diff --git a/SOURCES/libreswan-3.23-del-with-notify-1630355.patch b/SOURCES/libreswan-3.23-del-with-notify-1630355.patch new file mode 100644 index 0000000..cefecfa --- /dev/null +++ b/SOURCES/libreswan-3.23-del-with-notify-1630355.patch @@ -0,0 +1,33 @@ +diff -Naur libreswan-3.25-orig/programs/pluto/ikev1.c libreswan-3.25/programs/pluto/ikev1.c +--- libreswan-3.25-orig/programs/pluto/ikev1.c 2018-06-27 22:42:26.000000000 +0700 ++++ libreswan-3.25/programs/pluto/ikev1.c 2018-11-22 20:04:44.961824151 +0700 +@@ -727,28 +727,7 @@ + return dpd_inR(st, n, n_pbs); + + case PAYLOAD_MALFORMED: +- if (st != NULL) { +- st->hidden_variables.st_malformed_received++; +- +- libreswan_log( +- "received %u malformed payload notifies", +- st->hidden_variables.st_malformed_received); +- +- if (st->hidden_variables.st_malformed_sent > +- MAXIMUM_MALFORMED_NOTIFY / 2 && +- ((st->hidden_variables.st_malformed_sent + +- st->hidden_variables. +- st_malformed_received) > +- MAXIMUM_MALFORMED_NOTIFY)) { +- libreswan_log( +- "too many malformed payloads (we sent %u and received %u", +- st->hidden_variables.st_malformed_sent, +- st->hidden_variables.st_malformed_received); +- delete_state(st); +- md->st = st = NULL; +- } +- } +- ++ libreswan_log("received PAYLOAD_MALFORMED"); + return STF_IGNORE; + + case ISAKMP_N_CISCO_LOAD_BALANCE: diff --git a/SOURCES/libreswan-3.23-zerolengthkey.patch b/SOURCES/libreswan-3.23-zerolengthkey.patch new file mode 100644 index 0000000..5daebae --- /dev/null +++ b/SOURCES/libreswan-3.23-zerolengthkey.patch @@ -0,0 +1,18 @@ +diff -Naur libreswan-3.25-orig/programs/pluto/ikev1_spdb_struct.c libreswan-3.25/programs/pluto/ikev1_spdb_struct.c +--- libreswan-3.25-orig/programs/pluto/ikev1_spdb_struct.c 2018-06-27 22:42:26.000000000 +0700 ++++ libreswan-3.25/programs/pluto/ikev1_spdb_struct.c 2018-11-22 20:29:34.034626926 +0700 +@@ -1053,10 +1053,11 @@ + loglog(RC_LOG_SERIOUS, + "You should NOT use insecure/broken IKE algorithms (%s)!", + ta->ta_encrypt->common.fqn); ++ } else { ++ DBG(DBG_CONTROL, ++ DBG_log("OAKLEY proposal verified; matching alg_info found")); ++ return true; + } +- DBG(DBG_CONTROL, +- DBG_log("OAKLEY proposal verified; matching alg_info found")); +- return true; + } + } + libreswan_log("Oakley Transform [%s (%d), %s, %s] refused%s", diff --git a/SOURCES/libreswan-3.25-1625303-recursive-incl.patch b/SOURCES/libreswan-3.25-1625303-recursive-incl.patch new file mode 100644 index 0000000..bd68345 --- /dev/null +++ b/SOURCES/libreswan-3.25-1625303-recursive-incl.patch @@ -0,0 +1,19 @@ +commit b257545675ae4564d866758eb3ef4230d7c1ede2 +Author: D. Hugh Redelmeier +Date: Tue Sep 25 17:14:36 2018 -0400 + + libipsecconf: fix off-by-one in config file "include" handling + +diff --git a/lib/libipsecconf/parser.l b/lib/libipsecconf/parser.l +index cc2faf5c9..aad2fc9b2 100644 +--- a/lib/libipsecconf/parser.l ++++ b/lib/libipsecconf/parser.l +@@ -260,7 +260,7 @@ int parser_y_include (const char *filename) + case 0: + /* success */ + +- if (ic_private.stack_ptr >= MAX_INCLUDE_DEPTH) { ++ if (ic_private.stack_ptr >= MAX_INCLUDE_DEPTH - 1) { + yyerror("max inclusion depth reached"); + return 1; + } diff --git a/SOURCES/libreswan-3.25-1664244-xauth-null-pwd.patch b/SOURCES/libreswan-3.25-1664244-xauth-null-pwd.patch new file mode 100644 index 0000000..b9b3598 --- /dev/null +++ b/SOURCES/libreswan-3.25-1664244-xauth-null-pwd.patch @@ -0,0 +1,47 @@ +diff -Naur libreswan-3.25-orig/include/chunk.h libreswan-3.25/include/chunk.h +--- libreswan-3.25-orig/include/chunk.h 2018-06-27 11:42:26.000000000 -0400 ++++ libreswan-3.25/include/chunk.h 2018-12-14 13:30:29.269684194 -0500 +@@ -55,6 +55,9 @@ + + chunk_t clone_chunk(chunk_t old, const char *name); + ++/* always NUL terminated; NULL is NULL */ ++char *clone_chunk_as_string(chunk_t chunk, const char *name); ++ + /* note: the caller must free the result */ + char *str_from_chunk(chunk_t c, const char *name); + +diff -Naur libreswan-3.25-orig/lib/libswan/chunk.c libreswan-3.25/lib/libswan/chunk.c +--- libreswan-3.25-orig/lib/libswan/chunk.c 2018-06-27 11:42:26.000000000 -0400 ++++ libreswan-3.25/lib/libswan/chunk.c 2018-12-14 13:29:24.077050581 -0500 +@@ -49,3 +49,16 @@ + s[c.len] = '\0'; /* redundant */ + return s; + } ++ ++char *clone_chunk_as_string(chunk_t chunk, const char *name) ++{ ++ if (chunk.ptr == NULL) { ++ return NULL; ++ } else if (chunk.len > 0 && chunk.ptr[chunk.len - 1] == '\0') { ++ return clone_bytes(chunk.ptr, chunk.len, name); ++ } else { ++ char *string = alloc_things(char, chunk.len + 1, name); ++ memcpy(string, chunk.ptr, chunk.len); ++ return string; ++ } ++} +diff -Naur libreswan-3.25-orig/programs/pluto/ikev1_xauth.c libreswan-3.25/programs/pluto/ikev1_xauth.c +--- libreswan-3.25-orig/programs/pluto/ikev1_xauth.c 2018-06-27 11:42:26.000000000 -0400 ++++ libreswan-3.25/programs/pluto/ikev1_xauth.c 2018-12-14 13:29:24.078050590 -0500 +@@ -1214,8 +1214,8 @@ + return 0; + #endif + +- char *arg_name = str_from_chunk(*name, "XAUTH Name"); +- char *arg_password = str_from_chunk(*password, "XAUTH Name"); ++ char *arg_name = clone_chunk_as_string(*name, "XAUTH Name"); ++ char *arg_password = clone_chunk_as_string(*password, "XAUTH Name"); + + /* + * For XAUTH, we're flipping between retransmitting the packet diff --git a/SOURCES/libreswan-3.25-1664521-fips-keysize.patch b/SOURCES/libreswan-3.25-1664521-fips-keysize.patch new file mode 100644 index 0000000..e382f8c --- /dev/null +++ b/SOURCES/libreswan-3.25-1664521-fips-keysize.patch @@ -0,0 +1,35 @@ +diff --git a/programs/pluto/connections.c b/programs/pluto/connections.c +index 45e5bee1f..db1ac5303 100644 +--- a/programs/pluto/connections.c ++++ b/programs/pluto/connections.c +@@ -846,9 +846,10 @@ static void load_end_nss_certificate(const char *which, CERTCertificate *cert, + if (libreswan_fipsmode()) { + SECKEYPublicKey *pk = CERT_ExtractPublicKey(cert); + passert(pk != NULL); +- if (pk->u.rsa.modulus.len < FIPS_MIN_RSA_KEY_SIZE) { ++ if (pk->u.rsa.modulus.len * BITS_PER_BYTE < FIPS_MIN_RSA_KEY_SIZE) { + whack_log(RC_FATAL, +- "FIPS: Rejecting cert with key size under %d", ++ "FIPS: Rejecting cert with key size %d which is under %d", ++ pk->u.rsa.modulus.len * BITS_PER_BYTE, + FIPS_MIN_RSA_KEY_SIZE); + SECKEY_DestroyPublicKey(pk); + return; +diff --git a/programs/pluto/nss_cert_verify.c b/programs/pluto/nss_cert_verify.c +index b4de167bb..9b031354b 100644 +--- a/programs/pluto/nss_cert_verify.c ++++ b/programs/pluto/nss_cert_verify.c +@@ -460,9 +460,10 @@ static bool import_der_cert(CERTCertDBHandle *handle, + if (libreswan_fipsmode()) { + SECKEYPublicKey *pk = CERT_ExtractPublicKey(cert); + passert(pk != NULL); +- if (pk->u.rsa.modulus.len < FIPS_MIN_RSA_KEY_SIZE) { +- libreswan_log("FIPS: Rejecting cert with key size under %d", +- FIPS_MIN_RSA_KEY_SIZE); ++ if ((pk->u.rsa.modulus.len * BITS_PER_BYTE) < FIPS_MIN_RSA_KEY_SIZE) { ++ libreswan_log("FIPS: Rejecting peer cert with key size %d under %d", ++ pk->u.rsa.modulus.len * BITS_PER_BYTE, ++ FIPS_MIN_RSA_KEY_SIZE); + SECKEY_DestroyPublicKey(pk); + /* + * XXX: Since the certificate isn't added to diff --git a/SOURCES/libreswan-3.25-EKU-1639404.patch b/SOURCES/libreswan-3.25-EKU-1639404.patch new file mode 100644 index 0000000..7249f6c --- /dev/null +++ b/SOURCES/libreswan-3.25-EKU-1639404.patch @@ -0,0 +1,108 @@ +diff --git a/lib/libswan/Makefile b/lib/libswan/Makefile +index 510148ad1..0f5c26228 100644 +--- a/lib/libswan/Makefile ++++ b/lib/libswan/Makefile +@@ -200,10 +200,6 @@ CFLAGS+=-I${LIBRESWANSRCDIR}/include ${PORTINCLUDE} + CFLAGS+=$(USERLAND_CFLAGS) + CFLAGS+=${CROSSFLAGS} + +-ifeq ($(NSS_REQ_AVA_COPY),true) +-CFLAGS+=-DNSS_REQ_AVA_COPY +-endif +- + OBJS += $(abs_builddir)/version.o + + include $(top_srcdir)/mk/library.mk +diff --git a/mk/config.mk b/mk/config.mk +index 3f2bd55c1..fcdabd1fb 100644 +--- a/mk/config.mk ++++ b/mk/config.mk +@@ -242,6 +242,17 @@ NSPR_LDFLAGS ?= -lnspr4 + # Use nss copy for CERT_CompareAVA + # See https://bugzilla.mozilla.org/show_bug.cgi?id=1336487 + NSS_REQ_AVA_COPY?=true ++ifeq ($(NSS_REQ_AVA_COPY),true) ++NSSFLAGS+=-DNSS_REQ_AVA_COPY ++endif ++ ++# Use nss IPsec profile for X509 validation. This is less restrictive ++# ok EKU's. This is not yet in upstream nss. ++# See https://bugzilla.mozilla.org/show_bug.cgi?id=1252891 ++NSS_HAS_IPSEC_PROFILE?=false ++ifeq ($(NSS_HAS_IPSEC_PROFILE),true) ++NSSFLAGS+=-DNSS_IPSEC_PROFILE ++endif + + # Use a local copy of xfrm.h. This can be needed on older systems + # that do not ship linux/xfrm.h, or when the shipped version is too +diff --git a/programs/pluto/nss_cert_verify.c b/programs/pluto/nss_cert_verify.c +index 95c637f53..7d458ac2a 100644 +--- a/programs/pluto/nss_cert_verify.c ++++ b/programs/pluto/nss_cert_verify.c +@@ -299,6 +299,28 @@ static int vfy_chain_pkix(CERTCertificate **chain, int chain_len, + cvout[1].value.pointer.chain = NULL; + cvout[2].type = cert_po_end; + ++ int fin; ++ ++#ifdef NSS_IPSEC_PROFILE ++ SECStatus rv = CERT_PKIXVerifyCert(end_cert, certificateUsageIPsec, ++ cvin, cvout, NULL); ++ if (rv != SECSuccess || cur_log->count > 0) { ++ if (cur_log->count > 0 && cur_log->head != NULL) { ++ fin = nss_err_to_revfail(cur_log->head); ++ } else { ++ /* ++ * An rv != SECSuccess without CERTVerifyLog ++ * results should not * happen, but catch it anyway ++ */ ++ loglog(RC_LOG_SERIOUS, "X509: unspecified NSS verification failure"); ++ fin = VERIFY_RET_FAIL; ++ } ++ } else { ++ DBG(DBG_X509, DBG_log("certificate is valid")); ++ *end_out = end_cert; ++ fin = VERIFY_RET_OK; ++ } ++#else + /* kludge alert!! + * verification may be performed twice: once with the + * 'client' usage and once with 'server', which is an NSS +@@ -307,12 +329,10 @@ static int vfy_chain_pkix(CERTCertificate **chain, int chain_len, + * KU/EKU combinations + */ + +- int fin; + SECCertificateUsage usage; + + for (usage = certificateUsageSSLClient; ; usage = certificateUsageSSLServer) { + SECStatus rv = CERT_PKIXVerifyCert(end_cert, usage, cvin, cvout, NULL); +- + if (rv != SECSuccess || cur_log->count > 0) { + if (cur_log->count > 0 && cur_log->head != NULL) { + if (usage == certificateUsageSSLClient && +@@ -346,6 +366,7 @@ static int vfy_chain_pkix(CERTCertificate **chain, int chain_len, + } + break; + } ++#endif + pexpect(fin != 0); + + CERT_DestroyCertList(trustcl); +diff --git a/programs/pluto/plutomain.c b/programs/pluto/plutomain.c +index 50582822d..007d73f45 100644 +--- a/programs/pluto/plutomain.c ++++ b/programs/pluto/plutomain.c +@@ -180,6 +180,12 @@ static const char compile_time_interop_options[] = "" + " BROKEN_POPEN" + #endif + " NSS" ++#ifdef NSS_REQ_AVA_COPY ++ " (AVA copy)" ++#endif ++#ifdef NSS_IPSEC_PROFILE ++ " (IPsec profile)" ++#endif + #ifdef USE_DNSSEC + " DNSSEC" + #endif diff --git a/SPECS/libreswan.spec b/SPECS/libreswan.spec index f20c017..ae1137e 100644 --- a/SPECS/libreswan.spec +++ b/SPECS/libreswan.spec @@ -13,7 +13,7 @@ %global USE_NM true %global USE_LINUX_AUDIT true %global USE_SECCOMP true - +%global NSS_HAS_IPSEC_PROFILE true %if 0%{?fedora} %global rhel 7 @@ -24,7 +24,7 @@ Name: libreswan Summary: IPsec implementation with IKEv1 and IKEv2 keying protocols Version: 3.25 -Release: %{?prever:0.}2%{?prever:.%{prever}}%{?dist} +Release: %{?prever:0.}4.1%{?prever:.%{prever}}%{?dist} License: GPLv2 Group: System Environment/Daemons Url: https://libreswan.org/ @@ -35,14 +35,23 @@ Source3: ikev2.fax.bz2 Patch1: libreswan-3.25-alg_info.patch Patch2: libreswan-3.25-relax-delete.patch +Patch3: libreswan-3.25-EKU-1639404.patch +Patch4: libreswan-3.23-zerolengthkey.patch +Patch5: libreswan-3.25-1625303-recursive-incl.patch +Patch6: libreswan-3.23-del-with-notify-1630355.patch +Patch7: libreswan-3.25-1664244-xauth-null-pwd.patch +Patch8: libreswan-3.25-1664521-fips-keysize.patch Requires: iproute >= 2.6.8 Requires: nss-tools nss-softokn BuildRequires: bison flex redhat-rpm-config pkgconfig -BuildRequires: nss-devel >= 3.16.1 nspr-devel +BuildRequires: nspr-devel BuildRequires: pam-devel BuildRequires: xmlto +# minimum nss version for IPsec profile support, see rhbz#1212132 +Requires: nss >= 3.36.0-7.1 +BuildRequires: nss-devel >= 3.36.0-7.1 %if %{?rhel} <= 6 BuildRequires: libevent2-devel net-tools @@ -123,6 +132,12 @@ Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04 %setup -q -n libreswan-%{version}%{?prever} %patch1 -p1 %patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 %build %if %{buildefence} @@ -162,6 +177,7 @@ make %{?_smp_mflags} \ %endif USE_DNSSEC="%{USE_DNSSEC}" \ USE_SECCOMP="%{USE_SECCOMP}" \ + NSS_HAS_IPSEC_PROFILE="%{NSS_HAS_IPSEC_PROFILE}" \ USE_DH22=true \ programs FS=$(pwd) @@ -215,6 +231,7 @@ make \ %endif USE_DNSSEC="%{USE_DNSSEC}" \ USE_SECCOMP="%{USE_SECCOMP}" \ + NSS_HAS_IPSEC_PROFILE="%{NSS_HAS_IPSEC_PROFILE}" \ USE_DH22=true \ install FS=$(pwd) @@ -324,6 +341,18 @@ fi %endif %changelog +* Fri Jan 11 2019 Paul Wouters - 3.25-4.1 +- Resolves: rhbz#1665369 libreswan 3.25 in FIPS mode is incorrectly rejecting X.509 public keys that are >= 3072 bits [rhel-7.6.z] + +* Tue Jan 08 2019 Paul Wouters - 3.25-4 +- Resolves: rhbz#1660536 libreswan assertion failed when OAKLEY_KEY_LENGTH is zero for IKE using AES_CBC +- Resolves: rhbz#1660544 config: recursive include check doesn't work +- Resolves: rhbz#1660542 Libreswan crash upon receiving ISAKMP_NEXT_D with appended ISAKMP_NEXT_N +- Resolves: rhbz#1664244 [abrt] [faf] libreswan: strncpy(): /usr/libexec/ipsec/pluto killed by 11 + +* Mon Dec 03 2018 Paul Wouters - 3.25-3 +- Resolves: rhbz#1655440 Unable to verify certificate with non-empty Extended Key Usage which does not include serverAuth or clientAuth + * Mon Jul 02 2018 Paul Wouters - 3.25-2 - Resolves: rhbz#1597322 Relax deleting IKE SA's and IPsec SA's to avoid interop issues with third party VPN vendors