packages/iperf3
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CVE-2024-26306

Browse Source 
(cherry picked from commit 2451a6c6eab8bb7ebab4ad4635784b96c2fb1a0a)
This commit is contained in:
wk333 2024-05-14 11:05:48 +08:00 committed by openeuler-sync-bot
parent af6cb29337
commit ab7d7a6f15
2 changed files with 295 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

286
CVE-2024-26306.patch Normal file
View File

@ -0,0 +1,286 @@
Origin:
https://github.com/esnet/iperf/pull/1695
https://github.com/esnet/iperf/releases/tag/3.17
From 299b356df6939f71619bf45bf7a7d2222e17d840 Mon Sep 17 00:00:00 2001
From: Sarah Larsen <swlarsen@Sarahs-MBP.lan>
Date: Wed, 20 Mar 2024 17:02:31 -0700
Subject: [PATCH 1/3] Using OAEP padding instead of PKCS1 padding for OpenSSL.
Fix for CVE-2024-26306.
Special thanks to Hubert Kario at Red Hat for finding the vulnerability.
---
src/iperf.h | 1 +
src/iperf_api.c | 8 ++++++--
src/iperf_api.h | 1 +
src/iperf_auth.c | 32 ++++++++++++++++++++++++--------
src/iperf_auth.h | 4 ++--
src/iperf_locale.c | 1 +
src/t_auth.c | 5 +++--
7 files changed, 38 insertions(+), 14 deletions(-)
diff --git a/src/iperf.h b/src/iperf.h
index c1d839be1..527e549ed 100644
--- a/src/iperf.h
+++ b/src/iperf.h
@@ -319,6 +319,7 @@ struct iperf_test
char *server_authorized_users;
EVP_PKEY *server_rsa_private_key;
int server_skew_threshold;
+ int use_pkcs1_padding;
#endif // HAVE_SSL
/* boolean variables for Options */
diff --git a/src/iperf_api.c b/src/iperf_api.c
index d40561c10..7fb741e77 100644
--- a/src/iperf_api.c
+++ b/src/iperf_api.c
@@ -1137,6 +1137,7 @@ iperf_parse_arguments(struct iperf_test *test, int argc, char **argv)
{"rsa-private-key-path", required_argument, NULL, OPT_SERVER_RSA_PRIVATE_KEY},
{"authorized-users-path", required_argument, NULL, OPT_SERVER_AUTHORIZED_USERS},
{"time-skew-threshold", required_argument, NULL, OPT_SERVER_SKEW_THRESHOLD},
+ {"use-pkcs1-padding", no_argument, NULL, OPT_USE_PKCS1_PADDING},
#endif /* HAVE_SSL */
{"fq-rate", required_argument, NULL, OPT_FQ_RATE},
{"pacing-timer", required_argument, NULL, OPT_PACING_TIMER},
@@ -1630,6 +1631,9 @@ iperf_parse_arguments(struct iperf_test *test, int argc, char **argv)
return -1;
}
break;
+ case OPT_USE_PKCS1_PADDING:
+ test->use_pkcs1_padding = 1;
+ break;
#endif /* HAVE_SSL */
case OPT_PACING_TIMER:
test->settings->pacing_timer = unit_atoi(optarg);
@@ -2070,7 +2074,7 @@ int test_is_authorized(struct iperf_test *test){
if (test->settings->authtoken){
char *username = NULL, *password = NULL;
time_t ts;
- int rc = decode_auth_setting(test->debug, test->settings->authtoken, test->server_rsa_private_key, &username, &password, &ts);
+ int rc = decode_auth_setting(test->debug, test->settings->authtoken, test->server_rsa_private_key, &username, &password, &ts, test->use_pkcs1_padding);
if (rc) {
return -1;
}
@@ -2255,7 +2259,7 @@ send_parameters(struct iperf_test *test)
#if defined(HAVE_SSL)
/* Send authentication parameters */
if (test->settings->client_username && test->settings->client_password && test->settings->client_rsa_pubkey){
- int rc = encode_auth_setting(test->settings->client_username, test->settings->client_password, test->settings->client_rsa_pubkey, &test->settings->authtoken);
+ int rc = encode_auth_setting(test->settings->client_username, test->settings->client_password, test->settings->client_rsa_pubkey, &test->settings->authtoken, test->use_pkcs1_padding);
if (rc) {
cJSON_Delete(j);
diff --git a/src/iperf_api.h b/src/iperf_api.h
index d2bbdfe96..131314243 100644
--- a/src/iperf_api.h
+++ b/src/iperf_api.h
@@ -100,6 +100,7 @@ typedef atomic_uint_fast64_t atomic_iperf_size_t;
#define OPT_DONT_FRAGMENT 26
#define OPT_RCV_TIMEOUT 27
#define OPT_SND_TIMEOUT 28
+#define OPT_USE_PKCS1_PADDING 30
/* states */
#define TEST_START 1
diff --git a/src/iperf_auth.c b/src/iperf_auth.c
index c89bde7c3..398e7d76b 100644
--- a/src/iperf_auth.c
+++ b/src/iperf_auth.c
@@ -230,7 +230,7 @@ int test_load_private_key_from_file(const char *file){
return 0;
}
-int encrypt_rsa_message(const char *plaintext, EVP_PKEY *public_key, unsigned char **encryptedtext) {
+int encrypt_rsa_message(const char *plaintext, EVP_PKEY *public_key, unsigned char **encryptedtext, int use_pkcs1_padding) {
#if OPENSSL_VERSION_MAJOR >= 3
EVP_PKEY_CTX *ctx;
#else
@@ -257,12 +257,19 @@ int encrypt_rsa_message(const char *plaintext, EVP_PKEY *public_key, unsigned ch
BIO *bioBuff = BIO_new_mem_buf((void*)plaintext, (int)strlen(plaintext));
rsa_buffer_len = BIO_read(bioBuff, rsa_buffer, keysize * 2);
+
+ int padding = RSA_PKCS1_OAEP_PADDING;
+ if (use_pkcs1_padding){
+ padding = RSA_PKCS1_PADDING;
+ }
#if OPENSSL_VERSION_MAJOR >= 3
EVP_PKEY_encrypt_init(ctx);
+ EVP_PKEY_CTX_set_rsa_padding(ctx, padding);
+
EVP_PKEY_encrypt(ctx, *encryptedtext, &encryptedtext_len, rsa_buffer, rsa_buffer_len);
EVP_PKEY_CTX_free(ctx);
#else
- encryptedtext_len = RSA_public_encrypt(rsa_buffer_len, rsa_buffer, *encryptedtext, rsa, RSA_PKCS1_PADDING);
+ encryptedtext_len = RSA_public_encrypt(rsa_buffer_len, rsa_buffer, *encryptedtext, rsa, padding);
RSA_free(rsa);
#endif
@@ -280,7 +287,7 @@ int encrypt_rsa_message(const char *plaintext, EVP_PKEY *public_key, unsigned ch
return 0;
}
-int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedtext_len, EVP_PKEY *private_key, unsigned char **plaintext) {
+int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedtext_len, EVP_PKEY *private_key, unsigned char **plaintext, int use_pkcs1_padding) {
#if OPENSSL_VERSION_MAJOR >= 3
EVP_PKEY_CTX *ctx;
#else
@@ -307,13 +314,22 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
BIO *bioBuff = BIO_new_mem_buf((void*)encryptedtext, encryptedtext_len);
rsa_buffer_len = BIO_read(bioBuff, rsa_buffer, keysize * 2);
+
+ int padding = RSA_PKCS1_OAEP_PADDING;
+ if (use_pkcs1_padding){
+ padding = RSA_PKCS1_PADDING;
+ }
#if OPENSSL_VERSION_MAJOR >= 3
plaintext_len = keysize;
EVP_PKEY_decrypt_init(ctx);
+ int ret = EVP_PKEY_CTX_set_rsa_padding(ctx, padding);
+ if (ret < 0){
+ goto errreturn;
+ }
EVP_PKEY_decrypt(ctx, *plaintext, &plaintext_len, rsa_buffer, rsa_buffer_len);
EVP_PKEY_CTX_free(ctx);
#else
- plaintext_len = RSA_private_decrypt(rsa_buffer_len, rsa_buffer, *plaintext, rsa, RSA_PKCS1_PADDING);
+ plaintext_len = RSA_private_decrypt(rsa_buffer_len, rsa_buffer, *plaintext, rsa, padding);
RSA_free(rsa);
#endif
@@ -331,7 +347,7 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
return 0;
}
-int encode_auth_setting(const char *username, const char *password, EVP_PKEY *public_key, char **authtoken){
+int encode_auth_setting(const char *username, const char *password, EVP_PKEY *public_key, char **authtoken, int use_pkcs1_padding){
time_t t = time(NULL);
time_t utc_seconds = mktime(localtime(&t));
@@ -348,7 +364,7 @@ int encode_auth_setting(const char *username, const char *password, EVP_PKEY *pu
unsigned char *encrypted = NULL;
int encrypted_len;
- encrypted_len = encrypt_rsa_message(text, public_key, &encrypted);
+ encrypted_len = encrypt_rsa_message(text, public_key, &encrypted, use_pkcs1_padding);
free(text);
if (encrypted_len < 0) {
return -1;
@@ -359,7 +375,7 @@ int encode_auth_setting(const char *username, const char *password, EVP_PKEY *pu
return (0); //success
}
-int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *private_key, char **username, char **password, time_t *ts){
+int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *private_key, char **username, char **password, time_t *ts, int use_pkcs1_padding){
unsigned char *encrypted_b64 = NULL;
size_t encrypted_len_b64;
int64_t utc_seconds;
@@ -367,7 +383,7 @@ int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *priva
unsigned char *plaintext = NULL;
int plaintext_len;
- plaintext_len = decrypt_rsa_message(encrypted_b64, encrypted_len_b64, private_key, &plaintext);
+ plaintext_len = decrypt_rsa_message(encrypted_b64, encrypted_len_b64, private_key, &plaintext, use_pkcs1_padding);
free(encrypted_b64);
if (plaintext_len < 0) {
return -1;
diff --git a/src/iperf_auth.h b/src/iperf_auth.h
index ffadbf3e5..eedd45abd 100644
--- a/src/iperf_auth.h
+++ b/src/iperf_auth.h
@@ -35,7 +35,7 @@ EVP_PKEY *load_pubkey_from_file(const char *file);
EVP_PKEY *load_pubkey_from_base64(const char *buffer);
EVP_PKEY *load_privkey_from_file(const char *file);
EVP_PKEY *load_privkey_from_base64(const char *buffer);
-int encode_auth_setting(const char *username, const char *password, EVP_PKEY *public_key, char **authtoken);
-int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *private_key, char **username, char **password, time_t *ts);
+int encode_auth_setting(const char *username, const char *password, EVP_PKEY *public_key, char **authtoken, int use_pkcs1_padding);
+int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *private_key, char **username, char **password, time_t *ts, int use_pkcs1_padding);
int check_authentication(const char *username, const char *password, const time_t ts, const char *filename, int skew_threshold);
ssize_t iperf_getpass (char **lineptr, size_t *n, FILE *stream);
diff --git a/src/iperf_locale.c b/src/iperf_locale.c
index ae0f63a41..9d94e0234 100644
--- a/src/iperf_locale.c
+++ b/src/iperf_locale.c
@@ -148,6 +148,7 @@ const char usage_longstr[] = "Usage: iperf3 [-s|-c host] [options]\n"
" credentials\n"
" --time-skew-threshold time skew threshold (in seconds) between the server\n"
" and client during the authentication process\n"
+ " --use-pkcs1-padding use pkcs1 padding at your own risk\n"
#endif //HAVE_SSL
"Client specific:\n"
" -c, --client <host>[%%<dev>] run in client mode, connecting to <host>\n"
diff --git a/src/t_auth.c b/src/t_auth.c
index 77c225531..3b0fd2f32 100644
--- a/src/t_auth.c
+++ b/src/t_auth.c
@@ -101,8 +101,9 @@ test_authtoken(const char *authUser, const char *authPassword, EVP_PKEY *pubkey,
char *decodePassword;
time_t decodeTime;
- assert(encode_auth_setting(authUser, authPassword, pubkey, &authToken) == 0);
- assert(decode_auth_setting(0, authToken, privkey, &decodeUser, &decodePassword, &decodeTime) == 0);
+ int use_pkcs1_padding = 1;
+ assert(encode_auth_setting(authUser, authPassword, pubkey, &authToken, use_pkcs1_padding) == 0);
+ assert(decode_auth_setting(0, authToken, privkey, &decodeUser, &decodePassword, &decodeTime, use_pkcs1_padding) == 0);
assert(strcmp(decodeUser, authUser) == 0);
assert(strcmp(decodePassword, authPassword) == 0);
From 3006413849c0aa9a70503b736497130c781b4675 Mon Sep 17 00:00:00 2001
From: "Bruce A. Mah" <bmah@es.net>
Date: Mon, 22 Apr 2024 15:19:51 -0700
Subject: [PATCH 2/3] Manual page update for --use-pkcs1-padding.
---
src/iperf3.1 | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/iperf3.1 b/src/iperf3.1
index 2efd53dea..2561414f5 100644
--- a/src/iperf3.1
+++ b/src/iperf3.1
@@ -193,6 +193,15 @@ parameter is specified in ms, and defaults to the system settings.
This functionality depends on the TCP_USER_TIMEOUT socket option, and
will not work on systems that do not support it.
.TP
+.BR --use-pkcs1-padding
+This option is only meaningful when using iperf3's authentication
+features. Versions of iperf3 prior to 3.17 used PCKS1 padding in the
+RSA-encrypted credentials, which was vulnerable to a side-channel
+attack that could reveal a server's private key. Beginning with
+iperf-3.17, OAEP padding is used, however this is a breaking change
+that is not compatible with older iperf3 versions. Use this option to
+preserve the less secure, but more compatible, behavior.
+.TP
.BR -d ", " --debug " "
emit debugging output.
Primarily (perhaps exclusively) of use to developers.
From fbd99b145c3e1b3890ff1dbdb20b91f631b3e85b Mon Sep 17 00:00:00 2001
From: "Bruce A. Mah" <bmah@es.net>
Date: Mon, 22 Apr 2024 16:13:19 -0700
Subject: [PATCH 3/3] Treat a decryption error as an empty string.
---
src/iperf_auth.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/iperf_auth.c b/src/iperf_auth.c
index 398e7d76b..72e85fc9a 100644
--- a/src/iperf_auth.c
+++ b/src/iperf_auth.c
@@ -336,8 +336,9 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt
OPENSSL_free(rsa_buffer);
BIO_free(bioBuff);
- if (plaintext_len <= 0) {
- goto errreturn;
+ /* Treat a decryption error as an empty string. */
+ if (plaintext_len < 0) {
+ plaintext_len = 0;
}
return plaintext_len;

10
iperf3.spec
View File

@ -1,13 +1,15 @@
Name: iperf3
Version: 3.16
Release: 2
Release: 3
Summary: TCP,UDP,and SCTP network bandwidth measurement tool
License: BSD
URL: http://github.com/esnet/iperf
Source0: https://github.com/esnet/iperf/archive/%{version}/iperf-%{version}.tar.gz
Patch0: CVE-2024-26306.patch
BuildRequires: libuuid-devel gcc lksctp-tools-devel
Requires: lksctp-tools
Requires: %{name}-help = %{version}-%{release}
%description
Iperf is a tool for active measurements of the maximum achievable bandwidth
@ -54,6 +56,9 @@ mkdir -p %{buildroot}%{_mandir}/man1
%{_mandir}/man3/libiperf.3.gz
%changelog
* Tue May 14 2024 wangkai <13474090681@163.com> - 3.16-3
- Fix CVE-2024-26306
* Mon Apr 29 2024 jinzhiguang <jinzhiguang@kylinos.cn> - 3.16-2
- add BuildRequires and Requires to enable sctp option
@ -69,5 +74,8 @@ mkdir -p %{buildroot}%{_mandir}/man1
* Tue Jan 4 2022 liyanan <liyanan32@huawei.com> - 3.10.1-1
- Upgrade to 3.10.1
* Fri Nov 06 2020 leiju <leiju4@huawei.com> - 3.6-5
- Add Requires iperf3-help into iperf3
* Tue Nov 26 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.6-4
- Package init