Pullup ticket 3299 - requested by tez

security fixes Revisions pulled up: - pkgsrc/security/mit-krb5/Makefile 1.50 - pkgsrc/security/mit-krb5/distinfo 1.26 Files added: pkgsrc/security/mit-krb5/patches/patch-ca pkgsrc/security/mit-krb5/patches/patch-cb pkgsrc/security/mit-krb5/patches/patch-cc pkgsrc/security/mit-krb5/patches/patch-cd ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tez Date: Fri Dec 3 20:11:31 UTC 2010 Modified Files: pkgsrc/security/mit-krb5: Makefile distinfo Added Files: pkgsrc/security/mit-krb5/patches: patch-ca patch-cb patch-cc patch-cd Log Message: add fix for CVE-2010-1323 from http://web.mit.edu/kerberos/advisories/2010-007-patch-r15.txt To generate a diff of this commit: cvs rdiff -u -r1.49 -r1.50 pkgsrc/security/mit-krb5/Makefile cvs rdiff -u -r1.25 -r1.26 pkgsrc/security/mit-krb5/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/security/mit-krb5/patches/patch-ca \ pkgsrc/security/mit-krb5/patches/patch-cb \ pkgsrc/security/mit-krb5/patches/patch-cc \ pkgsrc/security/mit-krb5/patches/patch-cd
author: spz <spz> 2010-12-12 15:20:08 +0000
committer: spz <spz> 2010-12-12 15:20:08 +0000
commit: 3849d68e24dedfc764614b96bfb5da63031b6424 (patch)
tree: de2171f9f2118052e4fcd53cc624f02b6520f14f
parent: 039645c2ec2cfda2e9f2bf45610136df8766435d (diff)
download: pkgsrc-3849d68e24dedfc764614b96bfb5da63031b6424.tar.gz
6 files changed, 108 insertions, 3 deletions
diff --git a/security/mit-krb5/Makefile b/security/mit-krb5/Makefile
index bf8a31d7849..6b4e73055c2 100644
--- a/security/mit-krb5/Makefile
+++ b/security/mit-krb5/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.49 2010/05/20 14:21:23 tez Exp $
+# $NetBSD: Makefile,v 1.49.4.1 2010/12/12 15:20:08 spz Exp $
 
 DISTNAME=	krb5-1.4.2
 PKGNAME=	mit-${DISTNAME:S/-signed$//}
-PKGREVISION=	10
+PKGREVISION=	11
 CATEGORIES=	security
 MASTER_SITES=	http://web.mit.edu/kerberos/dist/krb5/1.4/
 DISTFILES=	${DISTNAME}-signed${EXTRACT_SUFX}
diff --git a/security/mit-krb5/distinfo b/security/mit-krb5/distinfo
index 8b130601106..cc72eb470bc 100644
--- a/security/mit-krb5/distinfo
+++ b/security/mit-krb5/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.25 2010/05/20 14:21:23 tez Exp $
+$NetBSD: distinfo,v 1.25.4.1 2010/12/12 15:20:08 spz Exp $
 
 SHA1 (krb5-1.4.2-signed.tar) = bbc03bd319d539fb9523c2545d80ba0784522e88
 RMD160 (krb5-1.4.2-signed.tar) = 44500f5fab8e5959cf43f17f5f52f68e2dc73a1f
@@ -53,3 +53,7 @@ SHA1 (patch-bu) = bf0688bd703c3dcfa27934e0a6bc43230251512e
 SHA1 (patch-bv) = b07fc44dcc577bffece1eb85f5f93e4c10a58e00
 SHA1 (patch-bw) = ffdf13931306b15b9282863926f769f079ffe8f9
 SHA1 (patch-bx) = d0e54b7e50f066c0680e982bb251c763e9104e24
+SHA1 (patch-ca) = 93c234c007f2dafa0221d1bd1d3ed4953fc116c9
+SHA1 (patch-cb) = 9d892ed2993178085dd7df565afb794fe18f0f06
+SHA1 (patch-cc) = 6fe639b33da7756f6e9ad1a03e2f40d74ddb9c6d
+SHA1 (patch-cd) = 8339ac4305865b8e540a0f1bb14c1f1478447c0b
diff --git a/security/mit-krb5/patches/patch-ca b/security/mit-krb5/patches/patch-ca
new file mode 100644
index 00000000000..62684df413d
--- /dev/null
+++ b/security/mit-krb5/patches/patch-ca
@@ -0,0 +1,22 @@
+$NetBSD: patch-ca,v 1.1.2.2 2010/12/12 15:20:09 spz Exp $
+
+CVE-2010-1323 fix
+
+--- lib/crypto/keyed_checksum_types.c.orig	2010-12-03 11:36:00.476825900 -0600
++++ lib/crypto/keyed_checksum_types.c	2010-12-03 11:37:44.915328600 -0600
+@@ -51,6 +51,15 @@
+ {
+     unsigned int i, c;
+ 
++    if (enctype == ENCTYPE_ARCFOUR_HMAC ||
++	enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
++	*count = 1;
++	if ((*cksumtypes = malloc(sizeof(krb5_cksumtype))) == NULL)
++	    return(ENOMEM);
++	(*cksumtypes)[0] = CKSUMTYPE_HMAC_MD5_ARCFOUR;
++	return(0);
++    }
++
+     c = 0;
+     for (i=0; i<krb5_cksumtypes_length; i++) {
+ 	if ((krb5_cksumtypes_list[i].keyhash &&
diff --git a/security/mit-krb5/patches/patch-cb b/security/mit-krb5/patches/patch-cb
new file mode 100644
index 00000000000..014def256af
--- /dev/null
+++ b/security/mit-krb5/patches/patch-cb
@@ -0,0 +1,15 @@
+$NetBSD: patch-cb,v 1.1.2.2 2010/12/12 15:20:09 spz Exp $
+
+CVE-2010-1323 fix
+
+--- lib/crypto/dk/derive.c.orig	2010-12-03 11:38:08.683111800 -0600
++++ lib/crypto/dk/derive.c	2010-12-03 11:38:50.395857000 -0600
+@@ -40,6 +40,8 @@
+     keybytes = enc->keybytes;
+     keylength = enc->keylength;
+ 
++    if (blocksize == 1)
++	return(KRB5_BAD_ENCTYPE);
+     if ((inkey->length != keylength) ||
+ 	(outkey->length != keylength))
+ 	return(KRB5_CRYPTO_INTERNAL);
diff --git a/security/mit-krb5/patches/patch-cc b/security/mit-krb5/patches/patch-cc
new file mode 100644
index 00000000000..e793467b248
--- /dev/null
+++ b/security/mit-krb5/patches/patch-cc
@@ -0,0 +1,25 @@
+$NetBSD: patch-cc,v 1.1.2.2 2010/12/12 15:20:09 spz Exp $
+
+CVE-2010-1323 fix
+
+--- lib/krb5/krb/preauth2.c.orig	2010-12-03 11:39:40.124063600 -0600
++++ lib/krb5/krb/preauth2.c	2010-12-03 11:41:33.300010400 -0600
+@@ -665,7 +665,9 @@
+ 
+    cksum = sc2->sam_cksum;
+    
+-   while (*cksum) {
++   for (; *cksum; cksum++) {
++	if (!krb5_c_is_keyed_cksum((*cksum)->checksum_type))
++	    continue;
+ 	/* Check this cksum */
+ 	retval = krb5_c_verify_checksum(context, as_key,
+ 			KRB5_KEYUSAGE_PA_SAM_CHALLENGE_CKSUM,
+@@ -679,7 +681,6 @@
+ 	}
+ 	if (valid_cksum)
+ 	   break;
+-	cksum++;
+    }
+ 
+    if (!valid_cksum) {
diff --git a/security/mit-krb5/patches/patch-cd b/security/mit-krb5/patches/patch-cd
new file mode 100644
index 00000000000..b56d2e67b43
--- /dev/null
+++ b/security/mit-krb5/patches/patch-cd
@@ -0,0 +1,39 @@
+$NetBSD: patch-cd,v 1.1.2.2 2010/12/12 15:20:09 spz Exp $
+
+CVE-2010-1323 fix
+
+--- lib/krb5/krb/mk_safe.c.orig	2010-12-03 11:41:53.890970000 -0600
++++ lib/krb5/krb/mk_safe.c	2010-12-03 11:44:00.588325800 -0600
+@@ -212,10 +212,29 @@
+ 	for (i = 0; i < nsumtypes; i++)
+ 		if (auth_context->safe_cksumtype == sumtypes[i])
+ 			break;
+-	if (i == nsumtypes)
+-		i = 0;
+-	sumtype = sumtypes[i];
+ 	krb5_free_cksumtypes (context, sumtypes);
++	if (i < nsumtypes)
++	    sumtype = auth_context->safe_cksumtype;
++	else {
++	    switch (keyblock->enctype) {
++	    case ENCTYPE_DES_CBC_MD4:
++		sumtype = CKSUMTYPE_RSA_MD4_DES;
++		break;
++	    case ENCTYPE_DES_CBC_MD5:
++	    case ENCTYPE_DES_CBC_CRC:
++		sumtype = CKSUMTYPE_RSA_MD5_DES;
++		break;
++	    default:
++		retval = krb5int_c_mandatory_cksumtype(context,
++						       keyblock->enctype,
++						       &sumtype);
++		if (retval) {
++		    CLEANUP_DONE();
++		    goto error;
++		}
++		break;
++	    }
++	}
+     }
+     if ((retval = krb5_mk_safe_basic(context, userdata, keyblock, &replaydata, 
+ 				     plocal_fulladdr, premote_fulladdr,
author	spz <spz>	2010-12-12 15:20:08 +0000
committer	spz <spz>	2010-12-12 15:20:08 +0000
commit	3849d68e24dedfc764614b96bfb5da63031b6424 (patch)
tree	de2171f9f2118052e4fcd53cc624f02b6520f14f
parent	039645c2ec2cfda2e9f2bf45610136df8766435d (diff)
download	pkgsrc-3849d68e24dedfc764614b96bfb5da63031b6424.tar.gz