fix CVE-2020-15078
This commit is contained in:
wang_yue111
parent
6648135342
commit
c5c39a744e
39
CVE-2020-15078.patch
Normal file
39
CVE-2020-15078.patch
Normal file
@ -0,0 +1,39 @@
|
||||
From 6b03967183591d8a7e619caaf529f7581619326b Mon Sep 17 00:00:00 2001
|
||||
From: Arne Schwabe <arne@rfc2549.org>
|
||||
Date: Tue, 6 Apr 2021 00:05:21 +0200
|
||||
Subject: [PATCH] Ensure key state is authenticated before sending push reply
|
||||
|
||||
This ensures that the key state is authenticated when sendinga push reply.
|
||||
---
|
||||
src/openvpn/push.c | 8 +++++++-
|
||||
1 file changed, 7 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/openvpn/push.c b/src/openvpn/push.c
|
||||
index dd5bd41..fcdd76b 100644
|
||||
--- a/src/openvpn/push.c
|
||||
+++ b/src/openvpn/push.c
|
||||
@@ -647,6 +647,7 @@ int
|
||||
process_incoming_push_request(struct context *c)
|
||||
{
|
||||
int ret = PUSH_MSG_ERROR;
|
||||
+ struct key_state *ks = &c->c2.tls_multi->session[TM_ACTIVE].key[KS_PRIMARY];
|
||||
|
||||
#ifdef ENABLE_ASYNC_PUSH
|
||||
c->c2.push_request_received = true;
|
||||
@@ -657,7 +658,12 @@ process_incoming_push_request(struct context *c)
|
||||
send_auth_failed(c, client_reason);
|
||||
ret = PUSH_MSG_AUTH_FAILURE;
|
||||
}
|
||||
- else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED)
|
||||
+ else if (!c->c2.push_reply_deferred && c->c2.context_auth == CAS_SUCCEEDED
|
||||
+ && ks->authenticated
|
||||
+ #ifdef ENABLE_DEF_AUTH
|
||||
+ && !ks->auth_deferred
|
||||
+ #endif
|
||||
+ )
|
||||
{
|
||||
time_t now;
|
||||
|
||||
--
|
||||
2.23.0
|
||||
|
||||
10
openvpn.spec
10
openvpn.spec
@ -1,12 +1,12 @@
|
||||
Name: openvpn
|
||||
Version: 2.4.8
|
||||
Release: 4
|
||||
Release: 5
|
||||
Summary: A full-featured open source SSL VPN solution
|
||||
License: GPLv2 and OpenSSL and SSLeay
|
||||
URL: https://community.openvpn.net/openvpn
|
||||
Source0: https://swupdate.openvpn.org/community/releases/openvpn-%{version}.tar.gz
|
||||
Patch0000: CVE-2020-11810.patch
|
||||
|
||||
Patch0001: CVE-2020-15078.patch
|
||||
BuildRequires: openssl-devel lz4-devel systemd-devel lzo-devel
|
||||
BuildRequires: iproute pam-devel pkcs11-helper-devel >= 1.11
|
||||
|
||||
@ -36,8 +36,7 @@ User guide and other related documents for %{name}.
|
||||
|
||||
|
||||
%prep
|
||||
%setup -q -n %{name}-%{version}
|
||||
%patch0000 -p1
|
||||
%autosetup -n %{name}-%{version} -p1
|
||||
|
||||
%build
|
||||
%configure --enable-x509-alt-username --enable-iproute2 --with-crypto-library=openssl --enable-pkcs11 --enable-selinux --enable-systemd SYSTEMD_UNIT_DIR=%{_unitdir} TMPFILES_DIR=%{_tmpfilesdir} IPROUTE=/sbin/ip
|
||||
@ -124,6 +123,9 @@ fi
|
||||
%{_mandir}/man8/%{name}.8*
|
||||
|
||||
%changelog
|
||||
* Tue May 25 2021 wangyue <wangyue92@huawei.com> - 2.4.8-5
|
||||
- fix CVE-2020-15078
|
||||
|
||||
* Thu Feb 04 2021 wangyue <wangyue92@huawei.com> 2.4.8-4
|
||||
- fix CVE-2020-11810
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user