 13:31:13.849294693 -0400
@@ -23,14 +23,21 @@
#include "constants.h" /* for BYTES_FOR_BITS() */
#include "ietf_constants.h"
+
#include "ike_alg.h"
+#include "ike_alg_encrypt.h"
+#include "ike_alg_integ.h"
+#include "ike_alg_prf.h"
+
#include "ike_alg_encrypt_nss_cbc_ops.h"
#include "ike_alg_encrypt_nss_ctr_ops.h"
#include "ike_alg_encrypt_nss_gcm_ops.h"
+#ifdef CKM_AES_XCBC_MAC
+#include "ike_alg_prf_nss_ops.h"
+#else
#include "ike_alg_prf_nss_xcbc_ops.h"
-#include "ike_alg_encrypt.h"
-#include "ike_alg_integ.h"
-#include "ike_alg_prf.h"
+#endif
+
#include "sadb.h"
const struct encrypt_desc ike_alg_encrypt_aes_cbc = {
@@ -313,6 +320,7 @@
.encrypt_kernel_audit_name = "AES_CCM_C",
};
+#ifdef USE_PRF_AES_XCBC
const struct prf_desc ike_alg_prf_aes_xcbc = {
.common = {
.name = "aes_xcbc",
@@ -326,14 +334,23 @@
},
.fips = false,
},
+#ifdef CKM_AES_XCBC_MAC
+ .nss = {
+ .mechanism = CKM_AES_XCBC_MAC,
+ },
+ .prf_ops = &ike_alg_prf_nss_ops,
+#else
+ /* XXX: NSS encryption algorithm used by custom XCBC */
.nss = {
.mechanism = CKM_AES_ECB,
},
+ .prf_ops = &ike_alg_prf_nss_xcbc_ops,
+#endif
.prf_key_size = BYTES_FOR_BITS(128),
.prf_output_size = BYTES_FOR_BITS(128),
- .prf_ops = &ike_alg_prf_nss_xcbc_ops,
.prf_ike_audit_name = "aes_xcbc",
};
+#endif
const struct integ_desc ike_alg_integ_aes_xcbc = {
.common = {
@@ -351,7 +368,7 @@
.integ_keymat_size = AES_XCBC_DIGEST_SIZE,
.integ_output_size = AES_XCBC_DIGEST_SIZE_TRUNC, /* XXX 96 */
.integ_ikev1_ah_transform = AH_AES_XCBC_MAC,
-#ifdef USE_XCBC
+#ifdef USE_PRF_AES_XCBC
.prf = &ike_alg_prf_aes_xcbc,
#endif
#ifdef SADB_X_AALG_AES_XCBC_MAC
diff -Naur libreswan-3.29-orig/lib/libswan/ike_alg.c libreswan-3.29/lib/libswan/ike_alg.c
--- libreswan-3.29-orig/lib/libswan/ike_alg.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/lib/libswan/ike_alg.c 2019-08-11 13:31:13.850294706 -0400
@@ -478,7 +478,7 @@
&ike_alg_prf_sha2_384,
&ike_alg_prf_sha2_512,
#endif
-#ifdef USE_XCBC
+#ifdef USE_PRF_AES_XCBC
&ike_alg_prf_aes_xcbc,
#endif
};
diff -Naur libreswan-3.29-orig/lib/libswan/ike_alg_md5.c libreswan-3.29/lib/libswan/ike_alg_md5.c
--- libreswan-3.29-orig/lib/libswan/ike_alg_md5.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/lib/libswan/ike_alg_md5.c 2019-08-11 13:31:13.851294720 -0400
@@ -26,7 +26,7 @@
#include "ike_alg_hash.h"
#include "ike_alg_prf.h"
#include "ike_alg_hash_nss_ops.h"
-#include "ike_alg_prf_hmac_ops.h"
+#include "ike_alg_prf_nss_ops.h"
#include "sadb.h"
const struct hash_desc ike_alg_hash_md5 = {
@@ -63,10 +63,13 @@
[IKEv2_ALG_ID] = IKEv2_PRF_HMAC_MD5,
},
},
+ .nss = {
+ .mechanism = CKM_MD5_HMAC,
+ },
.prf_key_size = MD5_DIGEST_SIZE,
.prf_output_size = MD5_DIGEST_SIZE,
.hasher = &ike_alg_hash_md5,
- .prf_ops = &ike_alg_prf_hmac_ops,
+ .prf_ops = &ike_alg_prf_nss_ops,
.prf_ike_audit_name = "md5",
};
diff -Naur libreswan-3.29-orig/mk/config.mk libreswan-3.29/mk/config.mk
--- libreswan-3.29-orig/mk/config.mk 2019-08-11 13:30:45.756906229 -0400
+++ libreswan-3.29/mk/config.mk 2019-08-11 13:31:13.852294734 -0400
@@ -239,6 +239,18 @@
NSS_UTIL_LDFLAGS ?= -lnssutil3
NSPR_LDFLAGS ?= -lnspr4
+# Use the NSS Key Derivation Function (KDF) instead of using the NSS
+# secure hash functions to build our own PRF. With this enabled,
+# libreswan itself no longer needs to be FIPS validated.
+# Requires NSS >= 3.44
+USE_NSS_PRF?=false
+ifeq ($(USE_NSS_PRF),true)
+NSSFLAGS+=-DUSE_NSS_PRF
+USE_NSS_AVA_COPY=false
+endif
+
+#
+#
# Use local copy of nss function CERT_CompareAVA
# See https://bugzilla.mozilla.org/show_bug.cgi?id=1336487
# This work-around is needed with nss versions before 3.30.
diff -Naur libreswan-3.29-orig/mk/userland-cflags.mk libreswan-3.29/mk/userland-cflags.mk
--- libreswan-3.29-orig/mk/userland-cflags.mk 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/mk/userland-cflags.mk 2019-08-11 13:31:13.853294748 -0400
@@ -269,9 +269,10 @@
LIBTWOFISH= ${OBJDIRTOP}/lib/libcrypto/libtwofish/libtwofish.a
endif
-USE_XCBC ?= true
-ifeq ($(USE_XCBC),true)
-USERLAND_CFLAGS += -DUSE_XCBC
+# Requires NSS >= 3.44 or backport
+USE_PRF_AES_XCBC ?= true
+ifeq ($(USE_PRF_AES_XCBC),true)
+USERLAND_CFLAGS += -DUSE_PRF_AES_XCBC
endif
#
diff -Naur libreswan-3.29-orig/programs/pluto/crypt_symkey.c libreswan-3.29/programs/pluto/crypt_symkey.c
--- libreswan-3.29-orig/programs/pluto/crypt_symkey.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/crypt_symkey.c 2019-08-11 13:31:13.854294762 -0400
@@ -15,7 +15,6 @@
* for more details.
*/
-#include "libreswan.h"
#include "lswalloc.h"
#include "lswlog.h"
#include "ike_alg.h"
@@ -23,6 +22,7 @@
#include "crypto.h"
#include "lswfips.h"
#include "lswnss.h"
+#include "crypt_prf.h" /* hack */
#define SPACES " "
@@ -590,9 +590,51 @@
PK11SymKey *prf_key_from_symkey_bytes(const char *name,
const struct prf_desc *prf,
- size_t symkey_start_byte, size_t sizeof_symkey,
+ size_t symkey_start_byte, size_t symkey_size,
PK11SymKey *source_key)
{
+#ifdef CKM_AES_XCBC_MAC
+ if (prf->nss.mechanism == CKM_AES_XCBC_MAC &&
+ symkey_size != prf->prf_key_size) {
+ PK11SymKey *tmp = symkey_from_symkey("tmp", source_key,
+ CKM_VENDOR_DEFINED, /*flags*/0,
+ symkey_start_byte, symkey_size);
+ /*
+ * code lifted from ike_alg_prf_nss_xcbc_ops.c
+ */
+ size_t dkey_sz = sizeof_symkey(tmp);
+ if (dkey_sz < prf->prf_key_size) {
+ DBGF(DBG_CRYPT, "XCBC: Key %zd<%zd too small, padding with zeros",
+ dkey_sz, prf->prf_key_size);
+ /*
+ * right pad with zeros
+ */
+ chunk_t zeros = alloc_chunk(prf->prf_key_size - dkey_sz, "zeros");
+ append_symkey_chunk(&tmp, zeros);
+ freeanychunk(zeros);
+ } else {
+ pexpect(dkey_sz > prf->prf_key_size);
+ DBGF(DBG_CRYPT, "XCBC: Key %zd>%zd too big, rehashing to size",
+ dkey_sz, prf->prf_key_size);
+ /*
+ * put the key through the mac with a zero
+ * key; recursive
+ */
+ chunk_t zeros = alloc_chunk(prf->prf_key_size, "zeros");
+ PK11SymKey *zero_key = prf_key_from_bytes("zeros", prf, zeros.ptr, zeros.len);
+ freeanychunk(zeros);
+ struct crypt_prf *xmac = crypt_prf_init_symkey("xmac", prf, "zero", zero_key);
+ crypt_prf_update_symkey(xmac, "tmp", tmp);
+ PK11SymKey *tmp2 = crypt_prf_final_symkey(&xmac);
+ release_symkey(name, "tmp2", &tmp);
+ tmp = tmp2;
+ }
+ PK11SymKey *key = symkey_from_symkey(name, tmp, CKM_AES_XCBC_MAC, CKF_SIGN,
+ 0, prf->prf_key_size);
+ release_symkey(name, "tmp", &tmp);
+ return key;
+ }
+#endif
/*
* NSS expects a key's mechanism to match the NSS algorithm
* the key is intended for. If this is wrong then the
@@ -614,7 +656,7 @@
mechanism = prf->nss.mechanism;
}
return symkey_from_symkey(name, source_key, mechanism, flags,
- symkey_start_byte, sizeof_symkey);
+ symkey_start_byte, symkey_size);
}
/*
@@ -656,9 +698,13 @@
PK11SymKey *key_from_symkey_bytes(PK11SymKey *source_key,
size_t next_byte, size_t sizeof_key)
{
- return symkey_from_symkey("result", source_key,
- CKM_EXTRACT_KEY_FROM_KEY,
- 0, next_byte, sizeof_key);
+ if (sizeof_key == 0) {
+ return NULL;
+ } else {
+ return symkey_from_symkey("result", source_key,
+ CKM_EXTRACT_KEY_FROM_KEY,
+ 0, next_byte, sizeof_key);
+ }
}
/*
diff -Naur libreswan-3.29-orig/programs/pluto/ikev1_prf.c libreswan-3.29/programs/pluto/ikev1_prf.c
--- libreswan-3.29-orig/programs/pluto/ikev1_prf.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/ikev1_prf.c 2019-08-11 13:31:13.855294776 -0400
@@ -17,8 +17,11 @@
* for more details.
*/
+#include "lswlog.h" /* for LSWLOG_PEXPECT() */
+
#include "ikev1_prf.h"
+#include "ike_alg.h"
#include "crypt_prf.h"
#include "crypt_symkey.h"
@@ -32,6 +35,25 @@
const chunk_t Nr,
/*const*/ PK11SymKey *dh_secret /* NSS doesn't do const */)
{
+#ifdef USE_NSS_PRF
+ CK_NSS_IKE_PRF_DERIVE_PARAMS ike_prf_params = {
+ .prfMechanism = prf_desc->nss.mechanism,
+ .bDataAsKey = CK_TRUE,
+ .bRekey = CK_FALSE,
+ .pNi = Ni.ptr,
+ .ulNiLen = Ni.len,
+ .pNr = Nr.ptr,
+ .ulNrLen = Nr.len,
+ };
+ SECItem params = {
+ .data = (unsigned char *)&ike_prf_params,
+ .len = sizeof(ike_prf_params),
+ };
+
+ return PK11_Derive(dh_secret, CKM_NSS_IKE_PRF_DERIVE, &params,
+ CKM_NSS_IKE1_PRF_DERIVE, CKA_DERIVE,
+ 0);
+#else
/* key = Ni|Nr */
chunk_t key = clone_chunk_chunk(Ni, Nr, "key = Ni|Nr");
struct crypt_prf *prf = crypt_prf_init_chunk("SKEYID sig",
@@ -42,6 +64,7 @@
crypt_prf_update_symkey(prf, "g^xy", dh_secret);
/* generate */
return crypt_prf_final_symkey(&prf);
+#endif
}
/*
@@ -51,6 +74,33 @@
chunk_t pre_shared_key,
chunk_t Ni, chunk_t Nr)
{
+#ifdef USE_NSS_PRF
+ PK11SymKey *psk = prf_key_from_bytes("psk", prf_desc,
+ pre_shared_key.ptr, pre_shared_key.len);
+ PK11SymKey *skeyid;
+ if (psk == NULL) {
+ return NULL;
+ }
+
+ CK_NSS_IKE_PRF_DERIVE_PARAMS ike_prf_params = {
+ .prfMechanism = prf_desc->nss.mechanism,
+ .bDataAsKey = CK_FALSE,
+ .bRekey = CK_FALSE,
+ .pNi = Ni.ptr,
+ .ulNiLen = Ni.len,
+ .pNr = Nr.ptr,
+ .ulNrLen = Nr.len,
+ };
+ SECItem params = {
+ .data = (unsigned char *)&ike_prf_params,
+ .len = sizeof(ike_prf_params),
+ };
+ skeyid = PK11_Derive(psk, CKM_NSS_IKE_PRF_DERIVE, &params,
+ CKM_NSS_IKE1_PRF_DERIVE, CKA_DERIVE,
+ 0 );
+ release_symkey("SKEYID psk", "psk", &psk);
+ return skeyid;
+#else
/* key = pre-shared-key */
struct crypt_prf *prf = crypt_prf_init_chunk("SKEYID psk", prf_desc,
"psk", pre_shared_key);
@@ -59,6 +109,7 @@
crypt_prf_update_chunk(prf, "Nr", Nr);
/* generate */
return crypt_prf_final_symkey(&prf);
+#endif
}
/*
@@ -69,6 +120,26 @@
PK11SymKey *dh_secret,
chunk_t cky_i, chunk_t cky_r)
{
+#ifdef USE_NSS_PRF
+ CK_NSS_IKE1_PRF_DERIVE_PARAMS ike1_prf_params = {
+ .prfMechanism = prf_desc->nss.mechanism,
+ .bHasPrevKey = CK_FALSE,
+ .hKeygxy = PK11_GetSymKeyHandle(dh_secret),
+ .pCKYi = cky_i.ptr,
+ .ulCKYiLen = cky_i.len,
+ .pCKYr = cky_r.ptr,
+ .ulCKYrLen = cky_r.len,
+ .keyNumber = 0,
+ };
+ SECItem params = {
+ .data = (unsigned char *)&ike1_prf_params,
+ .len = sizeof(ike1_prf_params),
+ };
+
+ return PK11_Derive(skeyid, CKM_NSS_IKE1_PRF_DERIVE, &params,
+ CKM_EXTRACT_KEY_FROM_KEY, CKA_DERIVE,
+ 0);
+#else
/* key = SKEYID */
struct crypt_prf *prf = crypt_prf_init_symkey("SKEYID_d", prf_desc,
"SKEYID", skeyid);
@@ -79,6 +150,7 @@
crypt_prf_update_byte(prf, "0", 0);
/* generate */
return crypt_prf_final_symkey(&prf);
+#endif
}
/*
@@ -89,6 +161,27 @@
PK11SymKey *skeyid_d, PK11SymKey *dh_secret,
chunk_t cky_i, chunk_t cky_r)
{
+#ifdef USE_NSS_PRF
+ CK_NSS_IKE1_PRF_DERIVE_PARAMS ike1_prf_params = {
+ .prfMechanism = prf_desc->nss.mechanism,
+ .bHasPrevKey = CK_TRUE,
+ .hKeygxy = PK11_GetSymKeyHandle(dh_secret),
+ .hPrevKey = PK11_GetSymKeyHandle(skeyid_d),
+ .pCKYi = cky_i.ptr,
+ .ulCKYiLen = cky_i.len,
+ .pCKYr = cky_r.ptr,
+ .ulCKYrLen = cky_r.len,
+ .keyNumber = 1,
+ };
+ SECItem params = {
+ .data = (unsigned char *)&ike1_prf_params,
+ .len = sizeof(ike1_prf_params),
+ };
+
+ return PK11_Derive(skeyid, CKM_NSS_IKE1_PRF_DERIVE, &params,
+ CKM_EXTRACT_KEY_FROM_KEY, CKA_DERIVE,
+ 0);
+#else
/* key = SKEYID */
struct crypt_prf *prf = crypt_prf_init_symkey("SKEYID_a", prf_desc,
"SKEYID", skeyid);
@@ -100,6 +193,7 @@
crypt_prf_update_byte(prf, "1", 1);
/* generate */
return crypt_prf_final_symkey(&prf);
+#endif
}
/*
@@ -110,6 +204,27 @@
PK11SymKey *skeyid_a, PK11SymKey *dh_secret,
chunk_t cky_i, chunk_t cky_r)
{
+#ifdef USE_NSS_PRF
+ CK_NSS_IKE1_PRF_DERIVE_PARAMS ike1_prf_params = {
+ .prfMechanism = prf_desc->nss.mechanism,
+ .bHasPrevKey = CK_TRUE,
+ .hKeygxy = PK11_GetSymKeyHandle(dh_secret),
+ .hPrevKey = PK11_GetSymKeyHandle(skeyid_a),
+ .pCKYi = cky_i.ptr,
+ .ulCKYiLen = cky_i.len,
+ .pCKYr = cky_r.ptr,
+ .ulCKYrLen = cky_r.len,
+ .keyNumber = 2,
+ };
+ SECItem params = {
+ .data = (unsigned char *)&ike1_prf_params,
+ .len = sizeof(ike1_prf_params),
+ };
+
+ return PK11_Derive(skeyid, CKM_NSS_IKE1_PRF_DERIVE, &params,
+ CKM_EXTRACT_KEY_FROM_KEY, CKA_DERIVE,
+ 0);
+#else
/* key = SKEYID */
struct crypt_prf *prf = crypt_prf_init_symkey("SKEYID_e", prf_desc,
"SKEYID", skeyid);
@@ -121,6 +236,7 @@
crypt_prf_update_byte(prf, "2", 2);
/* generate */
return crypt_prf_final_symkey(&prf);
+#endif
}
PK11SymKey *appendix_b_keymat_e(const struct prf_desc *prf_desc,
@@ -128,6 +244,20 @@
PK11SymKey *skeyid_e,
unsigned required_keymat)
{
+#ifdef USE_NSS_PRF
+ CK_MECHANISM_TYPE mechanism = prf_desc->nss.mechanism;
+ CK_MECHANISM_TYPE target = encrypter->nss.mechanism;
+ SECItem params = {
+ .data = (unsigned char *)&mechanism,
+ .len = sizeof(mechanism),
+ };
+ /* for when ENCRYPTER isn't NSS */
+ if (target == 0) target = CKM_EXTRACT_KEY_FROM_KEY;
+
+ return PK11_DeriveWithFlags(skeyid_e, CKM_NSS_IKE1_APP_B_PRF_DERIVE,
+ &params, target, CKA_ENCRYPT,
+ required_keymat, CKF_DECRYPT);
+#else
if (sizeof_symkey(skeyid_e) >= required_keymat) {
return encrypt_key_from_symkey_bytes("keymat", encrypter,
0, required_keymat,
@@ -160,4 +290,5 @@
keymat);
release_symkey(__func__, "keymat", &keymat);
return cryptkey;
+#endif
}
diff -Naur libreswan-3.29-orig/programs/pluto/ikev2_prf.c libreswan-3.29/programs/pluto/ikev2_prf.c
--- libreswan-3.29-orig/programs/pluto/ikev2_prf.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/ikev2_prf.c 2019-08-11 13:33:13.680951735 -0400
@@ -32,12 +32,44 @@
/*
* IKEv2 - RFC4306 2.14 SKEYSEED - calculation.
*/
+#ifdef USE_NSS_PRF
+static PK11SymKey *ikev2_prfplus_key_data(
+ const struct prf_desc *prf_desc,
+ PK11SymKey *key,
+ PK11SymKey *seed_key,
+ chunk_t seed_data,
+ size_t required_keymat)
+{
+ CK_NSS_IKE_PRF_PLUS_DERIVE_PARAMS ike_prf_plus_params = {
+ .pSeedData = seed_data.ptr,
+ .ulSeedDataLen = seed_data.len,
+ .prfMechanism = prf_desc->nss.mechanism,
+ };
+ if (seed_key == NULL) {
+ ike_prf_plus_params.bHasSeedKey = CK_FALSE;
+ } else {
+ ike_prf_plus_params.bHasSeedKey = CK_TRUE;
+ ike_prf_plus_params.hSeedKey = PK11_GetSymKeyHandle(seed_key);
+ }
+ SECItem params = {
+ .data = (unsigned char *)&ike_prf_plus_params,
+ .len = sizeof(ike_prf_plus_params),
+ };
+
+ return PK11_Derive(key, CKM_NSS_IKE_PRF_PLUS_DERIVE, &params,
+ CKM_EXTRACT_KEY_FROM_KEY, CKA_DERIVE,
+ required_keymat);
+}
+#endif
PK11SymKey *ikev2_prfplus(const struct prf_desc *prf_desc,
PK11SymKey *key,
PK11SymKey *seed,
size_t required_keymat)
{
+#ifdef USE_NSS_PRF
+ return ikev2_prfplus_key_data(prf_desc, key, seed, empty_chunk, required_keymat);
+#else
uint8_t count = 1;
/* T1(prfplus) = prf(KEY, SEED|1) */
@@ -66,6 +98,7 @@
}
release_symkey(__func__, "old_t[final]", &old_t);
return prfplus;
+#endif
}
/*
@@ -77,6 +110,33 @@
const chunk_t Ni, const chunk_t Nr,
PK11SymKey *dh_secret)
{
+
+#ifdef USE_NSS_PRF
+ int is_aes_prf = 0;
+ switch (prf_desc->common.id[IKEv2_ALG_ID]) {
+ case IKEv2_PRF_AES128_CMAC:
+ case IKEv2_PRF_AES128_XCBC:
+ is_aes_prf = 1;
+ }
+
+ CK_NSS_IKE_PRF_DERIVE_PARAMS ike_prf_params = {
+ .prfMechanism = prf_desc->nss.mechanism,
+ .bDataAsKey = CK_TRUE,
+ .bRekey = CK_FALSE,
+ .pNi = Ni.ptr,
+ .ulNiLen = is_aes_prf ? BYTES_FOR_BITS(64) : Ni.len,
+ .pNr = Nr.ptr,
+ .ulNrLen = is_aes_prf ? BYTES_FOR_BITS(64) : Nr.len,
+ };
+ SECItem params = {
+ .data = (unsigned char *)&ike_prf_params,
+ .len = sizeof(ike_prf_params),
+ };
+
+ return PK11_Derive(dh_secret, CKM_NSS_IKE_PRF_DERIVE, &params,
+ CKM_NSS_IKE_PRF_PLUS_DERIVE, CKA_DERIVE,
+ 0);
+#else
/*
* 2.14. Generating Keying Material for the IKE SA
*
@@ -117,6 +177,7 @@
crypt_prf_update_symkey(prf, "g^ir", dh_secret);
/* generate */
return crypt_prf_final_symkey(&prf);
+#endif
}
/*
@@ -127,6 +188,26 @@
PK11SymKey *new_dh_secret,
const chunk_t Ni, const chunk_t Nr)
{
+#ifdef USE_NSS_PRF
+ CK_NSS_IKE_PRF_DERIVE_PARAMS ike_prf_params = {
+ .prfMechanism = prf_desc->nss.mechanism,
+ .bDataAsKey = CK_FALSE,
+ .bRekey = CK_TRUE,
+ .hNewKey = PK11_GetSymKeyHandle(new_dh_secret),
+ .pNi = Ni.ptr,
+ .ulNiLen = Ni.len,
+ .pNr = Nr.ptr,
+ .ulNrLen = Nr.len,
+ };
+ SECItem params = {
+ .data = (unsigned char *)&ike_prf_params,
+ .len = sizeof(ike_prf_params),
+ };
+
+ return PK11_Derive(SK_d_old, CKM_NSS_IKE_PRF_DERIVE, &params,
+ CKM_NSS_IKE_PRF_PLUS_DERIVE, CKA_DERIVE,
+ 0);
+#else
/* key = SK_d (old) */
struct crypt_prf *prf = crypt_prf_init_symkey("ike sa rekey skeyseed", prf_desc,
"SK_d (old)", SK_d_old);
@@ -141,6 +222,7 @@
crypt_prf_update_chunk(prf, "Nr", Nr);
/* generate */
return crypt_prf_final_symkey(&prf);
+#endif
}
/*
@@ -152,6 +234,17 @@
const ike_spis_t *SPIir,
size_t required_bytes)
{
+#ifdef USE_NSS_PRF
+ chunk_t seed_data;
+ PK11SymKey *prf_plus;
+
+ seed_data = clone_chunk_chunk(Ni, Nr, "seed_data = Ni || Nr");
+ append_chunk_bytes("seed_data = Nir || SPIi", &seed_data, &SPIir->initiator, sizeof(SPIir->initiator));
+ append_chunk_bytes("seed_data = Nir || SPIir", &seed_data, &SPIir->responder, sizeof(SPIir->responder));
+ prf_plus = ikev2_prfplus_key_data(prf_desc, skeyseed, NULL, seed_data, required_bytes);
+ freeanychunk(seed_data);
+ return prf_plus;
+#else
PK11SymKey *data = symkey_from_chunk("data", Ni);
append_symkey_chunk(&data, Nr);
append_symkey_bytes(&data, &SPIir->initiator, sizeof(SPIir->initiator));
@@ -161,6 +254,7 @@
required_bytes);
release_symkey(__func__, "data", &data);
return prfplus;
+#endif
}
/*
@@ -172,6 +266,24 @@
const chunk_t Ni, const chunk_t Nr,
size_t required_bytes)
{
+ if (required_bytes == 0) {
+ /*
+ * For instance esp=null-none. Caller should
+ * interpret NULL to mean empty (NSS doesn't create
+ * zero length keys).
+ */
+ dbg("No CHILD SA KEMAT is required");
+ return NULL;
+ }
+#ifdef USE_NSS_PRF
+ chunk_t seed_data;
+ PK11SymKey *prf_plus;
+
+ seed_data = clone_chunk_chunk(Ni, Nr, "seed_data = Ni || Nr");
+ prf_plus = ikev2_prfplus_key_data(prf_desc, SK_d, new_dh_secret, seed_data, required_bytes);
+ freeanychunk(seed_data);
+ return prf_plus;
+#else
PK11SymKey *data;
if (new_dh_secret == NULL) {
data = symkey_from_chunk("data", Ni);
@@ -185,4 +297,5 @@
required_bytes);
release_symkey(__func__, "data", &data);
return prfplus;
+#endif
}
diff -Naur libreswan-3.29-orig/programs/pluto/ikev2_psk.c libreswan-3.29/programs/pluto/ikev2_psk.c
--- libreswan-3.29-orig/programs/pluto/ikev2_psk.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/ikev2_psk.c 2019-08-11 13:31:13.858294817 -0400
@@ -181,6 +181,36 @@
PK11SymKey *prf_psk;
{
+ static const char psk_key_pad_str[] = "Key Pad for IKEv2"; /* RFC 4306 2:15 */
+#ifdef USE_NSS_PRF
+ CK_NSS_IKE_PRF_DERIVE_PARAMS ike_prf_params;
+ SECItem params;
+ CK_MECHANISM_TYPE prf_mech = st->st_oakley.ta_prf->nss.mechanism;
+ PK11SymKey *pss_key = prf_key_from_bytes("pss", st->st_oakley.ta_prf,
+ pss->ptr, pss->len);
+ if (pss_key == NULL) {
+ if (libreswan_fipsmode()) {
+ PASSERT_FAIL("FIPS: failure creating %s PRF context for digesting PSK",
+ st->st_oakley.ta_prf->common.name);
+ }
+ loglog(RC_LOG_SERIOUS,
+ "failure creating %s PRF context for digesting PSK",
+ st->st_oakley.ta_prf->common.name);
+ return FALSE;
+ }
+
+ ike_prf_params.prfMechanism = prf_mech;
+ ike_prf_params.bDataAsKey = CK_FALSE;
+ ike_prf_params.bRekey = CK_FALSE;
+ ike_prf_params.pNi = (CK_BYTE_PTR) psk_key_pad_str;
+ ike_prf_params.ulNiLen = sizeof(psk_key_pad_str) - 1;
+ ike_prf_params.pNr = NULL;
+ ike_prf_params.ulNrLen = 0;
+ params.data = (unsigned char *)&ike_prf_params;
+ params.len = sizeof(ike_prf_params);
+ prf_psk = PK11_Derive(pss_key, CKM_NSS_IKE_PRF_DERIVE, &params, prf_mech, CKA_SIGN, 0);
+ release_symkey("psk pss_key", "pss_key", &pss_key);
+#else
struct crypt_prf *prf =
crypt_prf_init_chunk("<prf-psk> = prf(<psk>,\"Key Pad for IKEv2\")",
st->st_oakley.ta_prf,
@@ -196,12 +226,11 @@
return FALSE;
}
- static const char psk_key_pad_str[] = "Key Pad for IKEv2"; /* RFC 4306 2:15 */
-
crypt_prf_update_bytes(prf, psk_key_pad_str, /* name */
psk_key_pad_str,
sizeof(psk_key_pad_str) - 1);
prf_psk = crypt_prf_final_symkey(&prf);
+#endif
}
/* calculate outer prf */
diff -Naur libreswan-3.29-orig/programs/pluto/plutomain.c libreswan-3.29/programs/pluto/plutomain.c
--- libreswan-3.29-orig/programs/pluto/plutomain.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/plutomain.c 2019-08-11 13:31:13.859294831 -0400
@@ -189,6 +189,11 @@
#ifdef NSS_IPSEC_PROFILE
" (IPsec profile)"
#endif
+#ifdef USE_NSS_PRF
+ " (NSS-PRF)"
+#else
+ " (native-PRF)"
+#endif
#ifdef USE_DNSSEC
" DNSSEC"
#endif
diff -Naur libreswan-3.29-orig/programs/pluto/prf_test_vectors.c libreswan-3.29/programs/pluto/prf_test_vectors.c
--- libreswan-3.29-orig/programs/pluto/prf_test_vectors.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/prf_test_vectors.c 2019-08-11 13:31:13.860294845 -0400
@@ -34,6 +34,7 @@
* Ref: https://tools.ietf.org/html/rfc4435: Test Vectors
*/
+#ifdef USE_PRF_AES_XCBC
const struct prf_test_vectors aes_xcbc_prf_tests = {
.prf = &ike_alg_prf_aes_xcbc,
.tests = {
@@ -105,6 +106,10 @@
.message = "0x000102030405060708090a0b0c0d0e0f10111213",
.prf_output = "0x47f51b4564966215b8985c63055ed308",
},
+ /*
+ * XXX: for some reason NSS explodes when trying to
+ * create a non-standard AES_XCBC_MAC key.
+ */
{
.description = "Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10)",
.key = "0x00010203040506070809",
@@ -124,7 +129,9 @@
}
},
};
+#endif
+/* So far we only have AES_XCBC PRF test vectors :/ */
static bool test_prf_vector(const struct prf_desc *prf,
const struct prf_test_vector *test)
{
@@ -137,7 +144,6 @@
: alloc_chunk(test->message_size, __func__);
chunk_t prf_output = decode_to_chunk(__func__, test->prf_output);
-
/* chunk interface */
struct crypt_prf *chunk_prf = crypt_prf_init_chunk("PRF chunk interface", prf,
"key", chunk_key);

301
SOURCES/libreswan-3.29-1723957-audit.patch
View File

@ -1,301 +0,0 @@
diff -Naur libreswan-3.29-orig/programs/pluto/ikev1.c libreswan-3.29/programs/pluto/ikev1.c
--- libreswan-3.29-orig/programs/pluto/ikev1.c 2019-06-26 22:03:27.801184503 -0400
+++ libreswan-3.29/programs/pluto/ikev1.c 2019-06-27 13:26:11.443969779 -0400
@@ -2675,6 +2675,12 @@
passert(st != NULL);
pexpect(!state_is_busy(st));
+ if (result > STF_OK) {
+ if (st != NULL) {
+ linux_audit_conn(md->st, IS_IKE_SA_ESTABLISHED(md->st) ? LAK_CHILD_FAIL : LAK_PARENT_FAIL);
+ }
+ }
+
switch (result) {
case STF_OK:
{
diff -Naur libreswan-3.29-orig/programs/pluto/ikev1_quick.c libreswan-3.29/programs/pluto/ikev1_quick.c
--- libreswan-3.29-orig/programs/pluto/ikev1_quick.c 2019-06-26 22:03:27.803184531 -0400
+++ libreswan-3.29/programs/pluto/ikev1_quick.c 2019-06-27 13:23:53.787080070 -0400
@@ -1663,6 +1663,9 @@
if (!install_inbound_ipsec_sa(st))
return STF_INTERNAL_ERROR; /* ??? we may be partly committed */
+ /* we only audit once for IPsec SA's, we picked the inbound SA */
+ linux_audit_conn(st, LAK_CHILD_START);
+
/* encrypt message, except for fixed part of header */
if (!ikev1_encrypt_message(&rbody, st)) {
diff -Naur libreswan-3.29-orig/programs/pluto/ikev2.c libreswan-3.29/programs/pluto/ikev2.c
--- libreswan-3.29-orig/programs/pluto/ikev2.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/ikev2.c 2019-06-27 13:25:16.529215928 -0400
@@ -3204,6 +3204,13 @@
lswlog_v2_stf_status(buf, result);
}
+ /* audit log failures - success is audit logged in ikev2_ike_sa_established() */
+ if (result > STF_OK) {
+ if (st != NULL) {
+ linux_audit_conn(st, IS_IKE_SA_ESTABLISHED(st) ? LAK_CHILD_FAIL : LAK_PARENT_FAIL);
+ }
+ }
+
switch (result) {
case STF_SUSPEND:
diff -Naur libreswan-3.29-orig/programs/pluto/ikev2_child.c libreswan-3.29/programs/pluto/ikev2_child.c
--- libreswan-3.29-orig/programs/pluto/ikev2_child.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/ikev2_child.c 2019-06-27 13:23:53.788080084 -0400
@@ -102,6 +102,10 @@
return STF_OK;
}
+/*
+ * The caller could have done the linux_audit_conn() call, except one case
+ * here deletes the state before returning an STF error
+ */
stf_status ikev2_child_sa_respond(struct msg_digest *md,
pb_stream *outpbs,
enum isakmp_xchg_types isa_xchg)
diff -Naur libreswan-3.29-orig/programs/pluto/ikev2_parent.c libreswan-3.29/programs/pluto/ikev2_parent.c
--- libreswan-3.29-orig/programs/pluto/ikev2_parent.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/ikev2_parent.c 2019-06-27 13:23:53.789080097 -0400
@@ -239,6 +239,7 @@
c->newest_isakmp_sa = ike->sa.st_serialno;
v2_schedule_replace_event(&ike->sa);
ike->sa.st_viable_parent = TRUE;
+ linux_audit_conn(&ike->sa, LAK_PARENT_START);
pstat_sa_established(&ike->sa);
}
@@ -1581,6 +1582,24 @@
libreswan_log("IKE_AUTH response contained an unknown error notification (%d)", n);
} else {
libreswan_log("IKE_AUTH response contained the error notification %s", name);
+ /*
+ * There won't be a child state transition, so log if error is child related.
+ * see RFC 7296 Section 1.2
+ */
+ switch(n) {
+ case v2N_NO_PROPOSAL_CHOSEN:
+ case v2N_SINGLE_PAIR_REQUIRED:
+ case v2N_NO_ADDITIONAL_SAS:
+ case v2N_INTERNAL_ADDRESS_FAILURE:
+ case v2N_FAILED_CP_REQUIRED:
+ case v2N_TS_UNACCEPTABLE:
+ case v2N_INVALID_SELECTORS:
+ /* fallthrough */
+ linux_audit_conn(st, LAK_CHILD_FAIL);
+ break;
+ default:
+ break;
+ }
}
}
}
@@ -3063,10 +3082,6 @@
ikev2_ike_sa_established(pexpect_ike_sa(st), md->svm,
STATE_PARENT_R2);
-#ifdef USE_LINUX_AUDIT
- linux_audit_conn(st, LAK_PARENT_START);
-#endif
-
if (LHAS(st->hidden_variables.st_nat_traversal, NATED_HOST)) {
/* ensure we run keepalives if needed */
if (c->nat_keepalive)
@@ -3801,10 +3816,6 @@
ikev2_ike_sa_established(pexpect_ike_sa(pst), md->svm,
STATE_PARENT_I3);
-#ifdef USE_LINUX_AUDIT
- linux_audit_conn(st, LAK_PARENT_START);
-#endif
-
if (LHAS(st->hidden_variables.st_nat_traversal, NATED_HOST)) {
/* ensure we run keepalives if needed */
if (c->nat_keepalive)
diff -Naur libreswan-3.29-orig/programs/pluto/kernel.c libreswan-3.29/programs/pluto/kernel.c
--- libreswan-3.29-orig/programs/pluto/kernel.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/kernel.c 2019-06-27 13:23:53.790080111 -0400
@@ -3334,7 +3334,8 @@
}
#ifdef USE_LINUX_AUDIT
- linux_audit_conn(st, LAK_CHILD_START);
+ if (inbound_also)
+ linux_audit_conn(st, LAK_CHILD_START);
#endif
statetime_stop(&start, "%s()", __func__);
@@ -3378,8 +3379,13 @@
{
#ifdef USE_LINUX_AUDIT
/* XXX in IKEv2 we get a spurious call with a parent st :( */
- if (IS_CHILD_SA(st))
- linux_audit_conn(st, LAK_CHILD_DESTROY);
+ if (IS_CHILD_SA(st)) {
+ /* child destruction already logged for STATE_CHILDSA_DEL state */
+ if (st->st_esp.present || st->st_ah.present) {
+ /* ESP or AH means this was an established IPsec SA */
+ linux_audit_conn(st, LAK_CHILD_DESTROY);
+ }
+ }
#endif
switch (kern_interface) {
case USE_KLIPS:
diff -Naur libreswan-3.29-orig/programs/pluto/linux_audit.c libreswan-3.29/programs/pluto/linux_audit.c
--- libreswan-3.29-orig/programs/pluto/linux_audit.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/linux_audit.c 2019-06-27 13:24:21.474460154 -0400
@@ -176,12 +176,16 @@
zero(&cipher_str); /* OK: no pointer fields */
zero(&spi_str); /* OK: no pointer fields */
+ ip_address_buf raddr_buf;
+ const char *raddr = ipstr(&c->spd.that.host_addr, &raddr_buf);
+
switch (op) {
case LAK_PARENT_START:
case LAK_PARENT_DESTROY:
+ case LAK_PARENT_FAIL:
initiator = (st->st_original_role == ORIGINAL_INITIATOR) || IS_PHASE1_INIT(st->st_state);
snprintf(head, sizeof(head), "op=%s direction=%s %s connstate=%lu ike-version=%s auth=%s",
- op == LAK_PARENT_START ? "start" : "destroy",
+ op == LAK_PARENT_DESTROY ? "destroy" : "start", /* fail to start logged under op=start */
initiator ? "initiator" : "responder",
conn_encode,
st->st_serialno,
@@ -191,7 +195,8 @@
st->st_oakley.auth, &esb));
snprintf(prfname, sizeof(prfname), "%s",
- st->st_oakley.ta_prf->prf_ike_audit_name);
+ st->st_oakley.ta_prf == NULL ? "none" :
+ st->st_oakley.ta_prf->prf_ike_audit_name);
if (st->st_oakley.ta_integ == &ike_alg_integ_none) {
if (st->st_ike_version == IKEv1) {
@@ -220,18 +225,21 @@
}
snprintf(cipher_str, sizeof(cipher_str),
- "cipher=%s ksize=%d integ=%s prf=%s pfs=%s",
- st->st_oakley.ta_encrypt->encrypt_ike_audit_name,
+ "cipher=%s ksize=%d integ=%s prf=%s pfs=%s raddr=%s",
+ st->st_oakley.ta_encrypt == NULL ? "none" :
+ st->st_oakley.ta_encrypt->encrypt_ike_audit_name,
st->st_oakley.enckeylen,
integname, prfname,
- st->st_oakley.ta_dh->common.name);
+ st->st_oakley.ta_dh == NULL ? "none" :
+ st->st_oakley.ta_dh->common.name, raddr);
break;
case LAK_CHILD_START:
case LAK_CHILD_DESTROY:
+ case LAK_CHILD_FAIL:
{
snprintf(head, sizeof(head), "op=%s %s connstate=%lu, satype=%s samode=%s",
- op == LAK_CHILD_START ? "start" : "destroy",
+ op == LAK_CHILD_DESTROY ? "destroy" : "start", /* fail to start logged under op=start */
conn_encode,
st->st_serialno,
st->st_esp.present ? "ipsec-esp" : (st->st_ah.present ? "ipsec-ah" : "ipsec-policy"),
@@ -274,7 +282,7 @@
/* note: each arg appears twice because it is printed two ways */
snprintf(spi_str, sizeof(spi_str),
- "in-spi=%" PRIu32 "(0x%08" PRIu32 ") out-spi=%" PRIu32 "(0x%08" PRIu32 ") in-ipcomp=%" PRIu32 "(0x%08" PRIu32 ") out-ipcomp=%" PRIu32 "(0x%08" PRIu32 ")",
+ "in-spi=%" PRIu32 "(0x%08" PRIu32 ") out-spi=%" PRIu32 "(0x%08" PRIu32 ") in-ipcomp=%" PRIu32 "(0x%08" PRIu32 ") out-ipcomp=%" PRIu32 "(0x%08" PRIu32 ") raddr=%s",
ntohl(pi->attrs.spi),
ntohl(pi->attrs.spi),
ntohl(pi->our_spi),
@@ -282,7 +290,8 @@
ntohl(st->st_ipcomp.attrs.spi), /* zero if missing */
ntohl(st->st_ipcomp.attrs.spi), /* zero if missing */
ntohl(st->st_ipcomp.our_spi), /* zero if missing */
- ntohl(st->st_ipcomp.our_spi)); /* zero if missing */
+ ntohl(st->st_ipcomp.our_spi), /* zero if missing */
+ raddr);
break;
}
default:
@@ -290,21 +299,18 @@
}
free(conn_encode); /* allocated by audit_encode_nv_string() */
- ip_address_buf laddr_buf;
- const char *laddr = ipstr(&c->spd.this.host_addr, &laddr_buf);
-
- ip_address_buf raddr_buf;
- const char *raddr = ipstr(&c->spd.that.host_addr, &raddr_buf);
-
- snprintf(audit_str, sizeof(audit_str), "%s %s %s laddr=%s",
+ snprintf(audit_str, sizeof(audit_str), "%s %s %s",
head,
cipher_str,
- spi_str,
- laddr);
+ spi_str);
+
+ ip_address_buf laddr_buf;
+ const char *laddr = ipstr(&c->spd.this.host_addr, &laddr_buf);
- linux_audit((op == LAK_CHILD_START || op == LAK_CHILD_DESTROY) ?
+ linux_audit((op == LAK_CHILD_START || op == LAK_CHILD_DESTROY || op == LAK_CHILD_FAIL) ?
AUDIT_CRYPTO_IPSEC_SA : AUDIT_CRYPTO_IKE_SA,
- audit_str, raddr, AUDIT_RESULT_OK);
+ audit_str, laddr,
+ (op == LAK_PARENT_FAIL || op == LAK_CHILD_FAIL) ? AUDIT_RESULT_FAIL : AUDIT_RESULT_OK);
}
#if __GNUC__ >= 7
#pragma GCC diagnostic pop
diff -Naur libreswan-3.29-orig/programs/pluto/log.h libreswan-3.29/programs/pluto/log.h
--- libreswan-3.29-orig/programs/pluto/log.h 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/log.h 2019-06-27 13:23:53.791080125 -0400
@@ -174,7 +174,9 @@
LAK_PARENT_START,
LAK_CHILD_START,
LAK_PARENT_DESTROY,
- LAK_CHILD_DESTROY
+ LAK_CHILD_DESTROY,
+ LAK_PARENT_FAIL,
+ LAK_CHILD_FAIL
};
extern void linux_audit_init(void);
extern void linux_audit(const int type, const char *message,
diff -Naur libreswan-3.29-orig/programs/pluto/retry.c libreswan-3.29/programs/pluto/retry.c
--- libreswan-3.29-orig/programs/pluto/retry.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/retry.c 2019-06-27 13:25:27.536367032 -0400
@@ -123,6 +123,10 @@
set_cur_state(st); /* ipsecdoi_replace would reset cur_state, set it again */
pstat_sa_failed(st, REASON_TOO_MANY_RETRANSMITS);
+
+ /* placed here because IKEv1 doesn't do a proper state change to STF_FAIL/STF_FATAL */
+ linux_audit_conn(st, IS_IKE_SA(st) ? LAK_PARENT_FAIL : LAK_CHILD_FAIL);
+
delete_state(st);
/* note: no md->st to clear */
}
diff -Naur libreswan-3.29-orig/programs/pluto/state.c libreswan-3.29/programs/pluto/state.c
--- libreswan-3.29-orig/programs/pluto/state.c 2019-06-10 10:22:04.000000000 -0400
+++ libreswan-3.29/programs/pluto/state.c 2019-06-27 13:23:53.792080138 -0400
@@ -875,6 +875,16 @@
#ifdef USE_LINUX_AUDIT
/*
+ * IKEv2 IKE failures are logged in the state transition conpletion.
+ * IKEv1 IKE failures do not go through a transition, so we catch
+ * these in delete_state()
+ */
+ if (IS_IKE_SA(st) && st->st_ike_version == IKEv1 &&
+ !IS_IKE_SA_ESTABLISHED(st)) {
+ linux_audit_conn(st, LAK_PARENT_FAIL);
+ }
+
+ /*
* only log parent state deletes, we log children in
* ipsec_delete_sa()
*/

1830
SOURCES/libreswan-3.29-CVE-2019-10155-testing.patch
View File

File diff suppressed because it is too large Load Diff

57
SOURCES/libreswan-3.32-1544463-seccomp.patch Normal file
View File

@ -0,0 +1,57 @@
diff -Naur libreswan-3.32-orig/programs/pluto/pluto_seccomp.c libreswan-3.32/programs/pluto/pluto_seccomp.c
--- libreswan-3.32-orig/programs/pluto/pluto_seccomp.c 2020-05-11 10:13:41.000000000 -0400
+++ libreswan-3.32/programs/pluto/pluto_seccomp.c 2020-07-01 20:33:38.918685784 -0400
@@ -59,6 +59,7 @@
/* needed for pluto and updown, not helpers */
if (main) {
+ LSW_SECCOMP_ADD(ctx, _llseek);
LSW_SECCOMP_ADD(ctx, accept);
LSW_SECCOMP_ADD(ctx, access);
LSW_SECCOMP_ADD(ctx, bind);
@@ -69,6 +70,7 @@
LSW_SECCOMP_ADD(ctx, connect);
LSW_SECCOMP_ADD(ctx, dup);
LSW_SECCOMP_ADD(ctx, dup2);
+ LSW_SECCOMP_ADD(ctx, dup3);
LSW_SECCOMP_ADD(ctx, epoll_create);
LSW_SECCOMP_ADD(ctx, epoll_ctl);
LSW_SECCOMP_ADD(ctx, epoll_wait);
@@ -85,7 +87,7 @@
LSW_SECCOMP_ADD(ctx, getgid);
LSW_SECCOMP_ADD(ctx, getgroups);
LSW_SECCOMP_ADD(ctx, getpgrp);
- LSW_SECCOMP_ADD(ctx, getpid);
+ LSW_SECCOMP_ADD(ctx, getpgid);
LSW_SECCOMP_ADD(ctx, getppid);
LSW_SECCOMP_ADD(ctx, getrandom); /* for unbound */
LSW_SECCOMP_ADD(ctx, getrlimit);
@@ -102,10 +104,12 @@
LSW_SECCOMP_ADD(ctx, pipe);
LSW_SECCOMP_ADD(ctx, pipe2);
LSW_SECCOMP_ADD(ctx, poll);
+ LSW_SECCOMP_ADD(ctx, ppoll);
LSW_SECCOMP_ADD(ctx, prctl);
LSW_SECCOMP_ADD(ctx, pread64);
LSW_SECCOMP_ADD(ctx, prlimit64);
LSW_SECCOMP_ADD(ctx, readlink);
+ LSW_SECCOMP_ADD(ctx, readlinkat);
LSW_SECCOMP_ADD(ctx, recvfrom);
LSW_SECCOMP_ADD(ctx, recvmsg);
LSW_SECCOMP_ADD(ctx, select);
@@ -126,6 +130,7 @@
LSW_SECCOMP_ADD(ctx, arch_prctl);
LSW_SECCOMP_ADD(ctx, exit_group);
LSW_SECCOMP_ADD(ctx, exit);
+ LSW_SECCOMP_ADD(ctx, getpid);
LSW_SECCOMP_ADD(ctx, gettid);
LSW_SECCOMP_ADD(ctx, gettimeofday);
LSW_SECCOMP_ADD(ctx, fstat);
@@ -139,6 +144,7 @@
LSW_SECCOMP_ADD(ctx, rt_sigprocmask);
LSW_SECCOMP_ADD(ctx, rt_sigreturn);
LSW_SECCOMP_ADD(ctx, sched_setparam);
+ LSW_SECCOMP_ADD(ctx, send);
LSW_SECCOMP_ADD(ctx, sendto);
LSW_SECCOMP_ADD(ctx, set_tid_address);
LSW_SECCOMP_ADD(ctx, sigaltstack);

16
SOURCES/libreswan-3.32-1840212-nss-gcm.patch Normal file
View File

@ -0,0 +1,16 @@
diff -Naur libreswan-3.32-orig/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c libreswan-3.32/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c
--- libreswan-3.32-orig/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c 2020-05-11 10:13:41.000000000 -0400
+++ libreswan-3.32/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c 2020-06-17 15:06:12.340210966 -0400
@@ -16,6 +16,12 @@
#include <stdio.h>
#include <stdlib.h>
+/*
+ * Special advise from Bob Relyea - needs to go before any nss include
+ *
+ */
+#define NSS_PKCS11_2_0_COMPAT 1
+
#include "lswlog.h"
#include "lswnss.h"
#include "prmem.h"

15
SOURCES/libreswan-3.32-1842597-accounting.patch Normal file
View File

@ -0,0 +1,15 @@
diff --git a/programs/pluto/kernel.c b/programs/pluto/kernel.c
index 28726cf82a..25ee52179a 100644
--- a/programs/pluto/kernel.c
+++ b/programs/pluto/kernel.c
@@ -600,8 +600,8 @@ bool fmt_common_shell_out(char *buf, size_t blen, const struct connection *c,
* true==inbound: inbound updates OUR_BYTES; !inbound updates
* PEER_BYTES.
*/
- bool outbytes = st != NULL && IS_IKE_SA(st) && get_sa_info(st, false, NULL);
- bool inbytes = st != NULL && IS_IKE_SA(st) && get_sa_info(st, true, NULL);
+ bool outbytes = st != NULL && get_sa_info(st, false, NULL);
+ bool inbytes = st != NULL && get_sa_info(st, true, NULL);
jambuf_t jambuf = array_as_jambuf(buf, blen);
jam_common_shell_out(&jambuf, c, sr, st, inbytes, outbytes);
return jambuf_ok(&jambuf);

24
SOURCES/libreswan-3.32-1847766-xfrmi.patch Normal file
View File

@ -0,0 +1,24 @@
commit 790a79ba9f8f16532040d9c8a51a27c20e13c154
Author: Paul Wouters <pwouters@redhat.com>
Date: Tue Jun 16 20:57:01 2020 -0400
pluto: find_pluto_xfrmi_interface() would only check first interface
diff --git a/programs/pluto/kernel_xfrm_interface.c b/programs/pluto/kernel_xfrm_interface.c
index 8fc27b727d..0dc1a7ec8c 100644
--- a/programs/pluto/kernel_xfrm_interface.c
+++ b/programs/pluto/kernel_xfrm_interface.c
@@ -586,9 +586,10 @@ static struct pluto_xfrmi *find_pluto_xfrmi_interface(uint32_t if_id)
struct pluto_xfrmi *ret = NULL;
for (h = pluto_xfrm_interfaces; h != NULL; h = h->next) {
- if (h->if_id == if_id)
- ret = h;
- break;
+ if (h->if_id == if_id) {
+ ret = h;
+ break;
+ }
}
return ret;

18
SOURCES/libreswan-3.32-1861360-nodefault-rsa-pss.patch Normal file
View File

@ -0,0 +1,18 @@
diff -Naur libreswan-3.32-orig/lib/libipsecconf/confread.c libreswan-3.32/lib/libipsecconf/confread.c
--- libreswan-3.32-orig/lib/libipsecconf/confread.c 2020-07-28 20:25:54.618261606 -0400
+++ libreswan-3.32/lib/libipsecconf/confread.c 2020-07-28 20:28:03.952421236 -0400
@@ -1498,9 +1498,14 @@
} else if (streq(val, "rsasig") || streq(val, "rsa")) {
conn->policy |= POLICY_RSASIG;
conn->policy |= POLICY_RSASIG_v1_5;
+ /*
+ * These cause failure with RSA 1024 bits because it uses RSA-PSS
+ */
+#if 0
conn->sighash_policy |= POL_SIGHASH_SHA2_256;
conn->sighash_policy |= POL_SIGHASH_SHA2_384;
conn->sighash_policy |= POL_SIGHASH_SHA2_512;
+#endif
} else if (streq(val, "never")) {
conn->policy |= POLICY_AUTH_NEVER;
/* everything else is only supported for IKEv2 */

30
SOURCES/libreswan-3.28-maintain-different-v1v2-split.patch → SOURCES/libreswan-3.32-maintain-different-v1v2-split.patch
View File

@ -1,7 +1,7 @@
diff -Naur libreswan-3.28-orig/lib/libipsecconf/confread.c libreswan-3.28/lib/libipsecconf/confread.c
--- libreswan-3.28-orig/lib/libipsecconf/confread.c 2019-05-20 23:01:54.000000000 -0400
+++ libreswan-3.28/lib/libipsecconf/confread.c 2019-05-21 16:59:20.861415770 -0400
@@ -1273,13 +1273,16 @@
diff -Naur libreswan-3.32rc1-orig/lib/libipsecconf/confread.c libreswan-3.32rc1/lib/libipsecconf/confread.c
--- libreswan-3.32rc1-orig/lib/libipsecconf/confread.c 2020-04-28 22:27:20.000000000 -0400
+++ libreswan-3.32rc1/lib/libipsecconf/confread.c 2020-04-30 13:41:18.612751661 -0400
@@ -1332,13 +1332,16 @@
switch (conn->options[KNCF_IKEv2]) {
case fo_never:
@ -20,10 +20,10 @@ diff -Naur libreswan-3.28-orig/lib/libipsecconf/confread.c libreswan-3.28/lib/li
case fo_insist:
conn->policy |= POLICY_IKEV2_ALLOW;
/* clear any inherited default */
diff -Naur libreswan-3.28-orig/programs/configs/d.ipsec.conf/ikev2.xml libreswan-3.28/programs/configs/d.ipsec.conf/ikev2.xml
--- libreswan-3.28-orig/programs/configs/d.ipsec.conf/ikev2.xml 2019-05-20 23:01:54.000000000 -0400
+++ libreswan-3.28/programs/configs/d.ipsec.conf/ikev2.xml 2019-05-21 16:54:07.584141191 -0400
@@ -1,13 +1,15 @@
diff -Naur libreswan-3.32rc1-orig/programs/configs/d.ipsec.conf/ikev2.xml libreswan-3.32rc1/programs/configs/d.ipsec.conf/ikev2.xml
--- libreswan-3.32rc1-orig/programs/configs/d.ipsec.conf/ikev2.xml 2020-04-28 22:27:20.000000000 -0400
+++ libreswan-3.32rc1/programs/configs/d.ipsec.conf/ikev2.xml 2020-04-30 13:45:14.847694267 -0400
@@ -1,15 +1,15 @@
<varlistentry>
<term><emphasis remap='B'>ikev2</emphasis></term>
<listitem>
@ -36,7 +36,9 @@ diff -Naur libreswan-3.28-orig/programs/configs/d.ipsec.conf/ikev2.xml libreswan
signifying only IKEv2 is accepted. Previous versions allowed the keywords
-<emphasis remap='B'>propose</emphasis> or <emphasis remap='B'>permit</emphasis>
-that would allow either IKEv1 or IKEv2, but this is no longer supported. The
-permit option is interpreted as no and the propose option is interpreted as yes.
-permit option is interpreted as no and the propose option is interpreted as
-yes. Older versions also supported keyword
-<emphasis remap='B'>insist</emphasis> which is now interpreted as yes.
+<emphasis remap='B'>propose</emphasis>, <emphasis remap='B'>yes</emphasis> or <emphasis remap='B'>permit</emphasis>
+that would allow either IKEv1 or IKEv2, but this is no longer supported and both options
+now cause the connection to fail to load. <emphasis remap='B'>WARNING:</emphasis> This behaviour differs from upstream
@ -45,10 +47,10 @@ diff -Naur libreswan-3.28-orig/programs/configs/d.ipsec.conf/ikev2.xml libreswan
</para>
</listitem>
</varlistentry>
diff -Naur libreswan-3.28-orig/programs/whack/whack.c libreswan-3.28/programs/whack/whack.c
--- libreswan-3.28-orig/programs/whack/whack.c 2019-05-20 23:01:54.000000000 -0400
+++ libreswan-3.28/programs/whack/whack.c 2019-05-21 17:01:37.868865569 -0400
@@ -741,7 +741,7 @@
diff -Naur libreswan-3.32rc1-orig/programs/whack/whack.c libreswan-3.32rc1/programs/whack/whack.c
--- libreswan-3.32rc1-orig/programs/whack/whack.c 2020-04-28 22:27:20.000000000 -0400
+++ libreswan-3.32rc1/programs/whack/whack.c 2020-04-30 13:41:18.615751749 -0400
@@ -775,7 +775,7 @@
PS("ikev1-allow", IKEV1_ALLOW),
PS("ikev2-allow", IKEV2_ALLOW),
@ -57,7 +59,7 @@ diff -Naur libreswan-3.28-orig/programs/whack/whack.c libreswan-3.28/programs/wh
PS("allow-narrowing", IKEV2_ALLOW_NARROWING),
#ifdef XAUTH_HAVE_PAM
@@ -1683,7 +1683,7 @@
@@ -1737,7 +1737,7 @@
/* --ikev1-allow */
case CDP_SINGLETON + POLICY_IKEV1_ALLOW_IX:

53
SOURCES/libreswan-3.32-rebase-fixups.patch Normal file
View File

@ -0,0 +1,53 @@
diff -Naur libreswan-3.32-orig/lib/libipsecconf/interfaces.c libreswan-3.32/lib/libipsecconf/interfaces.c
--- libreswan-3.32-orig/lib/libipsecconf/interfaces.c 2020-05-11 10:13:41.000000000 -0400
+++ libreswan-3.32/lib/libipsecconf/interfaces.c 2020-06-04 18:51:39.508280352 -0400
@@ -71,7 +71,11 @@
if (sa->sa.sa_family == af) {
/* XXX: sizeof right? */
ip_endpoint nhe;
- happy(sockaddr_to_endpoint(sa, sizeof(*sa), &nhe));
+ err_t e = sockaddr_to_endpoint(sa, sizeof(*sa), &nhe);
+ if (e != NULL) {
+ pexpect(e != NULL);
+ return false;
+ }
pexpect(endpoint_hport(&nhe) == 0);
*nh = endpoint_address(&nhe);
}
@@ -84,7 +88,11 @@
if (sa->sa.sa_family == af) {
/* XXX: sizeof right? */
ip_endpoint dste;
- happy(sockaddr_to_endpoint(sa, sizeof(*sa), &dste));
+ err_t e = sockaddr_to_endpoint(sa, sizeof(*sa), &dste);
+ if (e != NULL) {
+ pexpect(e != NULL);
+ return false;
+ }
pexpect(endpoint_hport(&dste) == 0);
*dst = endpoint_address(&dste);
}
diff -Naur libreswan-3.32-orig/lib/libswan/ip_endpoint.c libreswan-3.32/lib/libswan/ip_endpoint.c
--- libreswan-3.32-orig/lib/libswan/ip_endpoint.c 2020-05-11 10:13:41.000000000 -0400
+++ libreswan-3.32/lib/libswan/ip_endpoint.c 2020-06-04 18:51:39.508280352 -0400
@@ -54,20 +54,12 @@
switch (sa->sa.sa_family) {
case AF_INET:
{
- /* XXX: to strict? */
- if (sa_len != sizeof(sa->sin)) {
- return "wrong length";
- }
address = address_from_in_addr(&sa->sin.sin_addr);
port = ntohs(sa->sin.sin_port);
break;
}
case AF_INET6:
{
- /* XXX: to strict? */
- if (sa_len != sizeof(sa->sin6)) {
- return "wrong length";
- }
address = address_from_in6_addr(&sa->sin6.sin6_addr);
port = ntohs(sa->sin6.sin6_port);
break;

143
SPECS/libreswan.spec
View File

@ -3,17 +3,21 @@
%global with_efence 0
%global with_development 0
%global with_cavstests 1
# Libreswan config options
# minimum version for support for rhbz#1651314
# should prob update for nss with IKEv1 quick mode support
%global nss_version 3.53.1-3
%global unbound_version 1.6.6
%global libreswan_config \\\
FINALLIBEXECDIR=%{_libexecdir}/ipsec \\\
FINALMANDIR=%{_mandir} \\\
FIPSPRODUCTCHECK=%{_sysconfdir}/system-fips \\\
INC_RCDEFAULT=%{_initrddir} \\\
INC_USRLOCAL=%{_prefix} \\\
INITSYSTEM=systemd \\\
NSS_REQ_AVA_COPY=false \\\
NSS_HAS_IPSEC_PROFILE=true \\\
PYTHON_BINARY=%{__python3} \\\
USE_DNSSEC=true \\\
USE_FIPSCHECK=true \\\
USE_FIPSCHECK=false \\\
USE_LABELED_IPSEC=true \\\
USE_LDAP=true \\\
USE_LIBCAP_NG=true \\\
@ -25,6 +29,7 @@
USE_KLIPS=false \\\
USE_NSS_PRF=true \\\
USE_PRF_AES_XCBC=true \\\
USE_DH2=true \\\
%{nil}
#global prever rc1
@ -32,10 +37,11 @@
Name: libreswan
Summary: IPsec implementation with IKEv1 and IKEv2 keying protocols
# version is generated in the release script
Version: 3.29
Release: %{?prever:0.}7%{?prever:.%{prever}}%{?dist}
Version: 3.32
Release: %{?prever:0.}6%{?prever:.%{prever}}%{?dist}
License: GPLv2
Url: https://libreswan.org/
Source0: https://download.libreswan.org/%{?prever:with_development/}%{name}-%{version}%{?prever}.tar.gz
%if 0%{with_cavstests}
Source1: https://download.libreswan.org/cavs/ikev1_dsa.fax.bz2
@ -43,45 +49,49 @@ Source2: https://download.libreswan.org/cavs/ikev1_psk.fax.bz2
Source3: https://download.libreswan.org/cavs/ikev2.fax.bz2
%endif
Patch1: libreswan-3.28-maintain-different-v1v2-split.patch
Patch2: libreswan-3.29-CVE-2019-10155-testing.patch
Patch3: libreswan-3.29-1723957-audit.patch
Patch4: libreswan-3.25-1724200-halfopen-shunt.patch
Patch5: libreswan-3.29-1699318-show.patch
Patch6: libreswan-3.29-1714331-nss-kdf.patch
Patch7: libreswan-3.27-CVE-2020-1763.patch
Patch1: libreswan-3.32-maintain-different-v1v2-split.patch
Patch2: libreswan-3.32-rebase-fixups.patch
Patch3: libreswan-3.32-1842597-accounting.patch
Patch4: libreswan-3.32-1847766-xfrmi.patch
Patch5: libreswan-3.32-1840212-nss-gcm.patch
Patch6: libreswan-3.32-1544463-seccomp.patch
Patch7: libreswan-3.32-1861360-nodefault-rsa-pss.patch
Group: System Environment/Daemons
BuildRequires: bison flex pkgconfig
BuildRequires: systemd systemd-units systemd-devel
Requires(post): coreutils bash systemd
Requires(preun): systemd
Requires(postun): systemd
BuildRequires: pkgconfig hostname
# minimum version for support for rhbz#1651314
BuildRequires: nss-tools nss-devel >= 3.44.0-8
Requires: nss >= 3.44.0-8
BuildRequires: nspr-devel
BuildRequires: pam-devel
BuildRequires: audit-libs-devel
BuildRequires: bison
BuildRequires: curl-devel
BuildRequires: flex
BuildRequires: gcc
BuildRequires: ldns-devel
BuildRequires: libcap-ng-devel
BuildRequires: libevent-devel
BuildRequires: unbound-devel >= 1.6.0-6 ldns-devel
BuildRequires: libseccomp-devel
BuildRequires: libselinux-devel
BuildRequires: fipscheck-devel
Requires: fipscheck%{_isa}
Buildrequires: audit-libs-devel
BuildRequires: libcap-ng-devel
BuildRequires: openldap-devel curl-devel
BuildRequires: nspr-devel
BuildRequires: nss-devel >= %{nss_version}
buildRequires: nss-tools
BuildRequires: openldap-devel
BuildRequires: pam-devel
BuildRequires: pkgconfig
BuildRequires: hostname
BuildRequires: redhat-rpm-config
BuildRequires: systemd-devel
BuildRequires: unbound-devel >= %{unbound_version}
BuildRequires: xmlto
%if 0%{with_efence}
BuildRequires: ElectricFence
%endif
BuildRequires: xmlto
Requires: nss-tools, nss-softokn
Requires: iproute >= 2.6.8
Requires: unbound-libs >= 1.6.6
Requires: nss >= %{nss_version}
Requires: nss-softokn
Requires: nss-tools
Requires: unbound-libs >= %{unbound_version}
Requires(post): bash
Requires(post): coreutils
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
%description
Libreswan is a free implementation of IKE/IPsec for Linux. IPsec is
@ -109,10 +119,9 @@ Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04
%patch6 -p1
%patch7 -p1
pathfix.py -i %{__python3} -pn programs/verify/verify.in programs/show/show.in \
testing/cert_verify/usage_test testing/pluto/ikev1-01-fuzzer/cve-2015-3204.py \
testing/pluto/ikev2-15-fuzzer/send_bad_packets.py testing/x509/dist_certs.py \
programs/_unbound-hook/_unbound-hook.in
pathfix.py -i %{__python3} -pn testing/cert_verify/usage_test \
testing/pluto/ikev1-01-fuzzer/cve-2015-3204.py \
testing/pluto/ikev2-15-fuzzer/send_bad_packets.py
# replace unsupported KLIPS README
echo "KLIPS is not supported with RHEL8" > README.KLIPS
@ -124,30 +133,21 @@ sed -i "s/-lfreebl //" mk/config.mk
sed -i "s:#[ ]*include \(.*\)\(/crypto-policies/back-ends/libreswan.config\)$:include \1\2:" programs/configs/ipsec.conf.in
%build
%if 0%{with_efence}
%global efence "-lefence"
%endif
#796683: -fno-strict-aliasing
make %{?_smp_mflags} \
%if 0%{with_development}
USERCOMPILE="-g -DGCC_LINT %(echo %{optflags} | sed -e s/-O[0-9]*/ /) %{?efence} -fPIE -pie -fno-strict-aliasing -Wformat-nonliteral -Wformat-security" \
OPTIMIZE_CFLAGS="%{?_hardened_cflags}" \
%else
USERCOMPILE="-g -DGCC_LINT %{optflags} %{?efence} -fPIE -pie -fno-strict-aliasing -Wformat-nonliteral -Wformat-security" \
OPTIMIZE_CFLAGS="%{optflags}" \
%endif
USERLINK="-g -pie -Wl,-z,relro,-z,now %{?efence}" \
%{libreswan_config} \
programs
%if 0%{with_efence}
USE_EFENCE=true \
%endif
WERROR_CFLAGS="-Werror -Wno-missing-field-initializers" \
USERLINK="%{?__global_ldflags}" \
%{libreswan_config} \
programs
FS=$(pwd)
# Add generation of HMAC checksums of the final stripped binaries
%define __spec_install_post \
%{?__debug_package:%{__debug_install_post}} \
%{__arch_install_post} \
%{__os_install_post} \
fipshmac -d %{buildroot}%{_libdir}/fipscheck %{buildroot}%{_libexecdir}/ipsec/pluto \
%{nil}
%install
make \
DESTDIR=%{buildroot} \
@ -155,6 +155,7 @@ make \
install
FS=$(pwd)
rm -rf %{buildroot}/usr/share/doc/libreswan
rm -rf %{buildroot}%{_libexecdir}/ipsec/*check
install -d -m 0755 %{buildroot}%{_rundir}/pluto
# used when setting --perpeerlog without --perpeerlogbase
@ -165,13 +166,9 @@ install -d %{buildroot}%{_sysconfdir}/sysctl.d
install -m 0644 packaging/fedora/libreswan-sysctl.conf \
%{buildroot}%{_sysconfdir}/sysctl.d/50-libreswan.conf
mkdir -p %{buildroot}%{_libdir}/fipscheck
echo "include %{_sysconfdir}/ipsec.d/*.secrets" \
> %{buildroot}%{_sysconfdir}/ipsec.secrets
rm -fr %{buildroot}%{_sysconfdir}/rc.d/rc*
# remove testing binaries
rm -fr %{buildroot}%{_libexecdir}/ipsec/*check
%if 0%{with_cavstests}
%check
@ -232,11 +229,29 @@ certutil -N -d sql:$tmpdir --empty-password
%{_sbindir}/ipsec
%{_libexecdir}/ipsec
%attr(0644,root,root) %doc %{_mandir}/*/*
%{_libdir}/fipscheck/pluto.hmac
%changelog
* Wed Apr 29 2020 Paul Wouters <pwouters@redhat.com> - 3.29-7
- Resolves: rhbz#1814935 CVE-2020-1763 doS attack via malicious IKEv1 informational exchange message [rhel-8.2.0.z]
* Wed Jul 29 2020 Paul Wouters <pwouters@redhat.com> - 3.32-6
- Resolves: rhbz#1861360 authby=rsasig must not imply usage of rsa-pss
* Wed Jul 22 2020 Paul Wouters <pwouters@redhat.com> - 3.32-5
- Resolves: rhbz#1820206 Rebase to libreswan 3.32 [rebuild for USE_NSS_PRF]
* Wed Jul 01 2020 Paul Wouters <pwouters@redhat.com> - 3.32-4
- Resolves: rhbz#1544463 ipsec service does not work correctly when seccomp filtering is enabled
* Wed Jun 17 2020 Paul Wouters <pwouters@redhat.com> - 3.32-3
- Resolves: rhbz#1842597 regression: libreswan does not send PLUTO_BYTES env variables to updown script
- Resolves: rhbz#1847766 subsequent xfrmi interfaces configured outside of libreswan are not recognised properly
- Resolves: rhbz#1840212 protect libreswan against unannounced nss ABI change
* Thu Jun 11 2020 Paul Wouters <pwouters@redhat.com> - 3.32-2
- Resolves: rhbz#1820206 Rebase to libreswan 3.32 [addconn fix]
* Thu Apr 30 2020 Paul Wouters <pwouters@redhat.com> - 3.32-1
- Resolves: rhbz#1820206 Rebase to libreswan 3.32
- Resolves: rhbz#1816265 Use NSS to check whether FIPS mode is enabled
- Resolves: rhbz#1826337 libreswan in FIPS mode rejects ECDSA keys based on faulty RSA key size check being applied
* Tue Aug 13 2019 Paul Wouters <pwouters@redhat.com> - 3.29-6
- Resolves: rhbz#1714331 support NSS based IKE KDF's [require updated nss for rhbz 1738689, memleak fix]