Verified Commit 1728e214 authored by Jan Pavlinec's avatar Jan Pavlinec
Browse files

gnutls: patch security issues

Fixes:
CVE-2020-11501
CVE-2020-13777
parent 2f017209
......@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=gnutls
PKG_VERSION:=3.6.7
PKG_RELEASE:=2
PKG_RELEASE:=3
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
......
From c01011c2d8533dbbbe754e49e256c109cb848d0d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stefan=20B=C3=BChler?= <stbuehler@web.de>
Date: Fri, 27 Mar 2020 17:17:57 +0100
Subject: [PATCH] dtls client hello: fix zeroed random (fixes #960)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This broke with bcf4de03 "handshake: treat reply to HRR as a reply to
hello verify request", which failed to "De Morgan" properly.
Signed-off-by: Stefan Bühler <stbuehler@web.de>
---
lib/handshake.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/handshake.c b/lib/handshake.c
index 5739df213e..84a0e52101 100644
--- a/lib/handshake.c
+++ b/lib/handshake.c
@@ -2167,7 +2167,7 @@ static int send_client_hello(gnutls_session_t session, int again)
/* Generate random data
*/
if (!(session->internals.hsk_flags & HSK_HRR_RECEIVED) &&
- !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests == 0)) {
+ !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests != 0)) {
ret = _gnutls_gen_client_random(session);
if (ret < 0) {
gnutls_assert();
--
GitLab
From c2646aeee94e71cb15c90a3147cf3b5b0ca158ca Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Tue, 2 Jun 2020 20:53:11 +0200
Subject: [PATCH] stek: differentiate initial state from valid time window of
TOTP
There was a confusion in the TOTP implementation in stek.c. When the
mechanism is initialized at the first time, it records the timestamp
but doesn't initialize the key. This removes the timestamp recording
at the initialization phase, so the key is properly set later.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
lib/stek.c | 17 +++++------------
tests/resume-with-previous-stek.c | 4 ++--
tests/tls13/prf-early.c | 8 ++++----
3 files changed, 11 insertions(+), 18 deletions(-)
diff --git a/lib/stek.c b/lib/stek.c
index 2f885cee37..5ab9e7d2d1 100644
--- a/lib/stek.c
+++ b/lib/stek.c
@@ -323,20 +323,13 @@ int _gnutls_initialize_session_ticket_key_rotation(gnutls_session_t session, con
if (unlikely(session == NULL || key == NULL))
return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
- if (session->key.totp.last_result == 0) {
- int64_t t;
- memcpy(session->key.initial_stek, key->data, key->size);
- t = totp_next(session);
- if (t < 0)
- return gnutls_assert_val(t);
+ if (unlikely(session->key.totp.last_result != 0))
+ return GNUTLS_E_INVALID_REQUEST;
- session->key.totp.last_result = t;
- session->key.totp.was_rotated = 0;
-
- return GNUTLS_E_SUCCESS;
- }
+ memcpy(session->key.initial_stek, key->data, key->size);
- return GNUTLS_E_INVALID_REQUEST;
+ session->key.totp.was_rotated = 0;
+ return 0;
}
/*
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment