LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9315 Commits
1 Branch
46 MiB
Tree: 136491ccf2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '136491ccf2'
${ noResults }
openwrt-packages-dist/net/rsync/patches/009-Use-full-MD4-len.patch

97 lines
2.7 KiB
Raw Normal View History

rsync: Fix CVE-2017-15994 and CVE-2017-16548 Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
7 years ago
 
  1. commit bc112b0e7feece62ce98708092306639a8a53cce
  2. Author: Wayne Davison <wayned@samba.org>
  3. Date:   Mon Oct 30 09:11:16 2017 -0700
  4. 

  5.     Use full MD4 len for archaic protocol auth.
  6. 

  7. diff --git a/authenticate.c b/authenticate.c

  8. index a106b0f..519429d 100644

  9. --- a/authenticate.c

  10. +++ b/authenticate.c

  11. @@ -22,7 +22,6 @@

  12.  #include "itypes.h"
  13.  
  14.  extern int read_only;
  15. -extern int protocol_version;

  16.  extern char *password_file;
  17.  
  18.  /***************************************************************************
  19. @@ -75,6 +74,8 @@ static void gen_challenge(const char *addr, char *challenge)

  20.  	sum_init(-1, 0);
  21.  	sum_update(input, sizeof input);
  22.  	len = sum_end(digest);
  23. +	if (len == 2) /* The archaic checksum is 2 bytes, but sum_end() filled in the full MD4 checksum for us. */

  24. +		len = MD4_DIGEST_LEN;

  25.  
  26.  	base64_encode(digest, len, challenge, 0);
  27.  }
  28. @@ -90,6 +91,8 @@ static void generate_hash(const char *in, const char *challenge, char *out)

  29.  	sum_update(in, strlen(in));
  30.  	sum_update(challenge, strlen(challenge));
  31.  	len = sum_end(buf);
  32. +	if (len == 2) /* The archaic checksum is 2 bytes, but sum_end() filled in the full MD4 checksum for us. */

  33. +		len = MD4_DIGEST_LEN;

  34.  
  35.  	base64_encode(buf, len, out, 0);
  36.  }
  37. @@ -238,11 +241,6 @@ char *auth_server(int f_in, int f_out, int module, const char *host,

  38.  	if (!users || !*users)
  39.  		return "";
  40.  
  41. -	if (protocol_version < 21) { /* Don't allow a weak checksum for the password. */

  42. -		rprintf(FERROR, "ERROR: protocol version is too old!\n");

  43. -		exit_cleanup(RERR_PROTOCOL);

  44. -	}

  45. -

  46.  	gen_challenge(addr, challenge);
  47.  
  48.  	io_printf(f_out, "%s%s\n", leader, challenge);
  49. diff --git a/checksum.c b/checksum.c

  50. index c119f97..741ad7d 100644

  51. --- a/checksum.c

  52. +++ b/checksum.c

  53. @@ -86,6 +86,8 @@ int csum_len_for_type(int cst)

  54.  		return MD4_DIGEST_LEN;
  55.  	  case CSUM_MD5:
  56.  		return MD5_DIGEST_LEN;
  57. +	  default: /* paranoia to prevent missing case values */

  58. +		exit_cleanup(RERR_UNSUPPORTED);

  59.  	}
  60.  	return 0;
  61.  }
  62. @@ -181,6 +183,8 @@ void get_checksum2(char *buf, int32 len, char *sum)

  63.  		mdfour_result(&m, (uchar *)sum);
  64.  		break;
  65.  	  }
  66. +	  default: /* paranoia to prevent missing case values */

  67. +		exit_cleanup(RERR_UNSUPPORTED);

  68.  	}
  69.  }
  70.  
  71. @@ -275,6 +279,8 @@ void sum_init(int csum_type, int seed)

  72.  		break;
  73.  	  case CSUM_NONE:
  74.  		break;
  75. +	  default: /* paranoia to prevent missing case values */

  76. +		exit_cleanup(RERR_UNSUPPORTED);

  77.  	}
  78.  }
  79.  
  80. @@ -322,6 +328,8 @@ void sum_update(const char *p, int32 len)

  81.  		break;
  82.  	  case CSUM_NONE:
  83.  		break;
  84. +	  default: /* paranoia to prevent missing case values */

  85. +		exit_cleanup(RERR_UNSUPPORTED);

  86.  	}
  87.  }
  88.  
  89. @@ -349,6 +357,8 @@ int sum_end(char *sum)

  90.  	  case CSUM_NONE:
  91.  		*sum = '\0';
  92.  		break;
  93. +	  default: /* paranoia to prevent missing case values */

  94. +		exit_cleanup(RERR_UNSUPPORTED);

  95.  	}
  96.  
  97.  	return csum_len_for_type(cursum_type);