diff --git a/CVE-2024-26306.patch b/CVE-2024-26306.patch new file mode 100644 index 0000000000000000000000000000000000000000..3cd27342696c5d04fa9cfcc5468862959294e802 --- /dev/null +++ b/CVE-2024-26306.patch @@ -0,0 +1,286 @@ +Origin: +https://github.com/esnet/iperf/pull/1695 +https://github.com/esnet/iperf/releases/tag/3.17 + +From 299b356df6939f71619bf45bf7a7d2222e17d840 Mon Sep 17 00:00:00 2001 +From: Sarah Larsen +Date: Wed, 20 Mar 2024 17:02:31 -0700 +Subject: [PATCH 1/3] Using OAEP padding instead of PKCS1 padding for OpenSSL. + Fix for CVE-2024-26306. + +Special thanks to Hubert Kario at Red Hat for finding the vulnerability. +--- + src/iperf.h | 1 + + src/iperf_api.c | 8 ++++++-- + src/iperf_api.h | 1 + + src/iperf_auth.c | 32 ++++++++++++++++++++++++-------- + src/iperf_auth.h | 4 ++-- + src/iperf_locale.c | 1 + + src/t_auth.c | 5 +++-- + 7 files changed, 38 insertions(+), 14 deletions(-) + +diff --git a/src/iperf.h b/src/iperf.h +index c1d839be1..527e549ed 100644 +--- a/src/iperf.h ++++ b/src/iperf.h +@@ -319,6 +319,7 @@ struct iperf_test + char *server_authorized_users; + EVP_PKEY *server_rsa_private_key; + int server_skew_threshold; ++ int use_pkcs1_padding; + #endif // HAVE_SSL + + /* boolean variables for Options */ +diff --git a/src/iperf_api.c b/src/iperf_api.c +index d40561c10..7fb741e77 100644 +--- a/src/iperf_api.c ++++ b/src/iperf_api.c +@@ -1137,6 +1137,7 @@ iperf_parse_arguments(struct iperf_test *test, int argc, char **argv) + {"rsa-private-key-path", required_argument, NULL, OPT_SERVER_RSA_PRIVATE_KEY}, + {"authorized-users-path", required_argument, NULL, OPT_SERVER_AUTHORIZED_USERS}, + {"time-skew-threshold", required_argument, NULL, OPT_SERVER_SKEW_THRESHOLD}, ++ {"use-pkcs1-padding", no_argument, NULL, OPT_USE_PKCS1_PADDING}, + #endif /* HAVE_SSL */ + {"fq-rate", required_argument, NULL, OPT_FQ_RATE}, + {"pacing-timer", required_argument, NULL, OPT_PACING_TIMER}, +@@ -1630,6 +1631,9 @@ iperf_parse_arguments(struct iperf_test *test, int argc, char **argv) + return -1; + } + break; ++ case OPT_USE_PKCS1_PADDING: ++ test->use_pkcs1_padding = 1; ++ break; + #endif /* HAVE_SSL */ + case OPT_PACING_TIMER: + test->settings->pacing_timer = unit_atoi(optarg); +@@ -2070,7 +2074,7 @@ int test_is_authorized(struct iperf_test *test){ + if (test->settings->authtoken){ + char *username = NULL, *password = NULL; + time_t ts; +- int rc = decode_auth_setting(test->debug, test->settings->authtoken, test->server_rsa_private_key, &username, &password, &ts); ++ int rc = decode_auth_setting(test->debug, test->settings->authtoken, test->server_rsa_private_key, &username, &password, &ts, test->use_pkcs1_padding); + if (rc) { + return -1; + } +@@ -2255,7 +2259,7 @@ send_parameters(struct iperf_test *test) + #if defined(HAVE_SSL) + /* Send authentication parameters */ + if (test->settings->client_username && test->settings->client_password && test->settings->client_rsa_pubkey){ +- int rc = encode_auth_setting(test->settings->client_username, test->settings->client_password, test->settings->client_rsa_pubkey, &test->settings->authtoken); ++ int rc = encode_auth_setting(test->settings->client_username, test->settings->client_password, test->settings->client_rsa_pubkey, &test->settings->authtoken, test->use_pkcs1_padding); + + if (rc) { + cJSON_Delete(j); +diff --git a/src/iperf_api.h b/src/iperf_api.h +index d2bbdfe96..131314243 100644 +--- a/src/iperf_api.h ++++ b/src/iperf_api.h +@@ -100,6 +100,7 @@ typedef atomic_uint_fast64_t atomic_iperf_size_t; + #define OPT_DONT_FRAGMENT 26 + #define OPT_RCV_TIMEOUT 27 + #define OPT_SND_TIMEOUT 28 ++#define OPT_USE_PKCS1_PADDING 30 + + /* states */ + #define TEST_START 1 +diff --git a/src/iperf_auth.c b/src/iperf_auth.c +index c89bde7c3..398e7d76b 100644 +--- a/src/iperf_auth.c ++++ b/src/iperf_auth.c +@@ -230,7 +230,7 @@ int test_load_private_key_from_file(const char *file){ + return 0; + } + +-int encrypt_rsa_message(const char *plaintext, EVP_PKEY *public_key, unsigned char **encryptedtext) { ++int encrypt_rsa_message(const char *plaintext, EVP_PKEY *public_key, unsigned char **encryptedtext, int use_pkcs1_padding) { + #if OPENSSL_VERSION_MAJOR >= 3 + EVP_PKEY_CTX *ctx; + #else +@@ -257,12 +257,19 @@ int encrypt_rsa_message(const char *plaintext, EVP_PKEY *public_key, unsigned ch + + BIO *bioBuff = BIO_new_mem_buf((void*)plaintext, (int)strlen(plaintext)); + rsa_buffer_len = BIO_read(bioBuff, rsa_buffer, keysize * 2); ++ ++ int padding = RSA_PKCS1_OAEP_PADDING; ++ if (use_pkcs1_padding){ ++ padding = RSA_PKCS1_PADDING; ++ } + #if OPENSSL_VERSION_MAJOR >= 3 + EVP_PKEY_encrypt_init(ctx); ++ EVP_PKEY_CTX_set_rsa_padding(ctx, padding); ++ + EVP_PKEY_encrypt(ctx, *encryptedtext, &encryptedtext_len, rsa_buffer, rsa_buffer_len); + EVP_PKEY_CTX_free(ctx); + #else +- encryptedtext_len = RSA_public_encrypt(rsa_buffer_len, rsa_buffer, *encryptedtext, rsa, RSA_PKCS1_PADDING); ++ encryptedtext_len = RSA_public_encrypt(rsa_buffer_len, rsa_buffer, *encryptedtext, rsa, padding); + RSA_free(rsa); + #endif + +@@ -280,7 +287,7 @@ int encrypt_rsa_message(const char *plaintext, EVP_PKEY *public_key, unsigned ch + return 0; + } + +-int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedtext_len, EVP_PKEY *private_key, unsigned char **plaintext) { ++int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedtext_len, EVP_PKEY *private_key, unsigned char **plaintext, int use_pkcs1_padding) { + #if OPENSSL_VERSION_MAJOR >= 3 + EVP_PKEY_CTX *ctx; + #else +@@ -307,13 +314,22 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt + + BIO *bioBuff = BIO_new_mem_buf((void*)encryptedtext, encryptedtext_len); + rsa_buffer_len = BIO_read(bioBuff, rsa_buffer, keysize * 2); ++ ++ int padding = RSA_PKCS1_OAEP_PADDING; ++ if (use_pkcs1_padding){ ++ padding = RSA_PKCS1_PADDING; ++ } + #if OPENSSL_VERSION_MAJOR >= 3 + plaintext_len = keysize; + EVP_PKEY_decrypt_init(ctx); ++ int ret = EVP_PKEY_CTX_set_rsa_padding(ctx, padding); ++ if (ret < 0){ ++ goto errreturn; ++ } + EVP_PKEY_decrypt(ctx, *plaintext, &plaintext_len, rsa_buffer, rsa_buffer_len); + EVP_PKEY_CTX_free(ctx); + #else +- plaintext_len = RSA_private_decrypt(rsa_buffer_len, rsa_buffer, *plaintext, rsa, RSA_PKCS1_PADDING); ++ plaintext_len = RSA_private_decrypt(rsa_buffer_len, rsa_buffer, *plaintext, rsa, padding); + RSA_free(rsa); + #endif + +@@ -331,7 +347,7 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt + return 0; + } + +-int encode_auth_setting(const char *username, const char *password, EVP_PKEY *public_key, char **authtoken){ ++int encode_auth_setting(const char *username, const char *password, EVP_PKEY *public_key, char **authtoken, int use_pkcs1_padding){ + time_t t = time(NULL); + time_t utc_seconds = mktime(localtime(&t)); + +@@ -348,7 +364,7 @@ int encode_auth_setting(const char *username, const char *password, EVP_PKEY *pu + + unsigned char *encrypted = NULL; + int encrypted_len; +- encrypted_len = encrypt_rsa_message(text, public_key, &encrypted); ++ encrypted_len = encrypt_rsa_message(text, public_key, &encrypted, use_pkcs1_padding); + free(text); + if (encrypted_len < 0) { + return -1; +@@ -359,7 +375,7 @@ int encode_auth_setting(const char *username, const char *password, EVP_PKEY *pu + return (0); //success + } + +-int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *private_key, char **username, char **password, time_t *ts){ ++int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *private_key, char **username, char **password, time_t *ts, int use_pkcs1_padding){ + unsigned char *encrypted_b64 = NULL; + size_t encrypted_len_b64; + int64_t utc_seconds; +@@ -367,7 +383,7 @@ int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *priva + + unsigned char *plaintext = NULL; + int plaintext_len; +- plaintext_len = decrypt_rsa_message(encrypted_b64, encrypted_len_b64, private_key, &plaintext); ++ plaintext_len = decrypt_rsa_message(encrypted_b64, encrypted_len_b64, private_key, &plaintext, use_pkcs1_padding); + free(encrypted_b64); + if (plaintext_len < 0) { + return -1; +diff --git a/src/iperf_auth.h b/src/iperf_auth.h +index ffadbf3e5..eedd45abd 100644 +--- a/src/iperf_auth.h ++++ b/src/iperf_auth.h +@@ -35,7 +35,7 @@ EVP_PKEY *load_pubkey_from_file(const char *file); + EVP_PKEY *load_pubkey_from_base64(const char *buffer); + EVP_PKEY *load_privkey_from_file(const char *file); + EVP_PKEY *load_privkey_from_base64(const char *buffer); +-int encode_auth_setting(const char *username, const char *password, EVP_PKEY *public_key, char **authtoken); +-int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *private_key, char **username, char **password, time_t *ts); ++int encode_auth_setting(const char *username, const char *password, EVP_PKEY *public_key, char **authtoken, int use_pkcs1_padding); ++int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *private_key, char **username, char **password, time_t *ts, int use_pkcs1_padding); + int check_authentication(const char *username, const char *password, const time_t ts, const char *filename, int skew_threshold); + ssize_t iperf_getpass (char **lineptr, size_t *n, FILE *stream); +diff --git a/src/iperf_locale.c b/src/iperf_locale.c +index ae0f63a41..9d94e0234 100644 +--- a/src/iperf_locale.c ++++ b/src/iperf_locale.c +@@ -148,6 +148,7 @@ const char usage_longstr[] = "Usage: iperf3 [-s|-c host] [options]\n" + " credentials\n" + " --time-skew-threshold time skew threshold (in seconds) between the server\n" + " and client during the authentication process\n" ++ " --use-pkcs1-padding use pkcs1 padding at your own risk\n" + #endif //HAVE_SSL + "Client specific:\n" + " -c, --client [%%] run in client mode, connecting to \n" +diff --git a/src/t_auth.c b/src/t_auth.c +index 77c225531..3b0fd2f32 100644 +--- a/src/t_auth.c ++++ b/src/t_auth.c +@@ -101,8 +101,9 @@ test_authtoken(const char *authUser, const char *authPassword, EVP_PKEY *pubkey, + char *decodePassword; + time_t decodeTime; + +- assert(encode_auth_setting(authUser, authPassword, pubkey, &authToken) == 0); +- assert(decode_auth_setting(0, authToken, privkey, &decodeUser, &decodePassword, &decodeTime) == 0); ++ int use_pkcs1_padding = 1; ++ assert(encode_auth_setting(authUser, authPassword, pubkey, &authToken, use_pkcs1_padding) == 0); ++ assert(decode_auth_setting(0, authToken, privkey, &decodeUser, &decodePassword, &decodeTime, use_pkcs1_padding) == 0); + + assert(strcmp(decodeUser, authUser) == 0); + assert(strcmp(decodePassword, authPassword) == 0); + +From 3006413849c0aa9a70503b736497130c781b4675 Mon Sep 17 00:00:00 2001 +From: "Bruce A. Mah" +Date: Mon, 22 Apr 2024 15:19:51 -0700 +Subject: [PATCH 2/3] Manual page update for --use-pkcs1-padding. + +--- + src/iperf3.1 | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/src/iperf3.1 b/src/iperf3.1 +index 2efd53dea..2561414f5 100644 +--- a/src/iperf3.1 ++++ b/src/iperf3.1 +@@ -193,6 +193,15 @@ parameter is specified in ms, and defaults to the system settings. + This functionality depends on the TCP_USER_TIMEOUT socket option, and + will not work on systems that do not support it. + .TP ++.BR --use-pkcs1-padding ++This option is only meaningful when using iperf3's authentication ++features. Versions of iperf3 prior to 3.17 used PCKS1 padding in the ++RSA-encrypted credentials, which was vulnerable to a side-channel ++attack that could reveal a server's private key. Beginning with ++iperf-3.17, OAEP padding is used, however this is a breaking change ++that is not compatible with older iperf3 versions. Use this option to ++preserve the less secure, but more compatible, behavior. ++.TP + .BR -d ", " --debug " " + emit debugging output. + Primarily (perhaps exclusively) of use to developers. + +From fbd99b145c3e1b3890ff1dbdb20b91f631b3e85b Mon Sep 17 00:00:00 2001 +From: "Bruce A. Mah" +Date: Mon, 22 Apr 2024 16:13:19 -0700 +Subject: [PATCH 3/3] Treat a decryption error as an empty string. + +--- + src/iperf_auth.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/src/iperf_auth.c b/src/iperf_auth.c +index 398e7d76b..72e85fc9a 100644 +--- a/src/iperf_auth.c ++++ b/src/iperf_auth.c +@@ -336,8 +336,9 @@ int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedt + OPENSSL_free(rsa_buffer); + BIO_free(bioBuff); + +- if (plaintext_len <= 0) { +- goto errreturn; ++ /* Treat a decryption error as an empty string. */ ++ if (plaintext_len < 0) { ++ plaintext_len = 0; + } + + return plaintext_len; diff --git a/iperf3.spec b/iperf3.spec index 8697a7effbbfb3e3942d0b441cbdc89fc0c9f5ad..12e3b532695fd9769c19883753043d053260205a 100644 --- a/iperf3.spec +++ b/iperf3.spec @@ -1,12 +1,15 @@ Name: iperf3 Version: 3.16 -Release: 1 +Release: 3 Summary: TCP,UDP,and SCTP network bandwidth measurement tool License: BSD URL: http://github.com/esnet/iperf Source0: https://github.com/esnet/iperf/archive/%{version}/iperf-%{version}.tar.gz +Patch0: CVE-2024-26306.patch -BuildRequires: libuuid-devel gcc +BuildRequires: libuuid-devel gcc lksctp-tools-devel +Requires: lksctp-tools +Requires: %{name}-help = %{version}-%{release} %description Iperf is a tool for active measurements of the maximum achievable bandwidth @@ -53,6 +56,12 @@ mkdir -p %{buildroot}%{_mandir}/man1 %{_mandir}/man3/libiperf.3.gz %changelog +* Tue May 14 2024 wangkai <13474090681@163.com> - 3.16-3 +- Fix CVE-2024-26306 + +* Mon Apr 29 2024 jinzhiguang - 3.16-2 +- add BuildRequires and Requires to enable sctp option + * Tue Apr 02 2024 yaoxin - 3.16-1 - Upgrade to 3.16 for fix CVE-2023-7250 @@ -65,5 +74,8 @@ mkdir -p %{buildroot}%{_mandir}/man1 * Tue Jan 4 2022 liyanan - 3.10.1-1 - Upgrade to 3.10.1 +* Fri Nov 06 2020 leiju - 3.6-5 +- Add Requires iperf3-help into iperf3 + * Tue Nov 26 2019 openEuler Buildteam - 3.6-4 - Package init