diff --git a/SOURCES/libreswan-3.23-fips-newkey-1544143.patch b/SOURCES/libreswan-3.23-fips-newkey-1544143.patch new file mode 100644 index 0000000..8991311 --- /dev/null +++ b/SOURCES/libreswan-3.23-fips-newkey-1544143.patch @@ -0,0 +1,32 @@ +diff --git a/programs/rsasigkey/rsasigkey.c b/programs/rsasigkey/rsasigkey.c +index f525333bfd..2da148c85d 100644 +--- a/programs/rsasigkey/rsasigkey.c ++++ b/programs/rsasigkey/rsasigkey.c +@@ -266,10 +266,7 @@ int main(int argc, char *argv[]) + /* + * generate an RSA signature key + * +- * e is fixed at 3, without discussion. That would not be wise if these +- * keys were to be used for encryption, but for signatures there are some +- * real speed advantages. +- * See also: https://www.imperialviolet.org/2012/03/16/rsae.html ++ * e is fixed at F4. + */ + void rsasigkey(int nbits, int seedbits, const struct lsw_conf_options *oco) + { +@@ -285,15 +282,6 @@ void rsasigkey(int nbits, int seedbits, const struct lsw_conf_options *oco) + exit(1); + } + +-#ifdef FIPS_CHECK +- if (PK11_IsFIPS() && !FIPSCHECK_verify(NULL, NULL)) { +- fprintf(stderr, +- "FIPS HMAC integrity verification test failed.\n"); +- exit(1); +- } +-#endif +- +- /* Good for now but someone may want to use a hardware token */ + slot = lsw_nss_get_authenticated_slot(err); + if (slot == NULL) { + fprintf(stderr, "%s: %s\n", progname, err); diff --git a/SOURCES/libreswan-3.23-liveness-1553406.patch b/SOURCES/libreswan-3.23-liveness-1553406.patch new file mode 100644 index 0000000..a98bb65 --- /dev/null +++ b/SOURCES/libreswan-3.23-liveness-1553406.patch @@ -0,0 +1,18 @@ +diff -Naur libreswan-3.23-orig/programs/pluto/ikev2_parent.c libreswan-3.23/programs/pluto/ikev2_parent.c +--- libreswan-3.23-orig/programs/pluto/ikev2_parent.c 2018-04-27 14:08:15.514571020 -0400 ++++ libreswan-3.23/programs/pluto/ikev2_parent.c 2018-04-27 14:08:53.835299450 -0400 +@@ -6076,6 +6076,14 @@ + md->st = st = NULL; + } else if (!responding && + md->chain[ISAKMP_NEXT_v2D] == NULL) { ++ /* A liveness update response */ ++ /* ??? why wouldn't any INFORMATIONAL count, even one that ++ * is actually deleting SAs? ++ */ ++ DBG(DBG_CONTROLMORE, ++ DBG_log("Received an INFORMATIONAL response; updating liveness, no longer pending.")); ++ st->st_last_liveness = mononow(); ++ st->st_pend_liveness = FALSE; + } else if (del_ike) { + /* + * If we are deleting the Parent SA, the Child SAs will be torn down as well, diff --git a/SOURCES/libreswan-3.23-rekey-1572425.patch b/SOURCES/libreswan-3.23-rekey-1572425.patch new file mode 100644 index 0000000..7af43f7 --- /dev/null +++ b/SOURCES/libreswan-3.23-rekey-1572425.patch @@ -0,0 +1,86 @@ +diff -Naur libreswan-3.23-orig/programs/pluto/ikev2.c libreswan-3.23/programs/pluto/ikev2.c +--- libreswan-3.23-orig/programs/pluto/ikev2.c 2018-01-25 15:19:46.000000000 -0500 ++++ libreswan-3.23/programs/pluto/ikev2.c 2018-04-26 21:55:22.841931926 -0400 +@@ -917,7 +917,12 @@ + + if (is_msg_request(md)) { + /* this a new IKE request and not a response */ +- if (md->from_state == STATE_V2_CREATE_R) { ++ if (resp_state_with_msgid(pst->st_serialno, ++ htonl(md->msgid_received)) != NULL) { ++ what = "CREATE_CHILD_SA Request retransmission ignored"; ++ st = NULL; ++ ++ } else if (md->from_state == STATE_V2_CREATE_R) { + what = "Child SA Request"; + st = duplicate_state(pst, IPSEC_SA); + change_state(st, STATE_V2_CREATE_R); +diff -Naur libreswan-3.23-orig/programs/pluto/ikev2_parent.c libreswan-3.23/programs/pluto/ikev2_parent.c +--- libreswan-3.23-orig/programs/pluto/ikev2_parent.c 2018-04-26 21:54:36.863176992 -0400 ++++ libreswan-3.23/programs/pluto/ikev2_parent.c 2018-04-26 21:55:22.843931915 -0400 +@@ -5009,6 +5009,8 @@ + ikev2_print_ts(&rst->st_ts_this); + ikev2_print_ts(&rst->st_ts_that); + ++ st->st_connection = rst->st_connection; ++ + ret = STF_OK; + } + +diff -Naur libreswan-3.23-orig/programs/pluto/state.c libreswan-3.23/programs/pluto/state.c +--- libreswan-3.23-orig/programs/pluto/state.c 2018-01-25 15:19:46.000000000 -0500 ++++ libreswan-3.23/programs/pluto/state.c 2018-04-26 21:55:22.842931921 -0400 +@@ -592,6 +592,39 @@ + } + return FALSE; + } ++ ++static bool ikev2_child_resp_eq_pst_msgid(const struct state *st, ++ so_serial_t psn, msgid_t st_msgid) ++{ ++ if (st->st_clonedfrom == psn && ++ st->st_msgid == st_msgid && ++ IS_CHILD_SA_RESPONDER(st)) { ++ return TRUE; ++ } ++ return FALSE; ++} ++ ++/* ++ * Find the state object that match the following: ++ * st_msgid (IKEv2 Child responder state) ++ * parent duplicated from ++ * expected state ++ */ ++ ++struct state *resp_state_with_msgid(so_serial_t psn, msgid_t st_msgid) ++{ ++ passert(psn >= SOS_FIRST); ++ ++ FOR_EACH_COOKIED_STATE(st, { ++ if (ikev2_child_resp_eq_pst_msgid(st, psn, st_msgid)) ++ return st; ++ }); ++ DBG(DBG_CONTROL, ++ DBG_log("no waiting child state matching pst #%lu msg id %u", ++ psn, ntohs(st_msgid))); ++ return NULL; ++} ++ + /* + * Find the state object that match the following: + * st_msgid (IKE/IPsec initiator state) +diff -Naur libreswan-3.23-orig/programs/pluto/state.h libreswan-3.23/programs/pluto/state.h +--- libreswan-3.23-orig/programs/pluto/state.h 2018-01-25 15:19:46.000000000 -0500 ++++ libreswan-3.23/programs/pluto/state.h 2018-04-26 21:55:22.842931921 -0400 +@@ -684,7 +684,9 @@ + const struct connection *c, + lset_t ok_states); + +-struct state *state_with_parent_msgid_expect(so_serial_t psn, msgid_t st_msgid, ++extern struct state *resp_state_with_msgid(so_serial_t psn, msgid_t st_msgid); ++ ++extern struct state *state_with_parent_msgid_expect(so_serial_t psn, msgid_t st_msgid, + enum state_kind expected_state); + + extern struct state *find_state_ikev2_parent(const u_char *icookie, diff --git a/SPECS/libreswan.spec b/SPECS/libreswan.spec index 51209f3..f7acbd5 100644 --- a/SPECS/libreswan.spec +++ b/SPECS/libreswan.spec @@ -24,7 +24,7 @@ Name: libreswan Summary: IPsec implementation with IKEv1 and IKEv2 keying protocols Version: 3.23 -Release: %{?prever:0.}3%{?prever:.%{prever}}%{?dist} +Release: %{?prever:0.}5%{?prever:.%{prever}}%{?dist} License: GPLv2 Group: System Environment/Daemons Url: https://libreswan.org/ @@ -36,6 +36,12 @@ Source3: ikev2.fax.bz2 Patch1: libreswan-3.23-seccomp.patch Patch2: libreswan-3.23-fixups.patch Patch3: libreswan-3.23-ppk-update.patch +# rhbz#1573949 +Patch4: libreswan-3.23-fips-newkey-1544143.patch +# rhbz#1574456 +Patch5: libreswan-3.23-rekey-1572425.patch +# rhbz#1574457 +Patch6: libreswan-3.23-liveness-1553406.patch Requires: iproute >= 2.6.8 Requires: nss-tools nss-softokn @@ -64,7 +70,7 @@ Requires(postun): systemd %if %{USE_DNSSEC} BuildRequires: ldns-devel -# should really be >= 1.6.4 once available +Requires: unbound-libs >= 1.6.6 BuildRequires: unbound-devel >= 1.6.6 %endif @@ -125,6 +131,9 @@ Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04 %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 %build %if %{buildefence} @@ -326,6 +335,14 @@ fi %endif %changelog +* Fri May 25 2018 Paul Wouters - 3.23-5 +- Resolves: rhbz#1573949 ipsec newhostkey fails in FIPS mode [spec file only update] + +* Wed May 02 2018 Paul Wouters - 3.23-4 +- Resolves: rhbz#1573949 ipsec newhostkey fails in FIPS mode when RSA key is generated +- Resolves: rhbz#1574456 Shared IKE SA leads to rekey interop issues +- Resolves: rhbz#1574457 IKEv2 liveness false positive on IKEv2 idle connections causes tunnel to be restarted + * Wed Feb 07 2018 Paul Wouters - 3.23-3 - Resolves: rhbz#1471553 libreswan postquantum preshared key (PPK) support [IANA update]