backport fix for PEAP client
Resolves: RHEL-25974 Signed-off-by: Davide Caratti <dcaratti@redhat.com>
This commit is contained in:
parent
b501d6acc1
commit
c8b1d8d950
@ -0,0 +1,198 @@
|
|||||||
|
From 8e6485a1bcb0baffdea9e55255a81270b768439c Mon Sep 17 00:00:00 2001
|
||||||
|
Message-ID: <8e6485a1bcb0baffdea9e55255a81270b768439c.1708356763.git.davide.caratti@gmail.com>
|
||||||
|
From: Jouni Malinen <j@w1.fi>
|
||||||
|
Date: Sat, 8 Jul 2023 19:55:32 +0300
|
||||||
|
Subject: [PATCH] PEAP client: Update Phase 2 authentication requirements
|
||||||
|
|
||||||
|
The previous PEAP client behavior allowed the server to skip Phase 2
|
||||||
|
authentication with the expectation that the server was authenticated
|
||||||
|
during Phase 1 through TLS server certificate validation. Various PEAP
|
||||||
|
specifications are not exactly clear on what the behavior on this front
|
||||||
|
is supposed to be and as such, this ended up being more flexible than
|
||||||
|
the TTLS/FAST/TEAP cases. However, this is not really ideal when
|
||||||
|
unfortunately common misconfiguration of PEAP is used in deployed
|
||||||
|
devices where the server trust root (ca_cert) is not configured or the
|
||||||
|
user has an easy option for allowing this validation step to be skipped.
|
||||||
|
|
||||||
|
Change the default PEAP client behavior to be to require Phase 2
|
||||||
|
authentication to be successfully completed for cases where TLS session
|
||||||
|
resumption is not used and the client certificate has not been
|
||||||
|
configured. Those two exceptions are the main cases where a deployed
|
||||||
|
authentication server might skip Phase 2 and as such, where a more
|
||||||
|
strict default behavior could result in undesired interoperability
|
||||||
|
issues. Requiring Phase 2 authentication will end up disabling TLS
|
||||||
|
session resumption automatically to avoid interoperability issues.
|
||||||
|
|
||||||
|
Allow Phase 2 authentication behavior to be configured with a new phase1
|
||||||
|
configuration parameter option:
|
||||||
|
'phase2_auth' option can be used to control Phase 2 (i.e., within TLS
|
||||||
|
tunnel) behavior for PEAP:
|
||||||
|
* 0 = do not require Phase 2 authentication
|
||||||
|
* 1 = require Phase 2 authentication when client certificate
|
||||||
|
(private_key/client_cert) is no used and TLS session resumption was
|
||||||
|
not used (default)
|
||||||
|
* 2 = require Phase 2 authentication in all cases
|
||||||
|
|
||||||
|
Signed-off-by: Jouni Malinen <j@w1.fi>
|
||||||
|
---
|
||||||
|
src/eap_peer/eap_config.h | 8 ++++++
|
||||||
|
src/eap_peer/eap_peap.c | 40 +++++++++++++++++++++++++++---
|
||||||
|
src/eap_peer/eap_tls_common.c | 6 +++++
|
||||||
|
src/eap_peer/eap_tls_common.h | 5 ++++
|
||||||
|
wpa_supplicant/wpa_supplicant.conf | 7 ++++++
|
||||||
|
5 files changed, 63 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
--- a/src/eap_peer/eap_config.h
|
||||||
|
+++ b/src/eap_peer/eap_config.h
|
||||||
|
@@ -469,6 +469,14 @@ struct eap_peer_config {
|
||||||
|
* 1 = use cryptobinding if server supports it
|
||||||
|
* 2 = require cryptobinding
|
||||||
|
*
|
||||||
|
+ * phase2_auth option can be used to control Phase 2 (i.e., within TLS
|
||||||
|
+ * tunnel) behavior for PEAP:
|
||||||
|
+ * 0 = do not require Phase 2 authentication
|
||||||
|
+ * 1 = require Phase 2 authentication when client certificate
|
||||||
|
+ * (private_key/client_cert) is no used and TLS session resumption was
|
||||||
|
+ * not used (default)
|
||||||
|
+ * 2 = require Phase 2 authentication in all cases
|
||||||
|
+ *
|
||||||
|
* EAP-WSC (WPS) uses following options: pin=Device_Password and
|
||||||
|
* uuid=Device_UUID
|
||||||
|
*
|
||||||
|
--- a/src/eap_peer/eap_peap.c
|
||||||
|
+++ b/src/eap_peer/eap_peap.c
|
||||||
|
@@ -67,6 +67,7 @@ struct eap_peap_data {
|
||||||
|
u8 cmk[20];
|
||||||
|
int soh; /* Whether IF-TNCCS-SOH (Statement of Health; Microsoft NAP)
|
||||||
|
* is enabled. */
|
||||||
|
+ enum { NO_AUTH, FOR_INITIAL, ALWAYS } phase2_auth;
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
@@ -114,6 +115,19 @@ static void eap_peap_parse_phase1(struct
|
||||||
|
wpa_printf(MSG_DEBUG, "EAP-PEAP: Require cryptobinding");
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (os_strstr(phase1, "phase2_auth=0")) {
|
||||||
|
+ data->phase2_auth = NO_AUTH;
|
||||||
|
+ wpa_printf(MSG_DEBUG,
|
||||||
|
+ "EAP-PEAP: Do not require Phase 2 authentication");
|
||||||
|
+ } else if (os_strstr(phase1, "phase2_auth=1")) {
|
||||||
|
+ data->phase2_auth = FOR_INITIAL;
|
||||||
|
+ wpa_printf(MSG_DEBUG,
|
||||||
|
+ "EAP-PEAP: Require Phase 2 authentication for initial connection");
|
||||||
|
+ } else if (os_strstr(phase1, "phase2_auth=2")) {
|
||||||
|
+ data->phase2_auth = ALWAYS;
|
||||||
|
+ wpa_printf(MSG_DEBUG,
|
||||||
|
+ "EAP-PEAP: Require Phase 2 authentication for all cases");
|
||||||
|
+ }
|
||||||
|
#ifdef EAP_TNC
|
||||||
|
if (os_strstr(phase1, "tnc=soh2")) {
|
||||||
|
data->soh = 2;
|
||||||
|
@@ -142,6 +156,7 @@ static void * eap_peap_init(struct eap_s
|
||||||
|
data->force_peap_version = -1;
|
||||||
|
data->peap_outer_success = 2;
|
||||||
|
data->crypto_binding = OPTIONAL_BINDING;
|
||||||
|
+ data->phase2_auth = FOR_INITIAL;
|
||||||
|
|
||||||
|
if (config && config->phase1)
|
||||||
|
eap_peap_parse_phase1(data, config->phase1);
|
||||||
|
@@ -454,6 +469,20 @@ static int eap_tlv_validate_cryptobindin
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
+static bool peap_phase2_sufficient(struct eap_sm *sm,
|
||||||
|
+ struct eap_peap_data *data)
|
||||||
|
+{
|
||||||
|
+ if ((data->phase2_auth == ALWAYS ||
|
||||||
|
+ (data->phase2_auth == FOR_INITIAL &&
|
||||||
|
+ !tls_connection_resumed(sm->ssl_ctx, data->ssl.conn) &&
|
||||||
|
+ !data->ssl.client_cert_conf) ||
|
||||||
|
+ data->phase2_eap_started) &&
|
||||||
|
+ !data->phase2_eap_success)
|
||||||
|
+ return false;
|
||||||
|
+ return true;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
* eap_tlv_process - Process a received EAP-TLV message and generate a response
|
||||||
|
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
|
||||||
|
@@ -568,6 +597,11 @@ static int eap_tlv_process(struct eap_sm
|
||||||
|
" - force failed Phase 2");
|
||||||
|
resp_status = EAP_TLV_RESULT_FAILURE;
|
||||||
|
ret->decision = DECISION_FAIL;
|
||||||
|
+ } else if (!peap_phase2_sufficient(sm, data)) {
|
||||||
|
+ wpa_printf(MSG_INFO,
|
||||||
|
+ "EAP-PEAP: Server indicated Phase 2 success, but sufficient Phase 2 authentication has not been completed");
|
||||||
|
+ resp_status = EAP_TLV_RESULT_FAILURE;
|
||||||
|
+ ret->decision = DECISION_FAIL;
|
||||||
|
} else {
|
||||||
|
resp_status = EAP_TLV_RESULT_SUCCESS;
|
||||||
|
ret->decision = DECISION_UNCOND_SUCC;
|
||||||
|
@@ -887,8 +921,7 @@ continue_req:
|
||||||
|
/* EAP-Success within TLS tunnel is used to indicate
|
||||||
|
* shutdown of the TLS channel. The authentication has
|
||||||
|
* been completed. */
|
||||||
|
- if (data->phase2_eap_started &&
|
||||||
|
- !data->phase2_eap_success) {
|
||||||
|
+ if (!peap_phase2_sufficient(sm, data)) {
|
||||||
|
wpa_printf(MSG_DEBUG, "EAP-PEAP: Phase 2 "
|
||||||
|
"Success used to indicate success, "
|
||||||
|
"but Phase 2 EAP was not yet "
|
||||||
|
@@ -1199,8 +1232,9 @@ static struct wpabuf * eap_peap_process(
|
||||||
|
static bool eap_peap_has_reauth_data(struct eap_sm *sm, void *priv)
|
||||||
|
{
|
||||||
|
struct eap_peap_data *data = priv;
|
||||||
|
+
|
||||||
|
return tls_connection_established(sm->ssl_ctx, data->ssl.conn) &&
|
||||||
|
- data->phase2_success;
|
||||||
|
+ data->phase2_success && data->phase2_auth != ALWAYS;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
--- a/src/eap_peer/eap_tls_common.c
|
||||||
|
+++ b/src/eap_peer/eap_tls_common.c
|
||||||
|
@@ -239,6 +239,12 @@ static int eap_tls_params_from_conf(stru
|
||||||
|
|
||||||
|
sm->ext_cert_check = !!(params->flags & TLS_CONN_EXT_CERT_CHECK);
|
||||||
|
|
||||||
|
+ if (!phase2)
|
||||||
|
+ data->client_cert_conf = params->client_cert ||
|
||||||
|
+ params->client_cert_blob ||
|
||||||
|
+ params->private_key ||
|
||||||
|
+ params->private_key_blob;
|
||||||
|
+
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
--- a/src/eap_peer/eap_tls_common.h
|
||||||
|
+++ b/src/eap_peer/eap_tls_common.h
|
||||||
|
@@ -79,6 +79,11 @@ struct eap_ssl_data {
|
||||||
|
* tls_v13 - Whether TLS v1.3 or newer is used
|
||||||
|
*/
|
||||||
|
int tls_v13;
|
||||||
|
+
|
||||||
|
+ /**
|
||||||
|
+ * client_cert_conf: Whether client certificate has been configured
|
||||||
|
+ */
|
||||||
|
+ bool client_cert_conf;
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
--- a/wpa_supplicant/wpa_supplicant.conf
|
||||||
|
+++ b/wpa_supplicant/wpa_supplicant.conf
|
||||||
|
@@ -1330,6 +1330,13 @@ fast_reauth=1
|
||||||
|
# * 0 = do not use cryptobinding (default)
|
||||||
|
# * 1 = use cryptobinding if server supports it
|
||||||
|
# * 2 = require cryptobinding
|
||||||
|
+# 'phase2_auth' option can be used to control Phase 2 (i.e., within TLS
|
||||||
|
+# tunnel) behavior for PEAP:
|
||||||
|
+# * 0 = do not require Phase 2 authentication
|
||||||
|
+# * 1 = require Phase 2 authentication when client certificate
|
||||||
|
+# (private_key/client_cert) is no used and TLS session resumption was
|
||||||
|
+# not used (default)
|
||||||
|
+# * 2 = require Phase 2 authentication in all cases
|
||||||
|
# EAP-WSC (WPS) uses following options: pin=<Device Password> or
|
||||||
|
# pbc=1.
|
||||||
|
#
|
@ -9,7 +9,7 @@ Summary: WPA/WPA2/IEEE 802.1X Supplicant
|
|||||||
Name: wpa_supplicant
|
Name: wpa_supplicant
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
Version: 2.10
|
Version: 2.10
|
||||||
Release: 4%{?dist}.rhel22440
|
Release: 5%{?dist}
|
||||||
License: BSD
|
License: BSD
|
||||||
Source0: http://w1.fi/releases/%{name}-%{version}.tar.gz
|
Source0: http://w1.fi/releases/%{name}-%{version}.tar.gz
|
||||||
Source1: wpa_supplicant.conf
|
Source1: wpa_supplicant.conf
|
||||||
@ -40,6 +40,8 @@ Patch9: wpa_supplicant-macsec_linux-Support-cipher-suite-configuration.patch
|
|||||||
Patch10: wpa_supplicant-mka-Allow-configuration-of-MACsec-hardware-offload.patch
|
Patch10: wpa_supplicant-mka-Allow-configuration-of-MACsec-hardware-offload.patch
|
||||||
Patch11: wpa_supplicant-macsec_linux-Add-support-for-MACsec-hardware-offload.patch
|
Patch11: wpa_supplicant-macsec_linux-Add-support-for-MACsec-hardware-offload.patch
|
||||||
|
|
||||||
|
# fix PEAP client to require successful Phase2 authentication when needed (CVE-2023-52160)
|
||||||
|
Patch12: wpa_supplicant-PEAP-client-Update-Phase-2-authentication-requiremen.patch
|
||||||
|
|
||||||
URL: http://w1.fi/wpa_supplicant/
|
URL: http://w1.fi/wpa_supplicant/
|
||||||
|
|
||||||
@ -200,8 +202,10 @@ chmod -R 0644 wpa_supplicant/examples/*.py
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Thu Feb 1 2024 Davide Caratti <dcaratti@redhat.com> - 1:2.10-4.rhel22440
|
* Thu Feb 22 2024 Davide Caratti <dcaratti@redhat.com> - 1:2.10-5
|
||||||
- support macsec HW offload. Resolves: RHEL-22440
|
- Support macsec HW offload.
|
||||||
|
Resolves: RHEL-22440
|
||||||
|
- Backport fix for PEAP client (CVE-2023-52160)
|
||||||
|
|
||||||
* Fri May 13 2022 Davide Caratti <dcaratti@redhat.com> - 1:2.10-4
|
* Fri May 13 2022 Davide Caratti <dcaratti@redhat.com> - 1:2.10-4
|
||||||
- Explicitly allow/disallow unsafe legacy renegotiation on configuration base.
|
- Explicitly allow/disallow unsafe legacy renegotiation on configuration base.
|
||||||
|
Loading…
Reference in New Issue
Block a user