Bug#863673: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

2017-06-07 Thread Salvatore Bonaccorso 
Hi Michael,

On Wed, Jun 07, 2017 at 08:30:31AM +0200, Michael Stapelberg wrote:
> Thanks for your reply. I don’t have a way to test the vulnerability either.
> I’d trust Pavel’s assessment and call this done.

I have updated the security-tracker accordingly. So all should be
settled now.

Thanks for your work,

Regards,
Salvatore

Bug#863673: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

2017-06-07 Thread Michael Stapelberg 
Thanks for your reply. I don’t have a way to test the vulnerability either.
I’d trust Pavel’s assessment and call this done.

On Wed, Jun 7, 2017 at 7:10 AM, Salvatore Bonaccorso 
wrote:

> Hi Michael
>
> Looks it was good we had first the issue settle a bit with respect for
> a jessie(-security) upload:
>
> On Thu, Jun 01, 2017 at 11:09:17PM +0200, Michael Stapelberg wrote:
> > The original question of how to proceed still stands. I sent the patch in
> > my previous message; do you want me to upload it, or do you want to
> upload
> > it? If I should do it, let me state for the record that I have no idea
> what
> > I’m doing (I never uploaded to anything but unstable/experimental).
>
> I learned of http://www.openwall.com/lists/oss-security/2017/06/06/5 .
> Can you confirm, is this assessment correct (for us as well in
> stable)? We have a 2.2.5 based version in jessie, and according to
> upstream for the EOL versions only 2.1.1 through 2.1.7 are affected by
> the problem.
>
> I do not have a way to test the vulnerability on my own.
>
> Regards,
> Salvatore
>



-- 
Best regards,
Michael

Bug#863673: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

2017-06-06 Thread Salvatore Bonaccorso 
Hi Michael

Looks it was good we had first the issue settle a bit with respect for
a jessie(-security) upload:

On Thu, Jun 01, 2017 at 11:09:17PM +0200, Michael Stapelberg wrote:
> The original question of how to proceed still stands. I sent the patch in
> my previous message; do you want me to upload it, or do you want to upload
> it? If I should do it, let me state for the record that I have no idea what
> I’m doing (I never uploaded to anything but unstable/experimental).

I learned of http://www.openwall.com/lists/oss-security/2017/06/06/5 .
Can you confirm, is this assessment correct (for us as well in
stable)? We have a 2.2.5 based version in jessie, and according to
upstream for the EOL versions only 2.1.1 through 2.1.7 are affected by
the problem.

I do not have a way to test the vulnerability on my own.

Regards,
Salvatore

Bug#863673: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

2017-06-01 Thread Michael Stapelberg 
Thanks, I agree that updating the FAQ would be good.

The original question of how to proceed still stands. I sent the patch in
my previous message; do you want me to upload it, or do you want to upload
it? If I should do it, let me state for the record that I have no idea what
I’m doing (I never uploaded to anything but unstable/experimental).

On Thu, Jun 1, 2017 at 9:34 AM, Salvatore Bonaccorso 
wrote:

> Hi
>
> On Thu, Jun 01, 2017 at 08:54:57AM +0200, Michael Stapelberg wrote:
> > I got the idea from https://www.debian.org/security/faq#upload. Is the
> FAQ
> > outdated, or did I read it wrong? If the latter, please elaborate so that
> > we can update the docs to be more clear.
>
> The idea behind that FAQ entry is to state that an upload should never
> be done without first having an ack from the security team. The
> dev-ref gives a broather view on how to handle security-issues, and
> interact with the team:
>
> https://www.debian.org/doc/manuals/developers-reference/
> ch05.en.html#bug-security
>
> Maybe we should rephrase a bit the FAQ entry itself.
>
> Regards,
> Salvatore
>



-- 
Best regards,
Michael

Bug#863673: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

2017-06-01 Thread Salvatore Bonaccorso 
Hi

On Thu, Jun 01, 2017 at 08:54:57AM +0200, Michael Stapelberg wrote:
> I got the idea from https://www.debian.org/security/faq#upload. Is the FAQ
> outdated, or did I read it wrong? If the latter, please elaborate so that
> we can update the docs to be more clear.

The idea behind that FAQ entry is to state that an upload should never
be done without first having an ack from the security team. The
dev-ref gives a broather view on how to handle security-issues, and
interact with the team:

https://www.debian.org/doc/manuals/developers-reference/ch05.en.html#bug-security

Maybe we should rephrase a bit the FAQ entry itself.

Regards,
Salvatore

Bug#863673: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

2017-06-01 Thread Michael Stapelberg 
I got the idea from https://www.debian.org/security/faq#upload. Is the FAQ
outdated, or did I read it wrong? If the latter, please elaborate so that
we can update the docs to be more clear.

Note that FreeRADIUS is not complex to test. The only functional tests I do
before uploading are running autopkgtest and checking whether a freshly
installed FreeRADIUS starts up.

Also note that the patch is rather simple — it permanently disables the TLS
session caching by replacing the config option with “false” in the code. I
have attached the corresponding patches for the jessie and wheezy version.

Please let me know how to proceed from here.

On Wed, May 31, 2017 at 10:32 PM, Moritz Muehlenhoff  wrote:

> On Tue, May 30, 2017 at 05:50:20PM +0200, Michael Stapelberg wrote:
> > security-team, can you take care of applying the patch to stable and
> > oldstable please? Thank you.
>
> No, we generally expect maintainers to prepare/test security updates,
> particularly for packages which are complex to test like freeradius.
>
> Cheers,
> Moritz
>



-- 
Best regards,
Michael
diff --git i/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c w/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
index 53955ba..1564238 100644
--- i/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
+++ w/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
@@ -1000,7 +1000,7 @@ static SSL_CTX *init_tls_ctx(EAP_TLS_CONF *conf)
 	/*
 	 *	Callbacks, etc. for session resumption.
 	 */		  
-	if (conf->session_cache_enable) {
+	if (/*conf->session_cache_enable*/0) {
 		SSL_CTX_sess_set_new_cb(ctx, cbtls_new_session);
 		SSL_CTX_sess_set_get_cb(ctx, cbtls_get_session);
 		SSL_CTX_sess_set_remove_cb(ctx, cbtls_remove_session);
@@ -1056,7 +1056,7 @@ static SSL_CTX *init_tls_ctx(EAP_TLS_CONF *conf)
 	/*
 	 *	Setup session caching
 	 */
-	if (conf->session_cache_enable) {
+	if (/*conf->session_cache_enable*/0) {
 		/*
 		 *	Create a unique context Id per EAP-TLS configuration.
 		 */
@@ -1333,7 +1333,7 @@ static int eaptls_initiate(void *type_arg, EAP_HANDLER *handler)
 	 *
 	 *	FIXME: Also do it every N sessions?
 	 */
-	if (inst->conf->session_cache_enable &&
+	if (/*inst->conf->session_cache_enable*/0 &&
 	((inst->conf->session_last_flushed + (inst->conf->session_timeout * 1800)) <= request->timestamp)) {
 		RDEBUG2("Flushing SSL sessions (of #%ld)",
 			SSL_CTX_sess_number(inst->ctx));
@@ -1471,7 +1471,7 @@ static int eaptls_initiate(void *type_arg, EAP_HANDLER *handler)
 		break;
 	}
 
-	if (inst->conf->session_cache_enable) {
+	if (/*inst->conf->session_cache_enable*/0) {
 		ssn->allow_session_resumption = 1; /* otherwise it's zero */
 	}
 
@@ -1558,7 +1558,7 @@ static int eaptls_authenticate(void *arg, EAP_HANDLER *handler)
 		 *	the client can't re-use it.
 		 */
 	default:
-		if (inst->conf->session_cache_enable) {	
+		if (/*inst->conf->session_cache_enable*/0) {
 			SSL_CTX_remove_session(inst->ctx,
 	   tls_session->ssl->session);
 		}
diff --git i/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c w/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
index 04640e9..450b6ff 100644
--- i/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
+++ w/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
@@ -1183,7 +1183,7 @@ static SSL_CTX *init_tls_ctx(EAP_TLS_CONF *conf)
 	/*
 	 *	Callbacks, etc. for session resumption.
 	 */
-	if (conf->session_cache_enable) {
+	if (/*conf->session_cache_enable*/0) {
 		SSL_CTX_sess_set_new_cb(ctx, cbtls_new_session);
 		SSL_CTX_sess_set_get_cb(ctx, cbtls_get_session);
 		SSL_CTX_sess_set_remove_cb(ctx, cbtls_remove_session);
@@ -1241,7 +1241,7 @@ static SSL_CTX *init_tls_ctx(EAP_TLS_CONF *conf)
 	/*
 	 *	Setup session caching
 	 */
-	if (conf->session_cache_enable) {
+	if (/*conf->session_cache_enable*/0) {
 		/*
 		 *	Create a unique context Id per EAP-TLS configuration.
 		 */
@@ -1507,7 +1507,7 @@ static int eaptls_initiate(void *type_arg, EAP_HANDLER *handler)
 	 *
 	 *	FIXME: Also do it every N sessions?
 	 */
-	if (inst->conf.session_cache_enable &&
+	if (/*inst->conf.session_cache_enable*/0 &&
 	((inst->conf.session_last_flushed + (inst->conf.session_timeout * 1800)) <= request->timestamp)) {
 		RDEBUG2("Flushing SSL sessions (of #%ld)",
 			SSL_CTX_sess_number(inst->ctx));
@@ -1645,7 +1645,7 @@ static int eaptls_initiate(void *type_arg, EAP_HANDLER *handler)
 		break;
 	}
 
-	if (inst->conf.session_cache_enable) {
+	if (/*inst->conf.session_cache_enable*/0) {
 		ssn->allow_session_resumption = 1; /* otherwise it's zero */
 	}
 
@@ -1774,7 +1774,7 @@ static int eaptls_authenticate(void *arg, EAP_HANDLER *handler)
 		 *	the client can't re-use it.
 		 */
 	default:
-		if (inst->conf.session_cache_enable) {
+		if (/*inst->conf.session_cache_enable*/0) {
 			SSL_CTX_remove_session(inst->ctx,
 	   tls_session->ssl->session);
 		}

Bug#863673: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

2017-05-31 Thread Moritz Muehlenhoff 
On Tue, May 30, 2017 at 05:50:20PM +0200, Michael Stapelberg wrote:
> security-team, can you take care of applying the patch to stable and
> oldstable please? Thank you.

No, we generally expect maintainers to prepare/test security updates,
particularly for packages which are complex to test like freeradius.

Cheers,
Moritz

Bug#863673: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

2017-05-30 Thread Michael Stapelberg 
Upstream confirmed that my patch fixes the issue, so I uploaded it to
unstable.

See also
https://anonscm.debian.org/cgit/pkg-freeradius/freeradius.git/commit/?id=8d681449aa95ee4388b5e3c266bdb070a264f563

security-team, can you take care of applying the patch to stable and
oldstable please? Thank you.

On Tue, May 30, 2017 at 8:29 AM, Michael Stapelberg 
wrote:

> control: owner -1 !
>
> I prepared a patch for this issue and emailed the FreeRADIUS security team
> asking for review. I’ll upload the patch once they confirm its
> effectiveness.
>
> On Mon, May 29, 2017 at 11:16 PM, Guido Günther  wrote:
>
>> Package: freeradius
>> Version: 3.0.12+dfsg-4
>> severity: grave
>>
>> Hi,
>>
>> the following vulnerability was published for freeradius.
>>
>> CVE-2017-9148[0]: FreeRADIUS TLS resumption authentication bypass
>>
>> If you fix the vulnerability please also make sure to include the
>> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>>
>> For further information see:
>>
>> [0] https://security-tracker.debian.org/tracker/CVE-2017-9148
>> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9148
>>
>> Please adjust the affected versions in the BTS as needed.
>> Cheers,
>>  -- Guido
>>
>> ___
>> Pkg-freeradius-maintainers mailing list
>> pkg-freeradius-maintain...@lists.alioth.debian.org
>> https://lists.alioth.debian.org/mailman/listinfo/pkg-freerad
>> ius-maintainers
>>
>
>
>
> --
> Best regards,
> Michael
>



-- 
Best regards,
Michael

Bug#863673: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

2017-05-30 Thread Michael Stapelberg 
control: owner -1 !

I prepared a patch for this issue and emailed the FreeRADIUS security team
asking for review. I’ll upload the patch once they confirm its
effectiveness.

On Mon, May 29, 2017 at 11:16 PM, Guido Günther  wrote:

> Package: freeradius
> Version: 3.0.12+dfsg-4
> severity: grave
>
> Hi,
>
> the following vulnerability was published for freeradius.
>
> CVE-2017-9148[0]: FreeRADIUS TLS resumption authentication bypass
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2017-9148
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9148
>
> Please adjust the affected versions in the BTS as needed.
> Cheers,
>  -- Guido
>
> ___
> Pkg-freeradius-maintainers mailing list
> pkg-freeradius-maintain...@lists.alioth.debian.org
> https://lists.alioth.debian.org/mailman/listinfo/pkg-
> freeradius-maintainers
>



-- 
Best regards,
Michael