| Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame^] | 1 | From eac858085e3ac94ec0ab5061d11f52652c90a869 Mon Sep 17 00:00:00 2001 |
| 2 | From: Wayne Davison <wayned@samba.org> |
| 3 | Date: Mon, 11 May 2015 12:36:20 -0700 |
| 4 | Subject: [PATCH 1/1] Add compat flag to allow proper seed checksum order. |
| 5 | Fixes the equivalent of librsync's CVE-2014-8242 issue. |
| 6 | |
| 7 | Upstream-Status: Backport |
| 8 | |
| 9 | Signed-off-by: Roy Li <rongqing.li@windriver.com> |
| 10 | --- |
| 11 | checksum.c | 17 +++++++++++++---- |
| 12 | compat.c | 5 +++++ |
| 13 | options.c | 1 + |
| 14 | 3 files changed, 19 insertions(+), 4 deletions(-) |
| 15 | |
| 16 | diff --git a/checksum.c b/checksum.c |
| 17 | index a1c2aa2..933b514 100644 |
| 18 | --- a/checksum.c |
| 19 | +++ b/checksum.c |
| 20 | @@ -23,6 +23,7 @@ |
| 21 | |
| 22 | extern int checksum_seed; |
| 23 | extern int protocol_version; |
| 24 | +extern int proper_seed_order; |
| 25 | |
| 26 | /* |
| 27 | a simple 32 bit checksum that can be upadted from either end |
| 28 | @@ -54,10 +55,18 @@ void get_checksum2(char *buf, int32 len, char *sum) |
| 29 | if (protocol_version >= 30) { |
| 30 | uchar seedbuf[4]; |
| 31 | md5_begin(&m); |
| 32 | - md5_update(&m, (uchar *)buf, len); |
| 33 | - if (checksum_seed) { |
| 34 | - SIVALu(seedbuf, 0, checksum_seed); |
| 35 | - md5_update(&m, seedbuf, 4); |
| 36 | + if (proper_seed_order) { |
| 37 | + if (checksum_seed) { |
| 38 | + SIVALu(seedbuf, 0, checksum_seed); |
| 39 | + md5_update(&m, seedbuf, 4); |
| 40 | + } |
| 41 | + md5_update(&m, (uchar *)buf, len); |
| 42 | + } else { |
| 43 | + md5_update(&m, (uchar *)buf, len); |
| 44 | + if (checksum_seed) { |
| 45 | + SIVALu(seedbuf, 0, checksum_seed); |
| 46 | + md5_update(&m, seedbuf, 4); |
| 47 | + } |
| 48 | } |
| 49 | md5_result(&m, (uchar *)sum); |
| 50 | } else { |
| 51 | diff --git a/compat.c b/compat.c |
| 52 | index 2454937..f89d466 100644 |
| 53 | --- a/compat.c |
| 54 | +++ b/compat.c |
| 55 | @@ -27,6 +27,7 @@ int inc_recurse = 0; |
| 56 | int compat_flags = 0; |
| 57 | int use_safe_inc_flist = 0; |
| 58 | int want_xattr_optim = 0; |
| 59 | +int proper_seed_order = 0; |
| 60 | |
| 61 | extern int am_server; |
| 62 | extern int am_sender; |
| 63 | @@ -78,6 +79,7 @@ int filesfrom_convert = 0; |
| 64 | #define CF_SYMLINK_ICONV (1<<2) |
| 65 | #define CF_SAFE_FLIST (1<<3) |
| 66 | #define CF_AVOID_XATTR_OPTIM (1<<4) |
| 67 | +#define CF_CHKSUM_SEED_FIX (1<<5) |
| 68 | |
| 69 | static const char *client_info; |
| 70 | |
| 71 | @@ -271,12 +273,15 @@ void setup_protocol(int f_out,int f_in) |
| 72 | compat_flags |= CF_SAFE_FLIST; |
| 73 | if (local_server || strchr(client_info, 'x') != NULL) |
| 74 | compat_flags |= CF_AVOID_XATTR_OPTIM; |
| 75 | + if (local_server || strchr(client_info, 'C') != NULL) |
| 76 | + compat_flags |= CF_CHKSUM_SEED_FIX; |
| 77 | write_byte(f_out, compat_flags); |
| 78 | } else |
| 79 | compat_flags = read_byte(f_in); |
| 80 | /* The inc_recurse var MUST be set to 0 or 1. */ |
| 81 | inc_recurse = compat_flags & CF_INC_RECURSE ? 1 : 0; |
| 82 | want_xattr_optim = protocol_version >= 31 && !(compat_flags & CF_AVOID_XATTR_OPTIM); |
| 83 | + proper_seed_order = compat_flags & CF_CHKSUM_SEED_FIX ? 1 : 0; |
| 84 | if (am_sender) { |
| 85 | receiver_symlink_times = am_server |
| 86 | ? strchr(client_info, 'L') != NULL |
| 87 | diff --git a/options.c b/options.c |
| 88 | index 19c2b7d..4128b59 100644 |
| 89 | --- a/options.c |
| 90 | +++ b/options.c |
| 91 | @@ -2503,6 +2503,7 @@ void server_options(char **args, int *argc_p) |
| 92 | #endif |
| 93 | argstr[x++] = 'f'; /* flist I/O-error safety support */ |
| 94 | argstr[x++] = 'x'; /* xattr hardlink optimization not desired */ |
| 95 | + argstr[x++] = 'C'; /* support checksum seed order fix */ |
| 96 | } |
| 97 | |
| 98 | if (x >= (int)sizeof argstr) { /* Not possible... */ |
| 99 | -- |
| 100 | 1.9.1 |
| 101 | |