summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
Diffstat (limited to 'debian')
-rw-r--r--debian/changelog7
-rw-r--r--debian/patches/cve-2013-2061.patch81
-rw-r--r--debian/patches/series1
3 files changed, 89 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 4ece483..3793ce7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+openvpn (2.3.0-2) unstable; urgency=low
+
+ * Applied patch use of non-constant-time memcmp in HMAC comparison.
+ (Closes: #707329)
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org> Fri, 17 May 2013 11:54:31 +0200
+
openvpn (2.3.0-1) experimental; urgency=low
* New upstream release
diff --git a/debian/patches/cve-2013-2061.patch b/debian/patches/cve-2013-2061.patch
new file mode 100644
index 0000000..531a27b
--- /dev/null
+++ b/debian/patches/cve-2013-2061.patch
@@ -0,0 +1,81 @@
+From 11d21349a4e7e38a025849479b36ace7c2eec2ee Mon Sep 17 00:00:00 2001
+From: Steffan Karger <steffan.karger@fox-it.com>
+Date: Tue, 19 Mar 2013 13:01:50 +0100
+Subject: [PATCH] Use constant time memcmp when comparing HMACs in
+ openvpn_decrypt.
+
+Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
+Acked-by: Gert Doering <gert@greenie.muc.de>
+Signed-off-by: Gert Doering <gert@greenie.muc.de>
+---
+ src/openvpn/buffer.h | 8 ++++++++
+ src/openvpn/crypto.c | 20 +++++++++++++++++++-
+ 2 files changed, 27 insertions(+), 1 deletion(-)
+
+diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h
+index 7cae733..93efb09 100644
+--- a/src/openvpn/buffer.h
++++ b/src/openvpn/buffer.h
+@@ -668,6 +668,10 @@ bool openvpn_snprintf(char *str, size_t size, const char *format, ...)
+ }
+ }
+
++/**
++ * Compare src buffer contents with match.
++ * *NOT* constant time. Do not use when comparing HMACs.
++ */
+ static inline bool
+ buf_string_match (const struct buffer *src, const void *match, int size)
+ {
+@@ -676,6 +680,10 @@ bool openvpn_snprintf(char *str, size_t size, const char *format, ...)
+ return memcmp (BPTR (src), match, size) == 0;
+ }
+
++/**
++ * Compare first size bytes of src buffer contents with match.
++ * *NOT* constant time. Do not use when comparing HMACs.
++ */
+ static inline bool
+ buf_string_match_head (const struct buffer *src, const void *match, int size)
+ {
+diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c
+index 405c0aa..d9adf5b 100644
+--- a/src/openvpn/crypto.c
++++ b/src/openvpn/crypto.c
+@@ -65,6 +65,24 @@
+ #define CRYPT_ERROR(format) \
+ do { msg (D_CRYPT_ERRORS, "%s: " format, error_prefix); goto error_exit; } while (false)
+
++/**
++ * As memcmp(), but constant-time.
++ * Returns 0 when data is equal, non-zero otherwise.
++ */
++static int
++memcmp_constant_time (const void *a, const void *b, size_t size) {
++ const uint8_t * a1 = a;
++ const uint8_t * b1 = b;
++ int ret = 0;
++ size_t i;
++
++ for (i = 0; i < size; i++) {
++ ret |= *a1++ ^ *b1++;
++ }
++
++ return ret;
++}
++
+ void
+ openvpn_encrypt (struct buffer *buf, struct buffer work,
+ const struct crypto_options *opt,
+@@ -244,7 +262,7 @@
+ hmac_ctx_final (ctx->hmac, local_hmac);
+
+ /* Compare locally computed HMAC with packet HMAC */
+- if (memcmp (local_hmac, BPTR (buf), hmac_len))
++ if (memcmp_constant_time (local_hmac, BPTR (buf), hmac_len))
+ CRYPT_ERROR ("packet HMAC authentication failed");
+
+ ASSERT (buf_advance (buf, hmac_len));
+--
+1.8.1.6
+
diff --git a/debian/patches/series b/debian/patches/series
index f37465a..fac69c7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
+cve-2013-2061.patch
auth-pam_libpam_so_filename.patch
close_socket_before_scripts.patch
debian_nogroup_for_sample_files.patch