[Pkg-erlang-commits] r1400 - in erlang/branches/oldstable/debian: . patches
sgolovan at alioth.debian.org
sgolovan at alioth.debian.org
Thu Jan 12 18:02:53 UTC 2012
Author: sgolovan
Date: 2012-01-12 18:02:53 +0000 (Thu, 12 Jan 2012)
New Revision: 1400
Added:
erlang/branches/oldstable/debian/patches/cve-2011-0766.patch
Modified:
erlang/branches/oldstable/debian/changelog
erlang/branches/oldstable/debian/patches/series
Log:
[erlang-oldstable]
* Added patch by upstream which fixed CVE-2011-0766 (cryptographic weakness)
in Erlang SSH application.
Modified: erlang/branches/oldstable/debian/changelog
===================================================================
--- erlang/branches/oldstable/debian/changelog 2012-01-12 12:42:51 UTC (rev 1399)
+++ erlang/branches/oldstable/debian/changelog 2012-01-12 18:02:53 UTC (rev 1400)
@@ -1,3 +1,10 @@
+erlang (1:12.b.3-dfsg-4lenny1) oldtable; urgency=low
+
+ * Added patch by upstream which fixed CVE-2011-0766 (cryptographic weakness)
+ in Erlang SSH application.
+
+ -- Sergei Golovan <sgolovan at debian.org> Thu, 12 Jan 2012 22:02:19 +0400
+
erlang (1:12.b.3-dfsg-4) unstable; urgency=low
* Fixed erlang-depends script to add optional dependency on erlang-base-hipe
Added: erlang/branches/oldstable/debian/patches/cve-2011-0766.patch
===================================================================
--- erlang/branches/oldstable/debian/patches/cve-2011-0766.patch (rev 0)
+++ erlang/branches/oldstable/debian/patches/cve-2011-0766.patch 2012-01-12 18:02:53 UTC (rev 1400)
@@ -0,0 +1,228 @@
+Description: Patch fixes CVE-2011-0766 (cryptographic weakness) vulnerability
+ in Erlang SSH application. It is taken from upstream git repository for
+ a later version (https://github.com/erlang/otp/commit/f228601de45c5) and
+ modified for R12B03.
+Author: Sergei Golovan (based on upstream patch)
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628456
+Last-Updated: Thu, 12 Jan 2012 21:58:25 +0400
+
+--- erlang-12.b.3-dfsg.orig/lib/crypto/src/crypto.erl
++++ erlang-12.b.3-dfsg/lib/crypto/src/crypto.erl
+@@ -33,6 +33,7 @@
+ -export([rc2_40_cbc_encrypt/3, rc2_40_cbc_decrypt/3]).
+ -export([dss_verify/3, rsa_verify/3]).
+ -export([rand_bytes/1, rand_bytes/3, rand_uniform/2]).
++-export([strong_rand_bytes/1, strong_rand_mpint/3]).
+ -export([mod_exp/3, mpint/1, erlint/1]).
+ %% -export([idea_cbc_encrypt/3, idea_cbc_decrypt/3]).
+ -export([aes_cbc_128_encrypt/3, aes_cbc_128_decrypt/3]).
+@@ -74,6 +75,8 @@
+ -define(AES_CBC_256_ENCRYPT, 32).
+ -define(AES_CBC_256_DECRYPT, 33).
+ -define(INFO_LIB,34).
++-define(STRONG_RAND_BYTES, 35).
++-define(STRONG_RAND_MPINT, 36).
+ %% -define(IDEA_CBC_ENCRYPT, 34).
+ %% -define(IDEA_CBC_DECRYPT, 35).
+
+@@ -94,6 +97,8 @@
+ des_ede3_cbc_encrypt, des_ede3_cbc_decrypt,
+ aes_cfb_128_encrypt, aes_cfb_128_decrypt,
+ rand_bytes,
++ strong_rand_bytes,
++ strong_rand_mpint,
+ rand_uniform,
+ mod_exp,
+ dss_verify,
+@@ -250,6 +255,14 @@
+ Topmask:8/integer,
+ Bottommask:8/integer>>]).
+
++strong_rand_bytes(Bytes) ->
++ control(?STRONG_RAND_BYTES,[<<Bytes:32/integer>>]).
++
++strong_rand_mpint(Bits,Top,Bottom) ->
++ control(?STRONG_RAND_MPINT,[<<Bits:32/integer,
++ Top:32/integer,
++ Bottom:32/integer>>]).
++
+ rand_uniform(From,To) when is_binary(From), is_binary(To) ->
+ case control(?RAND_UNIFORM,[From,To]) of
+ <<Len:32/integer, MSB, Rest/binary>> when MSB > 127 ->
+--- erlang-12.b.3-dfsg.orig/lib/crypto/c_src/crypto_drv.c
++++ erlang-12.b.3-dfsg/lib/crypto/c_src/crypto_drv.c
+@@ -176,10 +176,12 @@
+ #define DRV_CBC_AES256_ENCRYPT 32
+ #define DRV_CBC_AES256_DECRYPT 33
+ #define DRV_INFO_LIB 34
++#define DRV_STRONG_RAND_BYTES 35
++#define DRV_STRONG_RAND_MPINT 36
+ /* #define DRV_CBC_IDEA_ENCRYPT 34 */
+ /* #define DRV_CBC_IDEA_DECRYPT 35 */
+
+-#define NUM_CRYPTO_FUNCS 34
++#define NUM_CRYPTO_FUNCS 36
+
+ #define MD5_CTX_LEN (sizeof(MD5_CTX))
+ #define MD5_LEN 16
+@@ -279,7 +281,7 @@
+ int data_len, dsa_p_len, dsa_q_len;
+ int dsa_g_len, dsa_y_len;
+ int rsa_e_len, rsa_n_len;
+- int or_mask;
++ int or_mask, top, bottom;
+ unsigned int rsa_s_len;
+ char *key, *key2, *dbuf, *p;
+ const_DES_cblock *des_key, *des_key2, *des_key3;
+@@ -305,6 +307,7 @@
+ AES_KEY aes_key;
+ RC4_KEY rc4_key;
+ RC2_KEY rc2_key;
++ unsigned bits;
+
+ switch(command) {
+
+@@ -535,6 +538,49 @@
+ return rlen;
+ break;
+
++ case DRV_STRONG_RAND_BYTES:
++ /* buf = <<rlen:32/integer>> */
++
++ if (len != 4)
++ return -1;
++ rlen = get_int32(buf);
++ *rbuf = (char *)(bin = driver_alloc_binary(rlen));
++ if (RAND_bytes(bin->orig_bytes,rlen) != 1)
++ return -1;
++ return rlen;
++ break;
++
++ case DRV_STRONG_RAND_MPINT:
++ /* buf = <<rlen:32/integer,topmask:32/integer,bottommask:32/integer>> */
++
++ if (len != 12)
++ return -1;
++ bits = get_int32(buf);
++ top = get_int32(buf + 4);
++ if (!(top == -1 || top == 0 || top == 1))
++ return -1;
++ bottom = get_int32(buf + 8);
++ if (!(bottom == 0 || bottom == 1))
++ return -1;
++ bn_rand = BN_new();
++ if (!bn_rand)
++ return -1;
++
++ /* Get a (bits) bit random number */
++ if (!BN_rand(bn_rand, bits, top, bottom)) {
++ BN_free(bn_rand);
++ return -1;
++ } else {
++ /* Copy the bignum into an erlang mpint binary. */
++ rlen = BN_num_bytes(bn_rand);
++ *rbuf = (char *)(bin = driver_alloc_binary(rlen + 4));
++ put_int32(bin->orig_bytes, rlen);
++ BN_bn2bin(bn_rand,(unsigned char*)(bin->orig_bytes + 4));
++ }
++ BN_free(bn_rand);
++ return rlen + 4;
++ break;
++
+ case DRV_RAND_UNIFORM:
+ /* buf = <<from_len:32/integer,bn_from:from_len/binary, *
+ * to_len:32/integer,bn_to:to_len/binary>> */
+--- erlang-12.b.3-dfsg.orig/lib/ssh/src/ssh_transport.erl
++++ erlang-12.b.3-dfsg/lib/ssh/src/ssh_transport.erl
+@@ -355,8 +355,6 @@
+ %%
+ ssh_init(S, Role, Opts) ->
+ ssh_bits:install_messages(transport_messages()),
+- {A,B,C} = erlang:now(),
+- random:seed(A, B, C),
+ put(send_sequence, 0),
+ put(recv_sequence, 0),
+ case Role of
+--- erlang-12.b.3-dfsg.orig/lib/ssh/src/ssh_bits.erl
++++ erlang-12.b.3-dfsg/lib/ssh/src/ssh_bits.erl
+@@ -33,7 +33,7 @@
+ %% integer utils
+ -export([isize/1]).
+ -export([irandom/1, irandom/3]).
+--export([random/1, random/3]).
++-export([random/1]).
+ -export([xor_bits/2, fill_bits/2]).
+ -export([i2bin/2, bin2i/1]).
+
+@@ -400,9 +400,6 @@
+ irandom(Bits) ->
+ irandom(Bits, 1, 0).
+
+-%% irandom_odd(Bits) ->
+-%% irandom(Bits, 1, 1).
+-
+ %%
+ %% irandom(N, Top, Bottom)
+ %%
+@@ -413,57 +410,16 @@
+ %% Bot = 0 - do not set the least signifcant bit
+ %% Bot = 1 - set the least signifcant bit (i.e always odd)
+ %%
+-irandom(0, _Top, _Bottom) ->
+- 0;
+-irandom(Bits, Top, Bottom) ->
+- Bytes = (Bits+7) div 8,
+- Skip = (8-(Bits rem 8)) rem 8,
+- TMask = case Top of
+- 0 -> 0;
+- 1 -> 16#80;
+- 2 -> 16#c0
+- end,
+- BMask = case Bottom of
+- 0 -> 0;
+- 1 -> (1 bsl Skip)
+- end,
+- <<X:Bits/big-unsigned-integer, _:Skip>> = random(Bytes, TMask, BMask),
+- X.
++irandom(Bits, Top, Bottom) when is_integer(Top),
++ 0 =< Top, Top =< 2 ->
++ crypto:erlint(crypto:strong_rand_mpint(Bits, Top - 1, Bottom)).
+
+ %%
+ %% random/1
+ %% Generate N random bytes
+ %%
+ random(N) ->
+- random(N, 0, 0).
+-
+-random(N, TMask, BMask) ->
+- list_to_binary(rnd(N, TMask, BMask)).
+-
+-%% random/3
+-%% random(Bytes, TopMask, BotMask)
+-%% where
+-%% Bytes is the number of bytes to generate
+-%% TopMask is bitwised or'ed to the first byte
+-%% BotMask is bitwised or'ed to the last byte
+-%%
+-rnd(0, _TMask, _BMask) ->
+- [];
+-rnd(1, TMask, BMask) ->
+- [(rand8() bor TMask) bor BMask];
+-rnd(N, TMask, BMask) ->
+- [(rand8() bor TMask) | rnd_n(N-1, BMask)].
+-
+-rnd_n(1, BMask) ->
+- [rand8() bor BMask];
+-rnd_n(I, BMask) ->
+- [rand8() | rnd_n(I-1, BMask)].
+-
+-rand8() ->
+- (rand32() bsr 8) band 16#ff.
+-
+-rand32() ->
+- random:uniform(16#100000000) -1.
++ crypto:strong_rand_bytes(N).
+
+ %%
+ %% Base 64 encode/decode
Modified: erlang/branches/oldstable/debian/patches/series
===================================================================
--- erlang/branches/oldstable/debian/patches/series 2012-01-12 12:42:51 UTC (rev 1399)
+++ erlang/branches/oldstable/debian/patches/series 2012-01-12 18:02:53 UTC (rev 1400)
@@ -7,4 +7,5 @@
ssl.patch
sctp.patch
m68k.patch
+cve-2011-0766.patch
#native.patch
More information about the Pkg-erlang-commits
mailing list