CVE-2022-40617.patch

@@ -1,204 +0,0 @@
-From 66d3b2e0e596a6eac1ebcd15c83a8d9368fe7b34 Mon Sep 17 00:00:00 2001
-From: Tobias Brunner <tobias@strongswan.org>
-Date: Fri, 22 Jul 2022 15:37:43 +0200
-Subject: [PATCH] credential-manager: Do online revocation checks only after
- basic trust chain validation
-
-This avoids querying URLs of potentially untrusted certificates, e.g. if
-an attacker sends a specially crafted end-entity and intermediate CA
-certificate with a CDP that points to a server that completes the
-TCP handshake but then does not send any further data, which will block
-the fetcher thread (depending on the plugin) for as long as the default
-timeout for TCP.  Doing that multiple times will block all worker threads,
-leading to a DoS attack.
-
-The logging during the certificate verification obviously changes.  The
-following example shows the output of `pki --verify` for the current
-strongswan.org certificate:
-
-new:
-
-  using certificate "CN=www.strongswan.org"
-  using trusted intermediate ca certificate "C=US, O=Let's Encrypt, CN=R3"
-  using trusted ca certificate "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
-  reached self-signed root ca with a path length of 1
-checking certificate status of "CN=www.strongswan.org"
-  requesting ocsp status from 'http://r3.o.lencr.org' ...
-  ocsp response correctly signed by "C=US, O=Let's Encrypt, CN=R3"
-  ocsp response is valid: until Jul 27 12:59:58 2022
-certificate status is good
-checking certificate status of "C=US, O=Let's Encrypt, CN=R3"
-ocsp response verification failed, no signer certificate 'C=US, O=Let's Encrypt, CN=R3' found
-  fetching crl from 'http://x1.c.lencr.org/' ...
-  using trusted certificate "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
-  crl correctly signed by "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
-  crl is valid: until Apr 18 01:59:59 2023
-certificate status is good
-certificate trusted, lifetimes valid, certificate not revoked
-
-old:
-
-  using certificate "CN=www.strongswan.org"
-  using trusted intermediate ca certificate "C=US, O=Let's Encrypt, CN=R3"
-checking certificate status of "CN=www.strongswan.org"
-  requesting ocsp status from 'http://r3.o.lencr.org' ...
-  ocsp response correctly signed by "C=US, O=Let's Encrypt, CN=R3"
-  ocsp response is valid: until Jul 27 12:59:58 2022
-certificate status is good
-  using trusted ca certificate "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
-checking certificate status of "C=US, O=Let's Encrypt, CN=R3"
-ocsp response verification failed, no signer certificate 'C=US, O=Let's Encrypt, CN=R3' found
-  fetching crl from 'http://x1.c.lencr.org/' ...
-  using trusted certificate "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
-  crl correctly signed by "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
-  crl is valid: until Apr 18 01:59:59 2023
-certificate status is good
-  reached self-signed root ca with a path length of 1
-certificate trusted, lifetimes valid, certificate not revoked
-
-Note that this also fixes an issue with the previous dual-use of the
-`trusted` flag.  It not only indicated whether the chain is trusted but
-also whether the current issuer is the root anchor (the corresponding
-flag in the `cert_validator_t` interface is called `anchor`).  This was
-a problem when building multi-level trust chains for pre-trusted
-end-entity certificates (i.e. where `trusted` is TRUE from the start).
-This caused the main loop to get aborted after the first intermediate CA
-certificate and the mentioned `anchor` flag wasn't correct in any calls
-to `cert_validator_t` implementations.
-
-Fixes: CVE-2022-40617
----
- .../credentials/credential_manager.c          | 54 +++++++++++++++----
- 1 file changed, 45 insertions(+), 9 deletions(-)
-
-diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c
-index e93b5943a3a7..798785544e41 100644
---- a/src/libstrongswan/credentials/credential_manager.c
-+++ b/src/libstrongswan/credentials/credential_manager.c
-@@ -556,7 +556,7 @@ static void cache_queue(private_credential_manager_t *this)
-  */
- static bool check_lifetime(private_credential_manager_t *this,
- 						   certificate_t *cert, char *label,
--						   int pathlen, bool trusted, auth_cfg_t *auth)
-+						   int pathlen, bool anchor, auth_cfg_t *auth)
- {
- 	time_t not_before, not_after;
- 	cert_validator_t *validator;
-@@ -571,7 +571,7 @@ static bool check_lifetime(private_credential_manager_t *this,
- 			continue;
- 		}
- 		status = validator->check_lifetime(validator, cert,
--										   pathlen, trusted, auth);
-+										   pathlen, anchor, auth);
- 		if (status != NEED_MORE)
- 		{
- 			break;
-@@ -604,13 +604,13 @@ static bool check_lifetime(private_credential_manager_t *this,
-  */
- static bool check_certificate(private_credential_manager_t *this,
- 				certificate_t *subject, certificate_t *issuer, bool online,
--				int pathlen, bool trusted, auth_cfg_t *auth)
-+				int pathlen, bool anchor, auth_cfg_t *auth)
- {
- 	cert_validator_t *validator;
- 	enumerator_t *enumerator;
- 
- 	if (!check_lifetime(this, subject, "subject", pathlen, FALSE, auth) ||
--		!check_lifetime(this, issuer, "issuer", pathlen + 1, trusted, auth))
-+		!check_lifetime(this, issuer, "issuer", pathlen + 1, anchor, auth))
- 	{
- 		return FALSE;
- 	}
-@@ -623,7 +623,7 @@ static bool check_certificate(private_credential_manager_t *this,
- 			continue;
- 		}
- 		if (!validator->validate(validator, subject, issuer,
--								 online, pathlen, trusted, auth))
-+								 online, pathlen, anchor, auth))
- 		{
- 			enumerator->destroy(enumerator);
- 			return FALSE;
-@@ -726,6 +726,7 @@ static bool verify_trust_chain(private_credential_manager_t *this,
- 	auth_cfg_t *auth;
- 	signature_params_t *scheme;
- 	int pathlen;
-+	bool is_anchor = FALSE;
- 
- 	auth = auth_cfg_create();
- 	get_key_strength(subject, auth);
-@@ -743,7 +744,7 @@ static bool verify_trust_chain(private_credential_manager_t *this,
- 				auth->add(auth, AUTH_RULE_CA_CERT, issuer->get_ref(issuer));
- 				DBG1(DBG_CFG, "  using trusted ca certificate \"%Y\"",
- 							  issuer->get_subject(issuer));
--				trusted = TRUE;
-+				trusted = is_anchor = TRUE;
- 			}
- 			else
- 			{
-@@ -778,11 +779,18 @@ static bool verify_trust_chain(private_credential_manager_t *this,
- 				DBG1(DBG_CFG, "  issuer is \"%Y\"",
- 					 current->get_issuer(current));
- 				call_hook(this, CRED_HOOK_NO_ISSUER, current);
-+				if (trusted)
-+				{
-+					DBG1(DBG_CFG, "  reached end of incomplete trust chain for "
-+						 "trusted certificate \"%Y\"",
-+						 subject->get_subject(subject));
-+				}
- 				break;
- 			}
- 		}
--		if (!check_certificate(this, current, issuer, online,
--							   pathlen, trusted, auth))
-+		/* don't do online verification here */
-+		if (!check_certificate(this, current, issuer, FALSE,
-+							   pathlen, is_anchor, auth))
- 		{
- 			trusted = FALSE;
- 			issuer->destroy(issuer);
-@@ -794,7 +802,7 @@ static bool verify_trust_chain(private_credential_manager_t *this,
- 		}
- 		current->destroy(current);
- 		current = issuer;
--		if (trusted)
-+		if (is_anchor)
- 		{
- 			DBG1(DBG_CFG, "  reached self-signed root ca with a "
- 				 "path length of %d", pathlen);
-@@ -807,6 +815,34 @@ static bool verify_trust_chain(private_credential_manager_t *this,
- 		DBG1(DBG_CFG, "maximum path length of %d exceeded", MAX_TRUST_PATH_LEN);
- 		call_hook(this, CRED_HOOK_EXCEEDED_PATH_LEN, subject);
- 	}
-+	else if (trusted && online)
-+	{
-+		enumerator_t *enumerator;
-+		auth_rule_t rule;
-+
-+		/* do online revocation checks after basic validation of the chain */
-+		pathlen = 0;
-+		current = subject;
-+		enumerator = auth->create_enumerator(auth);
-+		while (enumerator->enumerate(enumerator, &rule, &issuer))
-+		{
-+			if (rule == AUTH_RULE_CA_CERT || rule == AUTH_RULE_IM_CERT)
-+			{
-+				if (!check_certificate(this, current, issuer, TRUE, pathlen++,
-+									   rule == AUTH_RULE_CA_CERT, auth))
-+				{
-+					trusted = FALSE;
-+					break;
-+				}
-+				else if (rule == AUTH_RULE_CA_CERT)
-+				{
-+					break;
-+				}
-+				current = issuer;
-+			}
-+		}
-+		enumerator->destroy(enumerator);
-+	}
- 	if (trusted)
- 	{
- 		result->merge(result, auth, FALSE);
--- 
-2.25.1

CVE-2023-41913.patch

@@ -1,42 +0,0 @@
-From 027421cbd2e6e628f5f959c74d722afadc477485 Mon Sep 17 00:00:00 2001
-From: Tobias Brunner <tobias@strongswan.org>
-Date: Tue, 11 Jul 2023 12:12:25 +0200
-Subject: [PATCH] charon-tkm: Validate DH public key to fix potential buffer
- overflow
-
-Seems this was forgotten in the referenced commit and actually could lead
-to a buffer overflow.  Since charon-tkm is untrusted this isn't that
-much of an issue but could at least be easily exploited for a DoS attack
-as DH public values are set when handling IKE_SA_INIT requests.
-
-Fixes: 0356089d0f94 ("diffie-hellman: Verify public DH values in backends")
-Fixes: CVE-2023-41913
----
- src/charon-tkm/src/tkm/tkm_diffie_hellman.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
-index 2b2d103d03e9..6999ad360d7e 100644
---- a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
-+++ b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
-@@ -70,11 +70,16 @@ METHOD(key_exchange_t, get_shared_secret, bool,
- 	return TRUE;
- }
- 
--
- METHOD(key_exchange_t, set_public_key, bool,
- 	private_tkm_diffie_hellman_t *this, chunk_t value)
- {
- 	dh_pubvalue_type othervalue;
-+
-+	if (!key_exchange_verify_pubkey(this->group, value) ||
-+		value.len > sizeof(othervalue.data))
-+	{
-+		return FALSE;
-+	}
- 	othervalue.size = value.len;
- 	memcpy(&othervalue.data, value.ptr, value.len);
- 
--- 
-2.34.1
-

strongswan.spec

@@ -1,15 +1,12 @@
 Name:             strongswan
 Version:          5.9.7
-Release:          5
+Release:          1
 Summary:          An OpenSource IPsec-based VPN and TNC solution
 License:          GPLv2+
 URL:              http://www.strongswan.org/
 Source0:          http://download.strongswan.org/strongswan-%{version}.tar.bz2
 
 Patch0:           remove-warning-no-format.patch
-Patch1:           CVE-2022-40617.patch
-# https://download.strongswan.org/security/CVE-2023-41913/strongswan-5.9.7-5.9.11_charon_tkm_dh_len.patch
-Patch2:           CVE-2023-41913.patch
 
 BuildRequires:    gcc chrpath autoconf automake libtool tpm2-abrmd
 BuildRequires:    systemd-devel gmp-devel libcurl-devel NetworkManager-libnm-devel openldap-devel
@@ -19,9 +16,6 @@ Requires(post):   systemd
 Requires(preun):  systemd
 Requires(postun): systemd
 Requires:         tpm2-abrmd
-Requires:         %{name}-sqlite = %{version}-%{release}
-Requires:         %{name}-tnc-imcvs = %{version}-%{release}
-Requires:         %{name}-libipsec = %{version}-%{release}
 
 %description
 The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange
@@ -71,7 +65,7 @@ PT-TLS to support TNC over TLS.
 autoreconf -i
 %configure --bindir=%{_libexecdir}/strongswan --sysconfdir=%{_sysconfdir}/strongswan \
            --with-ipsecdir=%{_libexecdir}/strongswan --with-ipseclibdir=%{_libdir}/strongswan \
-           --with-ipsec-script=strongswan --with-fips-mode=2 \
+           --with-ipsec-script=ipsec --with-fips-mode=2 \
            --disable-static \
            --enable-tss-trousers --enable-nm --enable-systemd --enable-openssl --enable-unity \
            --enable-ctr --enable-ccm --enable-gcm --enable-chapoly --enable-md4 --enable-gcrypt \
@@ -149,7 +143,7 @@ echo "%{_libdir}/strongswan" > %{buildroot}/etc/ld.so.conf.d/%{name}-%{_arch}.co
 %{_unitdir}/strongswan-starter.service
 %{_sbindir}/charon-cmd
 %{_sbindir}/charon-systemd
-%{_sbindir}/strongswan
+%{_sbindir}/ipsec
 %{_sbindir}/swanctl
 %{_libdir}/strongswan/*.so.*
 %exclude %{_libdir}/strongswan/libimcv.so.*
@@ -195,18 +189,6 @@ echo "%{_libdir}/strongswan" > %{buildroot}/etc/ld.so.conf.d/%{name}-%{_arch}.co
 %{_libexecdir}/strongswan/charon-nm
 
 %changelog
-* Thu Dec 14 2023 yaoxin <yao_xin001@hoperun.com> - 5.9.7-5
-- Fix CVE-2023-41913
-
-* Fri May 19 2023 wangkai <13474090681@163.com> - 5.9.7-4
-- Fix /usr/sbin/ipsec conflicts with libreswan
-
-* Tue Nov 29 2022 wangkai <wangkai385@h-partners.com> - 5.9.7-3
-- Add Requires strongswan-sqlite,strongswan-tnc-imcvs and strongswan-libipsec
-
-* Tue Nov 01 2022 liyuxiang <liyuxiang@ncti-gba.cn> - 5.9.7-2
-- fix CVE-2022-40617
-
 * Sat Aug 13 2022 openhosec <openhosec@hosec.net> - 5.9.7-1
 - Upgrade to 5.9.7 version