Commit 6fc12c21 authored by Natanael Copa's avatar Natanael Copa
Browse files

main/openvpn: security fix (CVE-2013-2061)

fixes #1882
parent 2bf234d3
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=openvpn
pkgver=2.2.0
pkgrel=1
pkgrel=2
pkgdesc="A robust, and highly configurable VPN (Virtual Private Network)"
url="http://openvpn.sourceforge.net/"
arch="all"
......@@ -16,6 +16,7 @@ source="http://swupdate.openvpn.net/community/releases/$pkgname-$pkgver.tar.gz
openvpn.up
openvpn.down
openvpn-2.2.0-ipv6-20110522-1.patch
CVE-2013-2061.patch
"
_builddir="$srcdir"/$pkgname-$pkgver
......@@ -93,4 +94,5 @@ ec99092827faa7226e9f548c2cd1d20c openvpn.initd
9eca88cac6294027ec1bb7be74185c3a openvpn.confd
dc72fecd1a1bcef937603057cd6574b1 openvpn.up
dc3ff0bae442b9aedd947b8ffda1687a openvpn.down
25172fa251672edc3f7a277b5d7f3f72 openvpn-2.2.0-ipv6-20110522-1.patch"
25172fa251672edc3f7a277b5d7f3f72 openvpn-2.2.0-ipv6-20110522-1.patch
8416c8db9c60ecb5a54367af57ac7884 CVE-2013-2061.patch"
From 11d21349a4e7e38a025849479b36ace7c2eec2ee Mon Sep 17 00:00:00 2001
From: Steffan Karger <steffan.karger@fox-it.com>
Date: Tue, 19 Mar 2013 13:01:50 +0100
Subject: [PATCH] Use constant time memcmp when comparing HMACs in
openvpn_decrypt.
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
src/openvpn/buffer.h | 8 ++++++++
src/openvpn/crypto.c | 20 +++++++++++++++++++-
2 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h
index 7cae733..93efb09 100644
--- a/buffer.h
+++ b/buffer.h
@@ -668,6 +668,10 @@ bool openvpn_snprintf(char *str, size_t size, const char *format, ...)
}
}
+/**
+ * Compare src buffer contents with match.
+ * *NOT* constant time. Do not use when comparing HMACs.
+ */
static inline bool
buf_string_match (const struct buffer *src, const void *match, int size)
{
@@ -676,6 +680,10 @@ bool openvpn_snprintf(char *str, size_t size, const char *format, ...)
return memcmp (BPTR (src), match, size) == 0;
}
+/**
+ * Compare first size bytes of src buffer contents with match.
+ * *NOT* constant time. Do not use when comparing HMACs.
+ */
static inline bool
buf_string_match_head (const struct buffer *src, const void *match, int size)
{
diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c
index 405c0aa..d9adf5b 100644
--- a/crypto.c
+++ b/crypto.c
@@ -65,6 +65,24 @@
#define CRYPT_ERROR(format) \
do { msg (D_CRYPT_ERRORS, "%s: " format, error_prefix); goto error_exit; } while (false)
+/**
+ * As memcmp(), but constant-time.
+ * Returns 0 when data is equal, non-zero otherwise.
+ */
+static int
+memcmp_constant_time (const void *a, const void *b, size_t size) {
+ const uint8_t * a1 = a;
+ const uint8_t * b1 = b;
+ int ret = 0;
+ size_t i;
+
+ for (i = 0; i < size; i++) {
+ ret |= *a1++ ^ *b1++;
+ }
+
+ return ret;
+}
+
void
openvpn_encrypt (struct buffer *buf, struct buffer work,
const struct crypto_options *opt,
@@ -244,7 +262,7 @@
hmac_ctx_final (ctx->hmac, local_hmac);
/* Compare locally computed HMAC with packet HMAC */
- if (memcmp (local_hmac, BPTR (buf), hmac_len))
+ if (memcmp_constant_time (local_hmac, BPTR (buf), hmac_len))
CRYPT_ERROR ("packet HMAC authentication failed");
ASSERT (buf_advance (buf, hmac_len));
--
1.8.1.6
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment