Fix multiple ntp vulnerabilities.

Reviewed by:	roberto (earlier revision), philip
Security:	CVE-2014-9293, CVE-2014-9294
Security:	CVE-2014-9295, CVE-2014-9296
Security:	FreeBSD-SA-14:31.ntp

Differential Revision: https://reviews.freebsd.org/D1343
This commit is contained in:
Xin LI 2014-12-22 18:54:55 +00:00
parent 6831cf6aa6
commit 2f834a0b41
5 changed files with 38 additions and 10 deletions

View File

@ -1887,7 +1887,7 @@ getconfig(
for (i = 0; i < 8; i++)
for (j = 1; j < 100; ++j) {
rankey[i] = (char) (ntp_random() & 0xff);
rankey[i] = (char) (arc4random() & 0xff);
if (rankey[i] != 0) break;
}
rankey[8] = 0;

View File

@ -24,6 +24,10 @@
#include <netinet/in.h>
#include <arpa/inet.h>
#ifndef MIN
#define MIN(a, b) (((a) <= (b)) ? (a) : (b))
#endif
/*
* Structure to hold request procedure information
*/
@ -893,6 +897,7 @@ ctl_putdata(
)
{
int overhead;
unsigned int currentlen;
overhead = 0;
if (!bin) {
@ -916,12 +921,22 @@ ctl_putdata(
/*
* Save room for trailing junk
*/
if (dlen + overhead + datapt > dataend) {
while (dlen + overhead + datapt > dataend) {
/*
* Not enough room in this one, flush it out.
*/
currentlen = MIN(dlen, dataend - datapt);
memcpy(datapt, dp, currentlen);
datapt += currentlen;
dp += currentlen;
dlen -= currentlen;
datalinelen += currentlen;
ctl_flushpkt(CTL_MORE);
}
memmove((char *)datapt, dp, (unsigned)dlen);
datapt += dlen;
datalinelen += dlen;

View File

@ -864,12 +864,24 @@ crypto_recv(
* errors.
*/
if (vallen == (u_int) EVP_PKEY_size(host_pkey)) {
RSA_private_decrypt(vallen,
u_int32 *cookiebuf = malloc(
RSA_size(host_pkey->pkey.rsa));
if (cookiebuf == NULL) {
rval = XEVNT_CKY;
break;
}
if (RSA_private_decrypt(vallen,
(u_char *)ep->pkt,
(u_char *)&temp32,
(u_char *)cookiebuf,
host_pkey->pkey.rsa,
RSA_PKCS1_OAEP_PADDING);
cookie = ntohl(temp32);
RSA_PKCS1_OAEP_PADDING) != 4) {
rval = XEVNT_CKY;
free(cookiebuf);
break;
} else {
cookie = ntohl(*cookiebuf);
free(cookiebuf);
}
} else {
rval = XEVNT_CKY;
break;
@ -3914,7 +3926,7 @@ crypto_setup(void)
rand_file);
exit (-1);
}
get_systime(&seed);
arc4random_buf(&seed, sizeof(l_fp));
RAND_seed(&seed, sizeof(l_fp));
RAND_write_file(rand_file);
OpenSSL_add_all_algorithms();

View File

@ -649,6 +649,7 @@ receive(
has_mac)) {
is_authentic = AUTH_ERROR;
sys_badauth++;
return;
} else {
is_authentic = AUTH_OK;
}

View File

@ -642,7 +642,7 @@ gen_md5(
for (i = 1; i <= MD5KEYS; i++) {
for (j = 0; j < 16; j++) {
while (1) {
temp = ntp_random() & 0xff;
temp = arc4random() & 0xff;
if (temp == '#')
continue;
if (temp > 0x20 && temp < 0x7f)
@ -675,7 +675,7 @@ gen_rsa(
FILE *str;
fprintf(stderr, "Generating RSA keys (%d bits)...\n", modulus);
rsa = RSA_generate_key(modulus, 3, cb, "RSA");
rsa = RSA_generate_key(modulus, 65537, cb, "RSA");
fprintf(stderr, "\n");
if (rsa == NULL) {
fprintf(stderr, "RSA generate keys fails\n%s\n",
@ -954,7 +954,7 @@ gen_gqpar(
*/
fprintf(stderr,
"Generating GQ parameters (%d bits)...\n", modulus);
rsa = RSA_generate_key(modulus, 3, cb, "GQ");
rsa = RSA_generate_key(modulus, 65537, cb, "GQ");
fprintf(stderr, "\n");
if (rsa == NULL) {
fprintf(stderr, "RSA generate keys fails\n%s\n",