Ubuntu

Merge lp:~sdeziel/ubuntu/raring/openvpn/fix-for-lp1184223 into lp:ubuntu/raring/openvpn

Proposed by Simon Déziel on 2013-05-25
Status: Rejected
Rejected by: Martin Pitt on 2013-06-14
Proposed branch: lp:~sdeziel/ubuntu/raring/openvpn/fix-for-lp1184223
Merge into: lp:ubuntu/raring/openvpn
Diff against target: 78 lines (+66/-0) 2 files modified
To merge this branch: bzr merge lp:~sdeziel/ubuntu/raring/openvpn/fix-for-lp1184223
Reviewer Review Type Date Requested Status
Jamie Strandboge Disapprove on 2013-06-14
Ubuntu branches 2013-05-25 Pending
Review via email: mp+165760@code.launchpad.net
To post a comment you must log in.
Simon Déziel (sdeziel) wrote :

If this proposal is merged I'd like to know how to have the fix applied to Precise and Quantal too. Thanks in advance

James Page (james-page) wrote :

Hi Simon

Thanks for the merge proposal for this fix; normally CVE's are handled by the Ubuntu Security Team; I've pinged one of them about this bug to see what the current status is.

James Page (james-page) wrote :

Simon; the security team will pick this issue up:

<mdeslaur> jamespage: yes, the security team will be doing them (LP: 1184223)
<ubottu> Launchpad bug 1184223 in openvpn (Ubuntu Raring) "CVE-2013-2061: use of non-constant-time memcmp in HMAC comparison in openvpn_decrypt" [Low,Confirmed] https://launchpad.net/bugs/1184223
<jamespage> mdeslaur, great - thanks for confirming.
<mdeslaur> jamespage: we've rated it as "low" though, so it may take a while

Simon Déziel (sdeziel) wrote :

Thanks James and Marc, I wasn't aware of the procedure and wanted to help a bit, sorry for the noise I created.

Jamie Strandboge (jdstrand) wrote :

Per Marc's comments from the bug:
"Thanks for the merge request.

We rate this security vulnerability as being "low" priority, which means we will not publish a security update for it unless another more important issue turns up in openvpn, at which point we will bundle both updates together."

review: Disapprove

Unmerged revisions

54. By Simon Déziel on 2013-05-25

Use constant time memcmp when comparing HMACs in openvpn_decrypt (CVE-2013-2061, LP: #1184223)

53. By Stéphane Graber on 2013-02-13

[ Marc Gariépy ]
Add --script-security to the init.d script (was generated but not passed
to openvpn). (LP: #1124398)

Preview Diff

1=== added file 'debian/patches/CVE-2013-2061.patch'
2--- debian/patches/CVE-2013-2061.patch 1970-01-01 00:00:00 +0000
3+++ debian/patches/CVE-2013-2061.patch 2013-05-25 22:59:24 +0000
4@@ -0,0 +1,65 @@
5+Description: Use constant time memcmp when comparing HMACs in openvpn_decrypt.
6+URL: https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee
7+commit 11d21349a4e7e38a025849479b36ace7c2eec2ee
8+Author: Steffan Karger <steffan.karger@fox-it.com>
9+Date: Tue Mar 19 13:01:50 2013 +0100
10+--- openvpn-2.2.1.orig/buffer.h 2013-05-25 17:46:30.000000000 -0400
11++++ openvpn-2.2.1/buffer.h 2013-05-25 18:07:47.090209624 -0400
12+@@ -620,6 +620,10 @@
13+ }
14+ }
15+
16++/**
17++ * Compare src buffer contents with match.
18++ * *NOT* constant time. Do not use when comparing HMACs.
19++ */
20+ static inline bool
21+ buf_string_match (const struct buffer *src, const void *match, int size)
22+ {
23+@@ -628,6 +632,10 @@
24+ return memcmp (BPTR (src), match, size) == 0;
25+ }
26+
27++/**
28++ * Compare first size bytes of src buffer contents with match.
29++ * *NOT* constant time. Do not use when comparing HMACs.
30++ */
31+ static inline bool
32+ buf_string_match_head (const struct buffer *src, const void *match, int size)
33+ {
34+--- openvpn-2.2.1.orig/crypto.c 2011-04-27 05:52:59.000000000 -0400
35++++ openvpn-2.2.1/crypto.c 2013-05-25 18:07:47.091209888 -0400
36+@@ -70,6 +70,24 @@
37+ #define CRYPT_ERROR(format) \
38+ do { msg (D_CRYPT_ERRORS, "%s: " format, error_prefix); goto error_exit; } while (false)
39+
40++/**
41++ * As memcmp(), but constant-time.
42++ * Returns 0 when data is equal, non-zero otherwise.
43++ */
44++static int
45++memcmp_constant_time (const void *a, const void *b, size_t size) {
46++ const uint8_t * a1 = a;
47++ const uint8_t * b1 = b;
48++ int ret = 0;
49++ size_t i;
50++
51++ for (i = 0; i < size; i++) {
52++ ret |= *a1++ ^ *b1++;
53++ }
54++
55++ return ret;
56++}
57++
58+ void
59+ openvpn_encrypt (struct buffer *buf, struct buffer work,
60+ const struct crypto_options *opt,
61+@@ -254,7 +272,7 @@
62+ ASSERT (hmac_len == in_hmac_len);
63+
64+ /* Compare locally computed HMAC with packet HMAC */
65+- if (memcmp (local_hmac, BPTR (buf), hmac_len))
66++ if (memcmp_constant_time (local_hmac, BPTR (buf), hmac_len))
67+ CRYPT_ERROR ("packet HMAC authentication failed");
68+
69+ ASSERT (buf_advance (buf, hmac_len));
70
71=== modified file 'debian/patches/series'
72--- debian/patches/series 2012-03-30 13:19:09 +0000
73+++ debian/patches/series 2013-05-25 22:59:24 +0000
74@@ -9,3 +9,4 @@
75 accommodate_typo.patch
76 manpage_fixes.patch
77 use-dpkg-buildflags.patch
78+CVE-2013-2061.patch

Subscribers

People subscribed via source and target branches

to all changes: