wok-current rev 25666

Patch wpa_supplicant CVE-2023-52160 (miss add patch)
author Stanislas Leduc <shann@slitaz.org>
date Sat Mar 02 09:28:06 2024 +0000 (8 months ago)
parents daa1640c418e
children 8e3f5f4438f1
files wpa_supplicant/stuff/CVE-2023-52160.patch
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/wpa_supplicant/stuff/CVE-2023-52160.patch	Sat Mar 02 09:28:06 2024 +0000
     1.3 @@ -0,0 +1,209 @@
     1.4 +From 8e6485a1bcb0baffdea9e55255a81270b768439c Mon Sep 17 00:00:00 2001
     1.5 +From: Jouni Malinen <j@w1.fi>
     1.6 +Date: Sat, 8 Jul 2023 19:55:32 +0300
     1.7 +Subject: PEAP client: Update Phase 2 authentication requirements
     1.8 +
     1.9 +The previous PEAP client behavior allowed the server to skip Phase 2
    1.10 +authentication with the expectation that the server was authenticated
    1.11 +during Phase 1 through TLS server certificate validation. Various PEAP
    1.12 +specifications are not exactly clear on what the behavior on this front
    1.13 +is supposed to be and as such, this ended up being more flexible than
    1.14 +the TTLS/FAST/TEAP cases. However, this is not really ideal when
    1.15 +unfortunately common misconfiguration of PEAP is used in deployed
    1.16 +devices where the server trust root (ca_cert) is not configured or the
    1.17 +user has an easy option for allowing this validation step to be skipped.
    1.18 +
    1.19 +Change the default PEAP client behavior to be to require Phase 2
    1.20 +authentication to be successfully completed for cases where TLS session
    1.21 +resumption is not used and the client certificate has not been
    1.22 +configured. Those two exceptions are the main cases where a deployed
    1.23 +authentication server might skip Phase 2 and as such, where a more
    1.24 +strict default behavior could result in undesired interoperability
    1.25 +issues. Requiring Phase 2 authentication will end up disabling TLS
    1.26 +session resumption automatically to avoid interoperability issues.
    1.27 +
    1.28 +Allow Phase 2 authentication behavior to be configured with a new phase1
    1.29 +configuration parameter option:
    1.30 +'phase2_auth' option can be used to control Phase 2 (i.e., within TLS
    1.31 +tunnel) behavior for PEAP:
    1.32 + * 0 = do not require Phase 2 authentication
    1.33 + * 1 = require Phase 2 authentication when client certificate
    1.34 +   (private_key/client_cert) is no used and TLS session resumption was
    1.35 +   not used (default)
    1.36 + * 2 = require Phase 2 authentication in all cases
    1.37 +
    1.38 +Signed-off-by: Jouni Malinen <j@w1.fi>
    1.39 +---
    1.40 + src/eap_peer/eap_config.h          |  8 ++++++++
    1.41 + src/eap_peer/eap_peap.c            | 40 +++++++++++++++++++++++++++++++++++---
    1.42 + src/eap_peer/eap_tls_common.c      |  6 ++++++
    1.43 + src/eap_peer/eap_tls_common.h      |  5 +++++
    1.44 + wpa_supplicant/wpa_supplicant.conf |  7 +++++++
    1.45 + 5 files changed, 63 insertions(+), 3 deletions(-)
    1.46 +
    1.47 +diff --git a/src/eap_peer/eap_config.h b/src/eap_peer/eap_config.h
    1.48 +index 26744ab68..58d5a1359 100644
    1.49 +--- a/src/eap_peer/eap_config.h
    1.50 ++++ b/src/eap_peer/eap_config.h
    1.51 +@@ -471,6 +471,14 @@ struct eap_peer_config {
    1.52 + 	 * 1 = use cryptobinding if server supports it
    1.53 + 	 * 2 = require cryptobinding
    1.54 + 	 *
    1.55 ++	 * phase2_auth option can be used to control Phase 2 (i.e., within TLS
    1.56 ++	 * tunnel) behavior for PEAP:
    1.57 ++	 * 0 = do not require Phase 2 authentication
    1.58 ++	 * 1 = require Phase 2 authentication when client certificate
    1.59 ++	 *  (private_key/client_cert) is no used and TLS session resumption was
    1.60 ++	 *  not used (default)
    1.61 ++	 * 2 = require Phase 2 authentication in all cases
    1.62 ++	 *
    1.63 + 	 * EAP-WSC (WPS) uses following options: pin=Device_Password and
    1.64 + 	 * uuid=Device_UUID
    1.65 + 	 *
    1.66 +diff --git a/src/eap_peer/eap_peap.c b/src/eap_peer/eap_peap.c
    1.67 +index 12e30df29..608069719 100644
    1.68 +--- a/src/eap_peer/eap_peap.c
    1.69 ++++ b/src/eap_peer/eap_peap.c
    1.70 +@@ -67,6 +67,7 @@ struct eap_peap_data {
    1.71 + 	u8 cmk[20];
    1.72 + 	int soh; /* Whether IF-TNCCS-SOH (Statement of Health; Microsoft NAP)
    1.73 + 		  * is enabled. */
    1.74 ++	enum { NO_AUTH, FOR_INITIAL, ALWAYS } phase2_auth;
    1.75 + };
    1.76 + 
    1.77 + 
    1.78 +@@ -114,6 +115,19 @@ static void eap_peap_parse_phase1(struct eap_peap_data *data,
    1.79 + 		wpa_printf(MSG_DEBUG, "EAP-PEAP: Require cryptobinding");
    1.80 + 	}
    1.81 + 
    1.82 ++	if (os_strstr(phase1, "phase2_auth=0")) {
    1.83 ++		data->phase2_auth = NO_AUTH;
    1.84 ++		wpa_printf(MSG_DEBUG,
    1.85 ++			   "EAP-PEAP: Do not require Phase 2 authentication");
    1.86 ++	} else if (os_strstr(phase1, "phase2_auth=1")) {
    1.87 ++		data->phase2_auth = FOR_INITIAL;
    1.88 ++		wpa_printf(MSG_DEBUG,
    1.89 ++			   "EAP-PEAP: Require Phase 2 authentication for initial connection");
    1.90 ++	} else if (os_strstr(phase1, "phase2_auth=2")) {
    1.91 ++		data->phase2_auth = ALWAYS;
    1.92 ++		wpa_printf(MSG_DEBUG,
    1.93 ++			   "EAP-PEAP: Require Phase 2 authentication for all cases");
    1.94 ++	}
    1.95 + #ifdef EAP_TNC
    1.96 + 	if (os_strstr(phase1, "tnc=soh2")) {
    1.97 + 		data->soh = 2;
    1.98 +@@ -142,6 +156,7 @@ static void * eap_peap_init(struct eap_sm *sm)
    1.99 + 	data->force_peap_version = -1;
   1.100 + 	data->peap_outer_success = 2;
   1.101 + 	data->crypto_binding = OPTIONAL_BINDING;
   1.102 ++	data->phase2_auth = FOR_INITIAL;
   1.103 + 
   1.104 + 	if (config && config->phase1)
   1.105 + 		eap_peap_parse_phase1(data, config->phase1);
   1.106 +@@ -454,6 +469,20 @@ static int eap_tlv_validate_cryptobinding(struct eap_sm *sm,
   1.107 + }
   1.108 + 
   1.109 + 
   1.110 ++static bool peap_phase2_sufficient(struct eap_sm *sm,
   1.111 ++				   struct eap_peap_data *data)
   1.112 ++{
   1.113 ++	if ((data->phase2_auth == ALWAYS ||
   1.114 ++	     (data->phase2_auth == FOR_INITIAL &&
   1.115 ++	      !tls_connection_resumed(sm->ssl_ctx, data->ssl.conn) &&
   1.116 ++	      !data->ssl.client_cert_conf) ||
   1.117 ++	     data->phase2_eap_started) &&
   1.118 ++	    !data->phase2_eap_success)
   1.119 ++		return false;
   1.120 ++	return true;
   1.121 ++}
   1.122 ++
   1.123 ++
   1.124 + /**
   1.125 +  * eap_tlv_process - Process a received EAP-TLV message and generate a response
   1.126 +  * @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
   1.127 +@@ -568,6 +597,11 @@ static int eap_tlv_process(struct eap_sm *sm, struct eap_peap_data *data,
   1.128 + 					   " - force failed Phase 2");
   1.129 + 				resp_status = EAP_TLV_RESULT_FAILURE;
   1.130 + 				ret->decision = DECISION_FAIL;
   1.131 ++			} else if (!peap_phase2_sufficient(sm, data)) {
   1.132 ++				wpa_printf(MSG_INFO,
   1.133 ++					   "EAP-PEAP: Server indicated Phase 2 success, but sufficient Phase 2 authentication has not been completed");
   1.134 ++				resp_status = EAP_TLV_RESULT_FAILURE;
   1.135 ++				ret->decision = DECISION_FAIL;
   1.136 + 			} else {
   1.137 + 				resp_status = EAP_TLV_RESULT_SUCCESS;
   1.138 + 				ret->decision = DECISION_UNCOND_SUCC;
   1.139 +@@ -887,8 +921,7 @@ continue_req:
   1.140 + 			/* EAP-Success within TLS tunnel is used to indicate
   1.141 + 			 * shutdown of the TLS channel. The authentication has
   1.142 + 			 * been completed. */
   1.143 +-			if (data->phase2_eap_started &&
   1.144 +-			    !data->phase2_eap_success) {
   1.145 ++			if (!peap_phase2_sufficient(sm, data)) {
   1.146 + 				wpa_printf(MSG_DEBUG, "EAP-PEAP: Phase 2 "
   1.147 + 					   "Success used to indicate success, "
   1.148 + 					   "but Phase 2 EAP was not yet "
   1.149 +@@ -1199,8 +1232,9 @@ static struct wpabuf * eap_peap_process(struct eap_sm *sm, void *priv,
   1.150 + static bool eap_peap_has_reauth_data(struct eap_sm *sm, void *priv)
   1.151 + {
   1.152 + 	struct eap_peap_data *data = priv;
   1.153 ++
   1.154 + 	return tls_connection_established(sm->ssl_ctx, data->ssl.conn) &&
   1.155 +-		data->phase2_success;
   1.156 ++		data->phase2_success && data->phase2_auth != ALWAYS;
   1.157 + }
   1.158 + 
   1.159 + 
   1.160 +diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c
   1.161 +index 6193b4bdb..966cbd6c7 100644
   1.162 +--- a/src/eap_peer/eap_tls_common.c
   1.163 ++++ b/src/eap_peer/eap_tls_common.c
   1.164 +@@ -242,6 +242,12 @@ static int eap_tls_params_from_conf(struct eap_sm *sm,
   1.165 + 
   1.166 + 	sm->ext_cert_check = !!(params->flags & TLS_CONN_EXT_CERT_CHECK);
   1.167 + 
   1.168 ++	if (!phase2)
   1.169 ++		data->client_cert_conf = params->client_cert ||
   1.170 ++			params->client_cert_blob ||
   1.171 ++			params->private_key ||
   1.172 ++			params->private_key_blob;
   1.173 ++
   1.174 + 	return 0;
   1.175 + }
   1.176 + 
   1.177 +diff --git a/src/eap_peer/eap_tls_common.h b/src/eap_peer/eap_tls_common.h
   1.178 +index 9ac00121f..334863413 100644
   1.179 +--- a/src/eap_peer/eap_tls_common.h
   1.180 ++++ b/src/eap_peer/eap_tls_common.h
   1.181 +@@ -79,6 +79,11 @@ struct eap_ssl_data {
   1.182 + 	 * tls_v13 - Whether TLS v1.3 or newer is used
   1.183 + 	 */
   1.184 + 	int tls_v13;
   1.185 ++
   1.186 ++	/**
   1.187 ++	 * client_cert_conf: Whether client certificate has been configured
   1.188 ++	 */
   1.189 ++	bool client_cert_conf;
   1.190 + };
   1.191 + 
   1.192 + 
   1.193 +diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf
   1.194 +index f0b82443e..1b09f57d3 100644
   1.195 +--- a/wpa_supplicant/wpa_supplicant.conf
   1.196 ++++ b/wpa_supplicant/wpa_supplicant.conf
   1.197 +@@ -1370,6 +1370,13 @@ fast_reauth=1
   1.198 + #	 * 0 = do not use cryptobinding (default)
   1.199 + #	 * 1 = use cryptobinding if server supports it
   1.200 + #	 * 2 = require cryptobinding
   1.201 ++#	'phase2_auth' option can be used to control Phase 2 (i.e., within TLS
   1.202 ++#	tunnel) behavior for PEAP:
   1.203 ++#	 * 0 = do not require Phase 2 authentication
   1.204 ++#	 * 1 = require Phase 2 authentication when client certificate
   1.205 ++#	   (private_key/client_cert) is no used and TLS session resumption was
   1.206 ++#	   not used (default)
   1.207 ++#	 * 2 = require Phase 2 authentication in all cases
   1.208 + #	EAP-WSC (WPS) uses following options: pin=<Device Password> or
   1.209 + #	pbc=1.
   1.210 + #
   1.211 +-- 
   1.212 +cgit v1.2.3-18-g5258