Ubuntu
dovecot package

Merge ~ericeberry/ubuntu/+source/dovecot:ubuntu/noble-devel into ubuntu/+source/dovecot:ubuntu/noble-devel

  1. Git
  2. lp:~ericeberry/ubuntu/+source/dovecot
  3. ubuntu/noble-devel
  4. Merge into ubuntu/noble-devel
Proposed by Eric Berry
Status: Merged
Merged at revision: a8956028197a517a53a4e849db4c9fe0a4a33418
Proposed branch: ~ericeberry/ubuntu/+source/dovecot:ubuntu/noble-devel
Merge into: ubuntu/+source/dovecot:ubuntu/noble-devel
Diff against target: 154 lines (+132/-0)
3 files modified
debian/changelog (+6/-0)
debian/patches/fips-pbkdf2-fix-invalid-salt-length.patch (+125/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
Lukas Märdian (community) Abstain
Vladimir Petko (community) Approve
Review via email: mp+493830@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Vladimir Petko (vpa1977) wrote :

Please see https://code.launchpad.net/~ericeberry/ubuntu/+source/dovecot/+git/dovecot/+merge/486602/comments/1345867

review: Needs Fixing
Revision history for this message
Eric Berry (ericeberry) wrote :

> Please see https://code.launchpad.net/~ericeberry/ubuntu/+source/dovecot/+git/
> dovecot/+merge/486602/comments/1345867

> Hi,
>
> it looks this the patch is incomplete, the upstream patch also updates salt
> length in `dcrypt_openssl_encrypt_private_key_dovecot` [1].
>
> Some nits:
> - it may be easier for reviewers if you provide a separate patch per upstream
> commit.
> - Description: field should contain a short description, commit message is a
> good canidate: lib-dcrypt: Increase salt to 16 bytes for dovecot v2 keys
> - The long description can expand on that
> - If we adapt upstream patch, we should use backport, url
>
>
>
> [1] https://github.com/dovecot/core/commit/dab49bf12228f382f646329974350cf829f
> cdfcb.diff
> [2] https://dep-team.pages.debian.net/deps/dep3/

There are two versions of the dcrypt-openssl.c file. One version for OpenSSL 1.x and one version for OpenSSL 3.x. The file is renamed to decrypt-openssl.c based on which version of OpenSSL is being used. In our case the decrypt-openssl3.c file is renamed to decrypt-openssl.c and that is the file that is patched.

Your requested changes to the the dep3 header have been incorporated.

Is there any way to speed this process up? This patch has been lingering since May. Getting one line feedback from the ubuntu-sponsors team every two months is not helpful or productive.

Revision history for this message
Vladimir Petko (vpa1977) wrote :

Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading dovecot_2.3.21+dfsg1-2ubuntu6.1.dsc: done.
  Uploading dovecot_2.3.21+dfsg1-2ubuntu6.1.debian.tar.xz: done.
  Uploading dovecot_2.3.21+dfsg1-2ubuntu6.1_source.buildinfo: done.
  Uploading dovecot_2.3.21+dfsg1-2ubuntu6.1_source.changes: done.
Successfully uploaded packages.

review: Approve
Revision history for this message
Lukas Märdian (slyon) wrote :

Claiming the ~ubuntu-sponsors review slot, to make it disappear from the sponsoring report, as it has already been uploaded.

review: Abstain

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 71c4f34..9e8120c 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,9 @@
6+dovecot (1:2.3.21+dfsg1-2ubuntu6.1) noble; urgency=medium
7+
8+ * Update PBKDF2 salt length to be FIPS 140-3 compliant (LP: #2107773).
9+
10+ -- Eric Berry <eric.berry@canonical.com> Fri, 03 Oct 2025 15:37:20 -0700
11+
12 dovecot (1:2.3.21+dfsg1-2ubuntu6) noble-security; urgency=medium
13
14 * Patches for CVE-2024-23184, CVE-2024-23185 (LP: #2077324).
15diff --git a/debian/patches/fips-pbkdf2-fix-invalid-salt-length.patch b/debian/patches/fips-pbkdf2-fix-invalid-salt-length.patch
16new file mode 100644
17index 0000000..bd78661
18--- /dev/null
19+++ b/debian/patches/fips-pbkdf2-fix-invalid-salt-length.patch
20@@ -0,0 +1,125 @@
21+Description: lib-dcrypt: Increase salt to 16 bytes for dovecot v2 keys
22+ When one enables FIPS mode on a Jammy system and then
23+ attempts to use Dovecot to create an encrypted mailbox, the module
24+ returns a invalid salt length error. FIPS mode requires a 16 byte
25+ salt for PBEKDF2 and Dovecot is only requesting 8 bytes of salt.
26+ The solution is to modify Dovecot to request 16 bytes of salt.
27+Author: Aki Tuomi <aki.tuomi@open-xchange.com>
28+Origin: backport, https://github.com/dovecot/core/compare/5ebc1e3e56024ea2a0925de99edd7fb1e7b652a7%5E...dab49bf12228f382f646329974350cf829fcdfcb
29+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2107773
30+
31+--- a/src/lib-dcrypt/dcrypt-openssl.c
32++++ b/src/lib-dcrypt/dcrypt-openssl.c
33+@@ -2181,7 +2181,7 @@
34+ bool res;
35+ unsigned char *ptr;
36+
37+- unsigned char salt[8];
38++ unsigned char salt[DCRYPT_DOVECOT_SALT_LEN];
39+ buffer_t *peer_key = t_buffer_create(128);
40+ buffer_t *secret = t_buffer_create(128);
41+ cipher = t_str_lcase(cipher);
42+--- a/src/lib-dcrypt/dcrypt-private.h
43++++ b/src/lib-dcrypt/dcrypt-private.h
44+@@ -8,6 +8,9 @@
45+ #define DCRYPT_DOVECOT_KEY_ENCRYPT_PK 1
46+ #define DCRYPT_DOVECOT_KEY_ENCRYPT_PASSWORD 2
47+
48++/* Fips requires 16 byte salt */
49++#define DCRYPT_DOVECOT_SALT_LEN 16
50++
51+ struct dcrypt_vfs {
52+ bool (*initialize)(const struct dcrypt_settings *set,
53+ const char **error_r);
54+--- a/src/lib-dcrypt/test-crypto.c
55++++ b/src/lib-dcrypt/test-crypto.c
56+@@ -475,7 +475,13 @@
57+ "7d945aa6492275a02881071eceec5749caf2485da8c64fb601"
58+ "229098:ab13d251976dedab546b67354e7678821740dd534b7"
59+ "49c2857f66bf62bbaddfd:ab13d251976dedab546b67354e76"
60+- "78821740dd534b749c2857f66bf62bbaddfd"
61++ "78821740dd534b749c2857f66bf62bbaddfd",
62++ "2:1.3.132.0.35:2:aes-256-ctr:cf9951243f5e609a5e20d"
63++ "353e4011f62:sha256:2048:0c056337f221f5fd287eb3ef48"
64++ "86e596ef3b92e7d33c01a79579b35c8595f8e13cf4bccdb7f5"
65++ "409b095be5179bd94668ad88050ff828617ef3415b9e167d22"
66++ "e7fd95a3f80b3b:15286fe2a53773c64efa2b8fa79d4cd5b46"
67++ "3d422d30bf9103ca97999636e864f",
68+ };
69+
70+ test_begin("test_load_v2_key");
71+@@ -519,6 +525,26 @@
72+ dcrypt_key_unref_private(&priv);
73+ dcrypt_key_unref_public(&pub);
74+
75++ /* Matches the encrypted private key in index 4 */
76++ static const char *pem_key_4 =
77++"-----BEGIN PRIVATE KEY-----\n"
78++"MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBoC5EFaNm/mWOH9Dp\n"
79++"juTNIuRRyKVEFZ0o1R9gPbeza2VvvKYZaIPck2HWEmJGoHOwo+Kc/Fq0Z7ka3Irg\n"
80++"o9CfYlihgYkDgYYABAFNIIDZZR3AYzhDsWvG9t3vznEsAtEZ9jjnhs4foSyfkKsq\n"
81++"Cj7+CY4JZVhHfjpWpPQ4XFRqZzdyCVCyTegVxONCpgEITkmjCd9z4gndS5+zysw9\n"
82++"mG6LOGyxnLz7ZbRqdZ1pqh9+pMk47luCfhGa8RRKjXeJXrU4uE9Uu++fA7zfP95o\n"
83++"Ew==\n"
84++"-----END PRIVATE KEY-----\n";
85++
86++ test_assert_idx(dcrypt_key_load_private(&priv,
87++ keys[4], "password", NULL, &error), 4);
88++ test_assert_idx(dcrypt_key_store_private(priv,
89++ DCRYPT_FORMAT_PEM, NULL, tmp,
90++ NULL, NULL, &error), 4);
91++ test_assert_strcmp_idx(str_c(tmp), pem_key_4, 4);
92++ buffer_set_used_size(tmp, 0);
93++ dcrypt_key_unref_private(&priv);
94++
95+ buffer_free(&tmp);
96+
97+ if (error != NULL) error = NULL;
98+@@ -532,24 +558,35 @@
99+ const char *error;
100+
101+ test_begin("test_load_v2_public_key");
102+- const char *key =
103++ const char *keys[] = {
104+ "2:3058301006072a8648ce3d020106052b810400230344000"
105+ "301c50954e734dd8b410a607764a7057065a45510da52f2c6"
106+ "e28e0cb353b9c389fa8cb786943ae991fce9befed78fb162f"
107+ "bbc615415f06af06c8cc80c37f4e94ff6c7:185a721254278"
108+ "2e239111f9c19d126ad55b18ddaf4883d66afe8d9627c3607"
109+- "d8";
110+-
111+- test_assert(dcrypt_key_load_public(&pub, key, &error));
112+-
113+- buffer_t *tmp = buffer_create_dynamic(default_pool, 256);
114++ "d8",
115++ "2:3058301006072a8648ce3d020106052b810400230344000"
116++ "301897d80b69ed3eccda4c5a5edc67e9a11ef76c4894710af"
117++ "b3deb52e5d996f23b6252d93ab349d1931a234eda9ff7cc40"
118++ "095b2b084b86e066839c7de8a08bf5bf46b:0a955323b7c00"
119++ "ef44581122c510cbfacfc503aea291b3a3fa2a811356df5be"
120++ "cd",
121++ };
122+
123+- if (pub != NULL) {
124+- test_assert(dcrypt_key_store_public(pub,
125+- DCRYPT_FORMAT_DOVECOT, tmp, &error));
126+- test_assert(strcmp(key, str_c(tmp))==0);
127+- buffer_free(&tmp);
128+- dcrypt_key_unref_public(&pub);
129++ for (size_t i = 0; i < N_ELEMENTS(keys); i++) {
130++ const char *key = keys[i];
131++ test_assert_idx(dcrypt_key_load_public(&pub, key, &error), i);
132++ test_assert_idx(pub != NULL, i);
133++
134++ buffer_t *tmp = buffer_create_dynamic(default_pool, 256);
135++
136++ if (pub != NULL) {
137++ test_assert_idx(dcrypt_key_store_public(pub,
138++ DCRYPT_FORMAT_DOVECOT, tmp, &error), i);
139++ test_assert_strcmp_idx(key, str_c(tmp), i);
140++ buffer_free(&tmp);
141++ dcrypt_key_unref_public(&pub);
142++ }
143+ }
144+
145+ test_end();
146diff --git a/debian/patches/series b/debian/patches/series
147index dd4a15b..c25f218 100644
148--- a/debian/patches/series
149+++ b/debian/patches/series
150@@ -31,3 +31,4 @@ CVE-2024-23184-5-lib-mail-Add-message_address_parse_full-and-struct-messag.patch
151 CVE-2024-23184-6-lib-mail-lib-imap-Optimize-parsing-large-number-of-addres.patch
152 CVE-2024-23185-1-lib-mail-message-header-parser-Limit-header-block-to-10MB.patch
153 CVE-2024-23185-2-lib-mail-message-parser-Limit-headers-total-count-to-50MB.patch
154+fips-pbkdf2-fix-invalid-salt-length.patch

Subscribers

People subscribed via source and target branches