!113 fix CVE-2024-5535

From: @qsw333 Reviewed-by: @houmingyong Signed-off-by: @houmingyong
2024-07-22 03:35:14 +00:00 · 2024-07-22 03:35:14 +00:00 · bf7c8e99ed
commit bf7c8e99ed
parent f09428cdc8 d3f6aa3c92
2 changed files with 174 additions and 1 deletions
--- a/backport-CVE-2024-5535-Fix-SSL_select_next_proto-and-add-ALPN.patch
+++ b/backport-CVE-2024-5535-Fix-SSL_select_next_proto-and-add-ALPN.patch
@ -0,0 +1,169 @@
 From d7afe8e89ced1f4d5f1e5aab474dd9c069115b6e Mon Sep 17 00:00:00 2001
 From: xuhuiyue <xuhuiyue@huawei.com>
 Date: Fri, 28 Jun 2024 17:31:29 +0800
 Subject: [PATCH 2/2] Fix SSL_select_next_proto and add ALPN validation in the
 client
 Fix CVE-2024-5535.
 Signed-off-by: xuhuiyue <xuhuiyue@huawei.com>
 ---
 ssl/ssl_lib.c                | 63 +++++++++++++++++++++++-------------
 ssl/statem/extensions_clnt.c | 27 +++++++++++++++-
 ssl/statem/extensions_srvr.c |  3 +-
 3 files changed, 68 insertions(+), 25 deletions(-)
 diff --git a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/ssl_lib.c b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/ssl_lib.c
 index 00410a7385..cb2dca4247 100644
 --- a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/ssl_lib.c
 +++ b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/ssl_lib.c
@@ -2767,37 +2767,54 @@ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
                           unsigned int server_len,
                           const unsigned char *client, unsigned int client_len)
 {
 -    unsigned int i, j;
 -    const unsigned char *result;
 -    int status = OPENSSL_NPN_UNSUPPORTED;
 +    PACKET cpkt, csubpkt, spkt, ssubpkt;
 +
 +    if (!PACKET_buf_init(&cpkt, client, client_len)
 +            || !PACKET_get_length_prefixed_1(&cpkt, &csubpkt)
 +            || PACKET_remaining(&csubpkt) == 0) {
 +        *out = NULL;
 +        *outlen = 0;
 +        return OPENSSL_NPN_NO_OVERLAP;
 +    }
 +
 +    /*
 +     * Set the default opportunistic protocol. Will be overwritten if we find
 +     * a match.
 +     */
 +    *out = (unsigned char *)PACKET_data(&csubpkt);
 +    *outlen = (unsigned char)PACKET_remaining(&csubpkt);
     /*
      * For each protocol in server preference order, see if we support it.
      */
 -    for (i = 0; i < server_len;) {
 -        for (j = 0; j < client_len;) {
 -            if (server[i] == client[j] &&
 -                memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
 -                /* We found a match */
 -                result = &server[i];
 -                status = OPENSSL_NPN_NEGOTIATED;
 -                goto found;
 +    if (PACKET_buf_init(&spkt, server, server_len)) {
 +        while (PACKET_get_length_prefixed_1(&spkt, &ssubpkt)) {
 +            if (PACKET_remaining(&ssubpkt) == 0)
 +                continue; /* Invalid - ignore it */
 +            if (PACKET_buf_init(&cpkt, client, client_len)) {
 +                while (PACKET_get_length_prefixed_1(&cpkt, &csubpkt)) {
 +                    if (PACKET_equal(&csubpkt, PACKET_data(&ssubpkt),
 +                                     PACKET_remaining(&ssubpkt))) {
 +                        /* We found a match */
 +                        *out = (unsigned char *)PACKET_data(&ssubpkt);
 +                        *outlen = (unsigned char)PACKET_remaining(&ssubpkt);
 +                        return OPENSSL_NPN_NEGOTIATED;
 +                    }
 +                }
 +                /* Ignore spurious trailing bytes in the client list */
 +            } else {
 +                /* This should never happen */
 +                return OPENSSL_NPN_NO_OVERLAP;
             }
 -            j += client[j];
 -            j++;
         }
 -        i += server[i];
 -        i++;
 +        /* Ignore spurious trailing bytes in the server list */
     }
 -    /* There's no overlap between our protocols and the server's list. */
 -    result = client;
 -    status = OPENSSL_NPN_NO_OVERLAP;
 -
 - found:
 -    *out = (unsigned char *)result + 1;
 -    *outlen = result[0];
 -    return status;
 +    /*
 +     * There's no overlap between our protocols and the server's list. We use
 +     * the default opportunistic protocol selected earlier
 +     */
 +    return OPENSSL_NPN_NO_OVERLAP;
 }
 #ifndef OPENSSL_NO_NEXTPROTONEG
 diff --git a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/statem/extensions_clnt.c b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/statem/extensions_clnt.c
 index c641ae7351..4ad75c8e2d 100644
 --- a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/statem/extensions_clnt.c
 +++ b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/statem/extensions_clnt.c
@@ -1602,7 +1602,8 @@ int tls_parse_stoc_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
                                   PACKET_data(pkt),
                                   PACKET_remaining(pkt),
                                   s->ctx->ext.npn_select_cb_arg) !=
 -             SSL_TLSEXT_ERR_OK) {
 +                                  SSL_TLSEXT_ERR_OK
 +            || selected_len == 0) {
         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_PARSE_STOC_NPN,
                  SSL_R_BAD_EXTENSION);
         return 0;
@@ -1633,6 +1634,8 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
                         size_t chainidx)
 {
     size_t len;
 +    PACKET confpkt, protpkt;
 +    int valid = 0;
     /* We must have requested it. */
     if (!s->s3->alpn_sent) {
@@ -1653,6 +1656,28 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
                  SSL_R_BAD_EXTENSION);
         return 0;
     }
 +
 +    /* It must be a protocol that we sent */
 +    if (!PACKET_buf_init(&confpkt, s->ext.alpn, s->ext.alpn_len)) {
 +        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN, ERR_R_INTERNAL_ERROR);
 +        return 0;
 +    }
 +    while (PACKET_get_length_prefixed_1(&confpkt, &protpkt)) {
 +        if (PACKET_remaining(&protpkt) != len)
 +            continue;
 +        if (memcmp(PACKET_data(pkt), PACKET_data(&protpkt), len) == 0) {
 +            /* Valid protocol found */
 +            valid = 1;
 +            break;
 +        }
 +    }
 +
 +    if (!valid) {
 +        /* The protocol sent from the server does not match one we advertised */
 +        SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_STOC_ALPN, SSL_R_BAD_EXTENSION);
 +        return 0;
 +    }
 +
     OPENSSL_free(s->s3->alpn_selected);
     s->s3->alpn_selected = OPENSSL_malloc(len);
     if (s->s3->alpn_selected == NULL) {
 diff --git a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/statem/extensions_srvr.c b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/statem/extensions_srvr.c
 index 775d9a7444..a08027fd6d 100644
 --- a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/statem/extensions_srvr.c
 +++ b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/ssl/statem/extensions_srvr.c
@@ -1562,9 +1562,10 @@ EXT_RETURN tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt,
             return EXT_RETURN_FAIL;
         }
         s->s3->npn_seen = 1;
 +        return EXT_RETURN_SENT;
     }
 -    return EXT_RETURN_SENT;
 +    return EXT_RETURN_NOT_SENT;
 }
 #endif
 -- 
 2.33.0
--- a/linux-sgx.spec
+++ b/linux-sgx.spec
@ -1,6 +1,6 @@
 Name:           linux-sgx
 Version:        2.15.1
-Release:        11
+Release:        12
 Summary:        Intel(R) Software Guard Extensions for Linux* OS
 ExclusiveArch:	x86_64
 License:        BSD-3-Clause
@ -43,6 +43,7 @@ Patch21:	backport-CVE-2023-2650-Restrict-the-size-of-OBJECT-IDENTIFIERs-that-OBJ
 Patch22:	backport-CVE-2023-3446-Fix-DH_check-excessive-time-with-over-sized-modulus.patch
 Patch23:	backport-CVE-2023-3817-DH_check-Do-not-try-checking-q-properties-if-it-is-o.patch
 Patch24:	backport-CVE-2023-5678-Make-DH_check_pub_key-and-DH_generate_key-safer-yet.patch
 Patch25:        backport-CVE-2024-5535-Fix-SSL_select_next_proto-and-add-ALPN.patch
 BuildRequires:  gcc-c++ protobuf-devel libtool ocaml-ocamlbuild openssl openssl-devel cmake python curl-devel createrepo_c git nasm
@ -1047,6 +1048,9 @@ fi
 %files -n libsgx-headers -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build/list-libsgx-headers
 %changelog
 * Mon Jul 22 2024 wangqingsan<wangqingsan@huawei.com> - 2.15.1-12
 - fix CVE-2024-5535
 * Tue Dec 26 2023 wangqingsan<wangqingsan@huawei.com> - 2.15.1-11
 - Disabling the Automatic Startup of Software Package Upgrade