1 |
commit: 56ce8ace503d45e60b72a79222bb6aada4c76124 |
2 |
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Jun 2 12:41:04 2021 +0000 |
4 |
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Jun 2 12:59:30 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=56ce8ace |
7 |
|
8 |
net-wireless/hostapd: fix CVE-2021-30004 |
9 |
|
10 |
Bug: https://bugs.gentoo.org/780135 |
11 |
Package-Manager: Portage-3.0.19, Repoman-3.0.3 |
12 |
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> |
13 |
|
14 |
...date-DigestAlgorithmIdentifier-parameters.patch | 115 +++++++++++++++++++++ |
15 |
.../{hostapd-9999.ebuild => hostapd-2.9-r4.ebuild} | 4 +- |
16 |
net-wireless/hostapd/hostapd-9999.ebuild | 2 + |
17 |
3 files changed, 120 insertions(+), 1 deletion(-) |
18 |
|
19 |
diff --git a/net-wireless/hostapd/files/hostapd-2.9-ASN-1-Validate-DigestAlgorithmIdentifier-parameters.patch b/net-wireless/hostapd/files/hostapd-2.9-ASN-1-Validate-DigestAlgorithmIdentifier-parameters.patch |
20 |
new file mode 100644 |
21 |
index 00000000000..8c8ba933550 |
22 |
--- /dev/null |
23 |
+++ b/net-wireless/hostapd/files/hostapd-2.9-ASN-1-Validate-DigestAlgorithmIdentifier-parameters.patch |
24 |
@@ -0,0 +1,115 @@ |
25 |
+From a0541334a6394f8237a4393b7372693cd7e96f15 Mon Sep 17 00:00:00 2001 |
26 |
+From: Jouni Malinen <j@××.fi> |
27 |
+Date: Sat, 13 Mar 2021 18:19:31 +0200 |
28 |
+Subject: ASN.1: Validate DigestAlgorithmIdentifier parameters |
29 |
+ |
30 |
+The supported hash algorithms do not use AlgorithmIdentifier parameters. |
31 |
+However, there are implementations that include NULL parameters in |
32 |
+addition to ones that omit the parameters. Previous implementation did |
33 |
+not check the parameters value at all which supported both these cases, |
34 |
+but did not reject any other unexpected information. |
35 |
+ |
36 |
+Use strict validation of digest algorithm parameters and reject any |
37 |
+unexpected value when validating a signature. This is needed to prevent |
38 |
+potential forging attacks. |
39 |
+ |
40 |
+Signed-off-by: Jouni Malinen <j@××.fi> |
41 |
+--- |
42 |
+ src/tls/pkcs1.c | 21 +++++++++++++++++++++ |
43 |
+ src/tls/x509v3.c | 20 ++++++++++++++++++++ |
44 |
+ 2 files changed, 41 insertions(+) |
45 |
+ |
46 |
+diff --git a/src/tls/pkcs1.c b/src/tls/pkcs1.c |
47 |
+index bbdb0d7..5761dfe 100644 |
48 |
+--- a/src/tls/pkcs1.c |
49 |
++++ b/src/tls/pkcs1.c |
50 |
+@@ -244,6 +244,8 @@ int pkcs1_v15_sig_ver(struct crypto_public_key *pk, |
51 |
+ os_free(decrypted); |
52 |
+ return -1; |
53 |
+ } |
54 |
++ wpa_hexdump(MSG_MSGDUMP, "PKCS #1: DigestInfo", |
55 |
++ hdr.payload, hdr.length); |
56 |
+ |
57 |
+ pos = hdr.payload; |
58 |
+ end = pos + hdr.length; |
59 |
+@@ -265,6 +267,8 @@ int pkcs1_v15_sig_ver(struct crypto_public_key *pk, |
60 |
+ os_free(decrypted); |
61 |
+ return -1; |
62 |
+ } |
63 |
++ wpa_hexdump(MSG_MSGDUMP, "PKCS #1: DigestAlgorithmIdentifier", |
64 |
++ hdr.payload, hdr.length); |
65 |
+ da_end = hdr.payload + hdr.length; |
66 |
+ |
67 |
+ if (asn1_get_oid(hdr.payload, hdr.length, &oid, &next)) { |
68 |
+@@ -273,6 +277,23 @@ int pkcs1_v15_sig_ver(struct crypto_public_key *pk, |
69 |
+ os_free(decrypted); |
70 |
+ return -1; |
71 |
+ } |
72 |
++ wpa_hexdump(MSG_MSGDUMP, "PKCS #1: Digest algorithm parameters", |
73 |
++ next, da_end - next); |
74 |
++ |
75 |
++ /* |
76 |
++ * RFC 5754: The correct encoding for the SHA2 algorithms would be to |
77 |
++ * omit the parameters, but there are implementation that encode these |
78 |
++ * as a NULL element. Allow these two cases and reject anything else. |
79 |
++ */ |
80 |
++ if (da_end > next && |
81 |
++ (asn1_get_next(next, da_end - next, &hdr) < 0 || |
82 |
++ !asn1_is_null(&hdr) || |
83 |
++ hdr.payload + hdr.length != da_end)) { |
84 |
++ wpa_printf(MSG_DEBUG, |
85 |
++ "PKCS #1: Unexpected digest algorithm parameters"); |
86 |
++ os_free(decrypted); |
87 |
++ return -1; |
88 |
++ } |
89 |
+ |
90 |
+ if (!asn1_oid_equal(&oid, hash_alg)) { |
91 |
+ char txt[100], txt2[100]; |
92 |
+diff --git a/src/tls/x509v3.c b/src/tls/x509v3.c |
93 |
+index a8944dd..df337ec 100644 |
94 |
+--- a/src/tls/x509v3.c |
95 |
++++ b/src/tls/x509v3.c |
96 |
+@@ -1964,6 +1964,7 @@ int x509_check_signature(struct x509_certificate *issuer, |
97 |
+ os_free(data); |
98 |
+ return -1; |
99 |
+ } |
100 |
++ wpa_hexdump(MSG_MSGDUMP, "X509: DigestInfo", hdr.payload, hdr.length); |
101 |
+ |
102 |
+ pos = hdr.payload; |
103 |
+ end = pos + hdr.length; |
104 |
+@@ -1985,6 +1986,8 @@ int x509_check_signature(struct x509_certificate *issuer, |
105 |
+ os_free(data); |
106 |
+ return -1; |
107 |
+ } |
108 |
++ wpa_hexdump(MSG_MSGDUMP, "X509: DigestAlgorithmIdentifier", |
109 |
++ hdr.payload, hdr.length); |
110 |
+ da_end = hdr.payload + hdr.length; |
111 |
+ |
112 |
+ if (asn1_get_oid(hdr.payload, hdr.length, &oid, &next)) { |
113 |
+@@ -1992,6 +1995,23 @@ int x509_check_signature(struct x509_certificate *issuer, |
114 |
+ os_free(data); |
115 |
+ return -1; |
116 |
+ } |
117 |
++ wpa_hexdump(MSG_MSGDUMP, "X509: Digest algorithm parameters", |
118 |
++ next, da_end - next); |
119 |
++ |
120 |
++ /* |
121 |
++ * RFC 5754: The correct encoding for the SHA2 algorithms would be to |
122 |
++ * omit the parameters, but there are implementation that encode these |
123 |
++ * as a NULL element. Allow these two cases and reject anything else. |
124 |
++ */ |
125 |
++ if (da_end > next && |
126 |
++ (asn1_get_next(next, da_end - next, &hdr) < 0 || |
127 |
++ !asn1_is_null(&hdr) || |
128 |
++ hdr.payload + hdr.length != da_end)) { |
129 |
++ wpa_printf(MSG_DEBUG, |
130 |
++ "X509: Unexpected digest algorithm parameters"); |
131 |
++ os_free(data); |
132 |
++ return -1; |
133 |
++ } |
134 |
+ |
135 |
+ if (x509_sha1_oid(&oid)) { |
136 |
+ if (signature->oid.oid[6] != 5 /* sha-1WithRSAEncryption */) { |
137 |
+-- |
138 |
+cgit v0.12 |
139 |
+ |
140 |
|
141 |
diff --git a/net-wireless/hostapd/hostapd-9999.ebuild b/net-wireless/hostapd/hostapd-2.9-r4.ebuild |
142 |
similarity index 98% |
143 |
copy from net-wireless/hostapd/hostapd-9999.ebuild |
144 |
copy to net-wireless/hostapd/hostapd-2.9-r4.ebuild |
145 |
index 515d2b26e21..c94f67d82ad 100644 |
146 |
--- a/net-wireless/hostapd/hostapd-9999.ebuild |
147 |
+++ b/net-wireless/hostapd/hostapd-2.9-r4.ebuild |
148 |
@@ -69,6 +69,8 @@ src_prepare() { |
149 |
eapply "${FILESDIR}/${P}-0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch" |
150 |
eapply "${FILESDIR}/${P}-0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch" |
151 |
eapply "${FILESDIR}/${P}-0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch" |
152 |
+ # CVE-2021-30004 bug #780135 |
153 |
+ eapply "${FILESDIR}/${P}-ASN-1-Validate-DigestAlgorithmIdentifier-parameters.patch" |
154 |
|
155 |
popd >/dev/null || die |
156 |
|
157 |
@@ -202,7 +204,7 @@ src_configure() { |
158 |
src_compile() { |
159 |
emake V=1 |
160 |
|
161 |
- if use internal-tls; then |
162 |
+ if ! use internal-tls; then |
163 |
emake V=1 nt_password_hash |
164 |
emake V=1 hlr_auc_gw |
165 |
fi |
166 |
|
167 |
diff --git a/net-wireless/hostapd/hostapd-9999.ebuild b/net-wireless/hostapd/hostapd-9999.ebuild |
168 |
index 515d2b26e21..92074dc1872 100644 |
169 |
--- a/net-wireless/hostapd/hostapd-9999.ebuild |
170 |
+++ b/net-wireless/hostapd/hostapd-9999.ebuild |
171 |
@@ -69,6 +69,8 @@ src_prepare() { |
172 |
eapply "${FILESDIR}/${P}-0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch" |
173 |
eapply "${FILESDIR}/${P}-0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch" |
174 |
eapply "${FILESDIR}/${P}-0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch" |
175 |
+ # CVE-2021-30004 bug #780135 |
176 |
+ eapply "${FILESDIR}/${P}-ASN-1-Validate-DigestAlgorithmIdentifier-parameters.patch" |
177 |
|
178 |
popd >/dev/null || die |