diff options
Diffstat (limited to 'meta-networking/recipes-support/ntp/files/ntp-4.2.6p5-cve-2014-9294.patch')
-rw-r--r-- | meta-networking/recipes-support/ntp/files/ntp-4.2.6p5-cve-2014-9294.patch | 128 |
1 files changed, 128 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/ntp/files/ntp-4.2.6p5-cve-2014-9294.patch b/meta-networking/recipes-support/ntp/files/ntp-4.2.6p5-cve-2014-9294.patch new file mode 100644 index 000000000..67e532b9d --- /dev/null +++ b/meta-networking/recipes-support/ntp/files/ntp-4.2.6p5-cve-2014-9294.patch | |||
@@ -0,0 +1,128 @@ | |||
1 | CVE-2014-9294 ntp: ntp-keygen uses weak random number generator and seed when generating MD5 keys | ||
2 | |||
3 | Upstream-Status: Backport [Debian] | ||
4 | |||
5 | Signed-off-by: Armin Kuster <akuster808@gmail.com> | ||
6 | |||
7 | Index: ntp-4.2.6p5/include/ntp_random.h | ||
8 | =================================================================== | ||
9 | --- ntp-4.2.6p5.orig/include/ntp_random.h | ||
10 | +++ ntp-4.2.6p5/include/ntp_random.h | ||
11 | @@ -1,6 +1,9 @@ | ||
12 | |||
13 | #include <ntp_types.h> | ||
14 | |||
15 | +void ntp_crypto_srandom(void); | ||
16 | +int ntp_crypto_random_buf(void *buf, size_t nbytes); | ||
17 | + | ||
18 | long ntp_random (void); | ||
19 | void ntp_srandom (unsigned long); | ||
20 | void ntp_srandomdev (void); | ||
21 | Index: ntp-4.2.6p5/libntp/ntp_random.c | ||
22 | =================================================================== | ||
23 | --- ntp-4.2.6p5.orig/libntp/ntp_random.c | ||
24 | +++ ntp-4.2.6p5/libntp/ntp_random.c | ||
25 | @@ -481,3 +481,74 @@ ntp_random( void ) | ||
26 | } | ||
27 | return(i); | ||
28 | } | ||
29 | + | ||
30 | +/* | ||
31 | + * Crypto-quality random number functions | ||
32 | + * | ||
33 | + * Author: Harlan Stenn, 2014 | ||
34 | + * | ||
35 | + * This file is Copyright (c) 2014 by Network Time Foundation. | ||
36 | + * BSD terms apply: see the file COPYRIGHT in the distribution root for details. | ||
37 | + */ | ||
38 | + | ||
39 | +#ifdef OPENSSL | ||
40 | +#include <openssl/err.h> | ||
41 | +#include <openssl/rand.h> | ||
42 | + | ||
43 | +int crypto_rand_init = 0; | ||
44 | +#endif | ||
45 | + | ||
46 | +/* | ||
47 | + * ntp_crypto_srandom: | ||
48 | + * | ||
49 | + * Initialize the random number generator, if needed by the underlying | ||
50 | + * crypto random number generation mechanism. | ||
51 | + */ | ||
52 | + | ||
53 | +void | ||
54 | +ntp_crypto_srandom( | ||
55 | + void | ||
56 | + ) | ||
57 | +{ | ||
58 | +#ifdef OPENSSL | ||
59 | + if (!crypto_rand_init) { | ||
60 | + RAND_poll(); | ||
61 | + crypto_rand_init = 1; | ||
62 | + } | ||
63 | +#else | ||
64 | + /* No initialization needed for arc4random() */ | ||
65 | +#endif | ||
66 | +} | ||
67 | + | ||
68 | +/* | ||
69 | + * ntp_crypto_random_buf: | ||
70 | + * | ||
71 | + * Returns 0 on success, -1 on error. | ||
72 | + */ | ||
73 | +int | ||
74 | +ntp_crypto_random_buf( | ||
75 | + void *buf, | ||
76 | + size_t nbytes | ||
77 | + ) | ||
78 | +{ | ||
79 | +#ifdef OPENSSL | ||
80 | + int rc; | ||
81 | + | ||
82 | + rc = RAND_bytes(buf, nbytes); | ||
83 | + if (1 != rc) { | ||
84 | + unsigned long err; | ||
85 | + char *err_str; | ||
86 | + | ||
87 | + err = ERR_get_error(); | ||
88 | + err_str = ERR_error_string(err, NULL); | ||
89 | + /* XXX: Log the error */ | ||
90 | + | ||
91 | + return -1; | ||
92 | + } | ||
93 | + return 0; | ||
94 | +#else | ||
95 | + arc4random_buf(buf, nbytes); | ||
96 | + return 0; | ||
97 | +#endif | ||
98 | +} | ||
99 | + | ||
100 | Index: ntp-4.2.6p5/util/ntp-keygen.c | ||
101 | =================================================================== | ||
102 | --- ntp-4.2.6p5.orig/util/ntp-keygen.c | ||
103 | +++ ntp-4.2.6p5/util/ntp-keygen.c | ||
104 | @@ -261,6 +261,8 @@ main( | ||
105 | ssl_check_version(); | ||
106 | #endif /* OPENSSL */ | ||
107 | |||
108 | + ntp_crypto_srandom(); | ||
109 | + | ||
110 | /* | ||
111 | * Process options, initialize host name and timestamp. | ||
112 | */ | ||
113 | @@ -727,7 +729,14 @@ gen_md5( | ||
114 | int temp; | ||
115 | |||
116 | while (1) { | ||
117 | - temp = ntp_random() & 0xff; | ||
118 | + int rc; | ||
119 | + | ||
120 | + rc = ntp_crypto_random_buf(&temp, 1); | ||
121 | + if (-1 == rc) { | ||
122 | + fprintf(stderr, "ntp_crypto_random_buf() failed.\n"); | ||
123 | + exit (-1); | ||
124 | + } | ||
125 | + temp &= 0xff; | ||
126 | if (temp == '#') | ||
127 | continue; | ||
128 | |||