Bug#780120: unblock: cyrus-sasl2/2.1.26.dfsg1-13

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#780120: unblock: cyrus-sasl2/2.1.26.dfsg1-13
From: Ondřej Surý <ondrej@debian.org>
Date: Mon, 09 Mar 2015 14:40:04 +0100
Message-id: <[🔎] 20150309134004.28003.53802.reportbug@lettie.nic.cz>
Reply-to: Ondřej Surý <ondrej@debian.org>, 780120@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Please unblock package cyrus-sasl2

Kees Cook has brought to my attention that cyrus-sasl2 could close tcp
connection prematurely and provided a simple patch that shuts down the
socket and wait for client to close it instead of just closing it down.

See #777349 for more background information.  The patch is small, and
I understand what it does :), so I recommend this for inclusion in
jessie (or in .point release).

unblock cyrus-sasl2/2.1.26.dfsg1-13

- -- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (990, 'testing'), (700, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJU/aK0XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw
Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsHdO0QAKKuiXPiy7a/IJ6907w7RYoL
bxL9eMfouQp0B6dd8m7IZa/5ty5+cF8j3hi2B5xR25sLPWNo7nSYWYt85Lemaot7
nhk3Vct5WVyUwLO7QL2bdsNc8OPhdDfeEhIwuQ70PEChVXEBCnu9NLTpxPE3a+mB
n7jx/miEXh5p2Z2u3+jjjj1i8ZEt5iOyP2regXze7Q+5AGydQO8JOyF7HgNtuPoY
9pBqknugm+6PryI13viM2fee+EGAC+FdJamoF7KTmOGL7JvSuBvRSfjGMcvwavqg
5dHk3AMY4qSuuco1FZsqUkJUBfwpueYLmHpyq9uFDWLULXKxTs8Acapdk5NlTKfY
P42kof1ZvLnQhWRD0tTfuyyrIOqmCE8huPwdBFyXpiouqgl7Io2XNqK16AtN98hn
2TXO44H8TmPD/RccKMuSo62rQhufOW6aTc9z+6IkPNgmtc0mexxIExKVhaMxG+u4
uHgdPrAP2Q8mqHYGRf3V/ccpaU+BotX7R4Ud15Qt7pJNIzBbYNWYlSCYHz8Qks3q
Sn7on13mNTT5BNC10qlSE7j4rKutJ7MDwzm6l17Fpe59Wx6XL03nhB8lgaCQxLkF
cdkz6Xx2dEdQwG70fkD2AbmZX2e0AUipRKmepHp2oL5JmgRAM+HLkjEq2R37nQft
CC97oKsRe4QkefBYjLBx
=l/Bl
-----END PGP SIGNATURE-----

diff -Nru cyrus-sasl2-2.1.26.dfsg1/debian/changelog cyrus-sasl2-2.1.26.dfsg1/debian/changelog
--- cyrus-sasl2-2.1.26.dfsg1/debian/changelog	2014-10-17 14:41:14.000000000 +0200
+++ cyrus-sasl2-2.1.26.dfsg1/debian/changelog	2015-03-09 14:21:37.000000000 +0100
@@ -1,3 +1,11 @@
+cyrus-sasl2 (2.1.26.dfsg1-13) unstable; urgency=medium
+
+  * Shutdown down the write side of the socket and wait for the client to
+    close the connection (0 byte read) before closing the server side
+    (Closes: #777349) (Courtesy of Kees Cook)
+
+ -- Ondřej Surý <ondrej@debian.org>  Mon, 09 Mar 2015 14:21:23 +0100
+
 cyrus-sasl2 (2.1.26.dfsg1-12) unstable; urgency=medium
 
   * Add patch to fix login to dovecot imapd 2.x (Closes: #715040)
diff -Nru cyrus-sasl2-2.1.26.dfsg1/debian/patches/early-hangup.patch cyrus-sasl2-2.1.26.dfsg1/debian/patches/early-hangup.patch
--- cyrus-sasl2-2.1.26.dfsg1/debian/patches/early-hangup.patch	1970-01-01 01:00:00.000000000 +0100
+++ cyrus-sasl2-2.1.26.dfsg1/debian/patches/early-hangup.patch	2015-03-09 14:21:37.000000000 +0100
@@ -0,0 +1,34 @@
+Description: it is possible for the client side of the socket to miss data
+ when the server uses close() immediately after the last write(). To avoid
+ this, shutdown down the write side of the socket and wait for the client
+ to close the connection (0 byte read) before closing the server side.
+Author: Kees Cook <kees@debian.org>
+
+--- cyrus-sasl2.orig/saslauthd/ipc_unix.c
++++ cyrus-sasl2/saslauthd/ipc_unix.c
+@@ -217,6 +217,7 @@ void ipc_loop() {
+ 
+ 	int		rc;
+ 	int		conn_fd;
++	unsigned char	dummy;
+ 
+ 
+ 	while(1) {
+@@ -261,6 +262,8 @@ void ipc_loop() {
+ 		    }
+ 		    
+ 		    do_request(conn_fd);
++		    shutdown(conn_fd, SHUT_WR);
++		    while (read(conn_fd, &dummy, 1) > 0) { }
+ 		    close(conn_fd);
+ 
+ 		    if(flags & DETACH_TTY) {
+@@ -275,6 +278,8 @@ void ipc_loop() {
+ 		 * Normal prefork mode.
+ 		 *************************************************************/
+ 		do_request(conn_fd);
++		shutdown(conn_fd, SHUT_WR);
++		while (read(conn_fd, &dummy, 1) > 0) { }
+ 		close(conn_fd);
+ 	}
+ 
diff -Nru cyrus-sasl2-2.1.26.dfsg1/debian/patches/series cyrus-sasl2-2.1.26.dfsg1/debian/patches/series
--- cyrus-sasl2-2.1.26.dfsg1/debian/patches/series	2014-10-17 14:41:14.000000000 +0200
+++ cyrus-sasl2-2.1.26.dfsg1/debian/patches/series	2015-03-09 14:21:37.000000000 +0100
@@ -30,3 +30,4 @@
 0046_fix_void_return.patch
 properly-create-libsasl2.pc.patch
 bug715040.patch
+early-hangup.patch

Reply to:

Follow-Ups:
- Bug#780120: marked as done (unblock: cyrus-sasl2/2.1.26.dfsg1-13)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#780119: unblock: librest/0.7.92-3
Next by Date: Bug#780121: unblock: libgcrypt20/1.6.3-2
Previous by thread: Bug#780119: marked as done (unblock: librest/0.7.92-3)
Next by thread: Bug#780120: marked as done (unblock: cyrus-sasl2/2.1.26.dfsg1-13)
Index(es):
- Date
- Thread