Browse Source

ipsec-tools: fix null dereference in racoon

* add a patch to fix a null pointer dereference in src/racoon/gssapi.c (CVE-2015-4047)
 * refresh patches
 * bumb release number

Signed-off-by: Nicolas Thill <nico@openwrt.org>
lilik-openwrt-22.03
Nicolas Thill 10 years ago
parent
commit
d8362b6d04
5 changed files with 22 additions and 8 deletions
  1. +2
    -2
      net/ipsec-tools/Makefile
  2. +2
    -2
      net/ipsec-tools/patches/002-patch8-utmp.patch
  3. +1
    -1
      net/ipsec-tools/patches/003-microsoft-fqdn-in-main.patch
  4. +1
    -3
      net/ipsec-tools/patches/007-force_have_policy_fwd.patch
  5. +16
    -0
      net/ipsec-tools/patches/008-racoon-fix_dereference_crash.patch

+ 2
- 2
net/ipsec-tools/Makefile View File

@ -1,5 +1,5 @@
#
# Copyright (C) 2006-2011 OpenWrt.org
# Copyright (C) 2006-2015 OpenWrt.org
# 2014 Noah Meyerhans <frodo@morgul.net>
#
# This is free software, licensed under the GNU General Public License v2.
@ -11,7 +11,7 @@ include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=ipsec-tools
PKG_VERSION:=0.8.2
PKG_RELEASE:=2
PKG_RELEASE:=3
PKG_MAINTAINER := "Noah Meyerhans <frodo@morgul.net>"
PKG_LICENSE := BSD-3-Clause


+ 2
- 2
net/ipsec-tools/patches/002-patch8-utmp.patch View File

@ -9,7 +9,7 @@
#if defined(__APPLE__) && defined(__MACH__)
#include <util.h>
#endif
@@ -1661,7 +1661,8 @@ isakmp_cfg_accounting_system(port, raddr
@@ -1664,7 +1664,8 @@ isakmp_cfg_accounting_system(port, raddr
int inout;
{
int error = 0;
@ -19,7 +19,7 @@
char addr[NI_MAXHOST];
if (usr == NULL || usr[0]=='\0') {
@@ -1670,34 +1671,37 @@ isakmp_cfg_accounting_system(port, raddr
@@ -1673,34 +1674,37 @@ isakmp_cfg_accounting_system(port, raddr
return -1;
}


+ 1
- 1
net/ipsec-tools/patches/003-microsoft-fqdn-in-main.patch View File

@ -1,6 +1,6 @@
--- a/src/racoon/ipsec_doi.c
+++ b/src/racoon/ipsec_doi.c
@@ -3582,8 +3582,8 @@ ipsecdoi_checkid1(iph1)
@@ -3581,8 +3581,8 @@ ipsecdoi_checkid1(iph1)
iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_PSKEY) {
if (id_b->type != IPSECDOI_ID_IPV4_ADDR
&& id_b->type != IPSECDOI_ID_IPV6_ADDR) {


net/ipsec-tools/patches/force_HAVE_POLICY_FWD → net/ipsec-tools/patches/007-force_have_policy_fwd.patch View File


+ 16
- 0
net/ipsec-tools/patches/008-racoon-fix_dereference_crash.patch View File

@ -0,0 +1,16 @@
Fix null dereference in racoon/gssapi.c (CVE-2015-4047)
--- a/src/racoon/gssapi.c
+++ b/src/racoon/gssapi.c
@@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1)
gss_name_t princ, canon_princ;
OM_uint32 maj_stat, min_stat;
+ if (iph1->rmconf == NULL) {
+ plog(LLV_ERROR, LOCATION, NULL, "no remote config\n");
+ return -1;
+ }
+
gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state));
if (gps == NULL) {
plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n");

Loading…
Cancel
Save