strongswan: Update solution for strongswan bug #816

2026-04-09 18:45:54 +02:00 · 2015-03-04 23:54:10 +01:00
parent 6644c1c7f2
commit 8d289021d3
6 changed files with 112 additions and 16 deletions
--- a/lfs/strongswan
+++ b/lfs/strongswan
@@ -79,8 +79,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
 	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.0.2_ipfire.patch
-	cd $(DIR_APP) && patch -Np1 --ignore-whitespace \
-		-i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816.patch
+	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-eb25190.patch
+	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-650a3ad.patch
+	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-dd0ebb.patch
 	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-819-cd2c30a.patch

 	cd $(DIR_APP) && [ -x "configure" ] || ./autogen.sh
--- a/make.sh
+++ b/make.sh
@@ -649,7 +649,7 @@ buildipfire() {
  ipfiremake libevent2
  ipfiremake portmap
  ipfiremake nfs
-  ipfiremake nmap
+  #ipfiremake nmap
  ipfiremake ncftp
  ipfiremake etherwake
  ipfiremake bwm-ng
--- a/src/patches/strongswan-5.2.2-issue-816-650a3ad.patch
+++ b/src/patches/strongswan-5.2.2-issue-816-650a3ad.patch
@@ -0,0 +1,35 @@
+commit 650a3ad5151958b99a95836fb8b84b8aa18da1be
+Author: Tobias Brunner <tobias@strongswan.org>
+Date:   Wed Feb 25 08:09:11 2015 +0100
+
+    ike-sa-manager: Make sure the message ID of initial messages is 0
+    
+    It is mandated by the RFCs and it is expected by the task managers.
+    
+    Initial messages with invalid MID will be treated like regular messages,
+    so no IKE_SA will be created for them.  Instead, if the responder SPI is 0
+    no SA will be found and the message is rejected with ALERT_INVALID_IKE_SPI.
+    If an SPI is set and we do find an SA, then we either ignore the message
+    because the MID is unexpected, or because we don't allow initial messages
+    on established connections.
+    
+    There is one exception, though, if an attacker can slip in an IKE_SA_INIT
+    with both SPIs set before the client's IKE_AUTH is handled by the server,
+    it does get processed (see next commit).
+    
+    References #816.
+
+diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
+index d0cbd47..5e2b925 100644
+--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
+@@ -1184,7 +1184,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
+ 
+ 	DBG2(DBG_MGR, "checkout IKE_SA by message");
+ 
+-	if (id->get_responder_spi(id) == 0)
+	if (id->get_responder_spi(id) == 0 &&
+		message->get_message_id(message) == 0)
+ 	{
+ 		if (message->get_major_version(message) == IKEV2_MAJOR_VERSION)
+ 		{
--- a/src/patches/strongswan-5.2.2-issue-816-dd0ebb.patch
+++ b/src/patches/strongswan-5.2.2-issue-816-dd0ebb.patch
@@ -0,0 +1,42 @@
+commit dd0ebb54837298c869389d36a0b42eefdb893dd6
+Author: Tobias Brunner <tobias@strongswan.org>
+Date:   Wed Feb 25 08:30:33 2015 +0100
+
+    ikev2: Only accept initial messages in specific states
+    
+    The previous code allowed an attacker to slip in an IKE_SA_INIT with
+    both SPIs and MID 1 set when an IKE_AUTH would be expected instead.
+    
+    References #816.
+
+diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
+index be84e71..540d4dc 100644
+--- a/src/libcharon/sa/ikev2/task_manager_v2.c
+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
+@@ -1304,17 +1304,16 @@ METHOD(task_manager_t, process_message, status_t,
+ 	{
+ 		if (mid == this->responding.mid)
+ 		{
+-			/* reject initial messages once established */
+-			if (msg->get_exchange_type(msg) == IKE_SA_INIT ||
+-				msg->get_exchange_type(msg) == IKE_AUTH)
+			/* reject initial messages if not received in specific states */
+			if ((msg->get_exchange_type(msg) == IKE_SA_INIT &&
+				 this->ike_sa->get_state(this->ike_sa) != IKE_CREATED) ||
+				(msg->get_exchange_type(msg) == IKE_AUTH &&
+				 this->ike_sa->get_state(this->ike_sa) != IKE_CONNECTING))
+ 			{
+-				if (this->ike_sa->get_state(this->ike_sa) != IKE_CREATED &&
+-					this->ike_sa->get_state(this->ike_sa) != IKE_CONNECTING)
+-				{
+-					DBG1(DBG_IKE, "ignoring %N in established IKE_SA state",
+-						 exchange_type_names, msg->get_exchange_type(msg));
+-					return FAILED;
+-				}
+				DBG1(DBG_IKE, "ignoring %N in IKE_SA state %N",
+					 exchange_type_names, msg->get_exchange_type(msg),
+					 ike_sa_state_names, this->ike_sa->get_state(this->ike_sa));
+				return FAILED;
+ 			}
+ 			if (!this->ike_sa->supports_extension(this->ike_sa, EXT_MOBIKE))
+ 			{	/* with MOBIKE, we do no implicit updates */
--- a/src/patches/strongswan-5.2.2-issue-816-eb25190.patch
+++ b/src/patches/strongswan-5.2.2-issue-816-eb25190.patch
@@ -0,0 +1,31 @@
+commit eb251906298b529fa53b8a99746a9a7a9f318dd5
+Author: Tobias Brunner <tobias@strongswan.org>
+Date:   Wed Feb 25 08:18:58 2015 +0100
+
+    ikev2: Don't destroy the SA if an IKE_SA_INIT with unexpected MID is received
+    
+    This reverts 8f727d800751 ("Clean up IKE_SA state if IKE_SA_INIT request
+    does not have message ID 0") because it allowed to close any IKE_SA by
+    sending an IKE_SA_INIT with an unexpected MID and both SPIs set to those
+    of that SA.
+    
+    The next commit will prevent SAs from getting created for IKE_SA_INIT messages
+    with invalid MID.
+    
+    Fixes #816.
+
+diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
+index 48266aa..be84e71 100644
+--- a/src/libcharon/sa/ikev2/task_manager_v2.c
+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
+@@ -1355,10 +1355,6 @@ METHOD(task_manager_t, process_message, status_t,
+ 		{
+ 			DBG1(DBG_IKE, "received message ID %d, expected %d. Ignored",
+ 				 mid, this->responding.mid);
+-			if (msg->get_exchange_type(msg) == IKE_SA_INIT)
+-			{	/* clean up IKE_SA state if IKE_SA_INIT has invalid msg ID */
+-				return DESTROY_ME;
+-			}
+ 		}
+ 	}
+ 	else
--- a/src/patches/strongswan-5.2.2-issue-816.patch
+++ b/src/patches/strongswan-5.2.2-issue-816.patch
@@ -1,13 +0,0 @@
-diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/t
-index e9a677a655e4..69118abe78df 100644
--- a/src/libcharon/sa/ikev2/task_manager_v2.c
-+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
-@@ -1339,7 +1339,7 @@ METHOD(task_manager_t, process_message, status_t,
-        {
-            DBG1(DBG_IKE, "received message ID %d, expected %d. Ignored",
-                 mid, this->responding.mid);
-           if (msg->get_exchange_type(msg) == IKE_SA_INIT)
-+           if (mid != 0 && msg->get_exchange_type(msg) == IKE_SA_INIT)
-            {   /* clean up IKE_SA state if IKE_SA_INIT has invalid msg ID */
-                return DESTROY_ME;
-            }