Fix TROVE-2023-004: Remote crash when compiled against OpenSSL

Fixes #40874 Signed-off-by: David Goulet <dgoulet@torproject.org>
author: Alexander Færøy <ahf@torproject.org> 2023-11-02 14:38:43 -0400
committer: David Goulet <dgoulet@torproject.org> 2023-11-03 08:52:38 -0400
commit: 7aa496a2e057bb7c3cc284a04a1a4d2941c304f1 (patch)
tree: 95410b0f0a3e11175e3540a1e1235b1c7e5cf3d7
parent: d7777c121c93e4155236e8334bb12bec575ad8b6 (diff)
download: tor-7aa496a2e057bb7c3cc284a04a1a4d2941c304f1.tar.gz
tor-7aa496a2e057bb7c3cc284a04a1a4d2941c304f1.zip
3 files changed, 33 insertions, 3 deletions
diff --git a/changes/ticket40874 b/changes/ticket40874
new file mode 100644
index 0000000000..e1091f6b63
--- /dev/null
+++ b/changes/ticket40874
@@ -0,0 +1,3 @@
+  o Major bugfixes (TROVE-2023-004, relay):
+    - Mitigate an issue when Tor compiled with OpenSSL can crash during
+      handshake with a remote relay. Fixes bug 40874; bugfix on 0.2.7.2-alpha.
diff --git a/src/feature/relay/relay_handshake.c b/src/feature/relay/relay_handshake.c
index be7dba721a..75546cdd90 100644
--- a/src/feature/relay/relay_handshake.c
+++ b/src/feature/relay/relay_handshake.c
@@ -414,6 +414,7 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
       log_fn(LOG_PROTOCOL_WARN, LD_OR, "Somebody asked us for an older TLS "
          "authentication method (AUTHTYPE_RSA_SHA256_TLSSECRET) "
          "which we don't support.");
+      goto err;
     }
   } else {
     char label[128];
diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
index 77de2d6a11..f3257d5f24 100644
--- a/src/lib/tls/tortls_openssl.c
+++ b/src/lib/tls/tortls_openssl.c
@@ -1649,9 +1649,35 @@ tor_tls_get_tlssecrets,(tor_tls_t *tls, uint8_t *secrets_out))
   const size_t client_random_len = SSL_get_client_random(ssl, NULL, 0);
   const size_t master_key_len = SSL_SESSION_get_master_key(session, NULL, 0);
 
-  tor_assert(server_random_len);
-  tor_assert(client_random_len);
-  tor_assert(master_key_len);
+  if (BUG(! server_random_len)) {
+    log_warn(LD_NET, "Missing server randomness after handshake "
+                     "using %s (cipher: %s, server: %s) from %s",
+                     SSL_get_version(ssl),
+                     SSL_get_cipher_name(ssl),
+                     tls->isServer ? "true" : "false",
+                     ADDR(tls));
+    return -1;
+  }
+
+  if (BUG(! client_random_len)) {
+    log_warn(LD_NET, "Missing client randomness after handshake "
+                     "using %s (cipher: %s, server: %s) from %s",
+                     SSL_get_version(ssl),
+                     SSL_get_cipher_name(ssl),
+                     tls->isServer ? "true" : "false",
+                     ADDR(tls));
+    return -1;
+  }
+
+  if (BUG(! master_key_len)) {
+    log_warn(LD_NET, "Missing master key after handshake "
+                     "using %s (cipher: %s, server: %s) from %s",
+                     SSL_get_version(ssl),
+                     SSL_get_cipher_name(ssl),
+                     tls->isServer ? "true" : "false",
+                     ADDR(tls));
+    return -1;
+  }
 
   len = client_random_len + server_random_len + strlen(TLSSECRET_MAGIC) + 1;
   tor_assert(len <= sizeof(buf));
author	Alexander Færøy <ahf@torproject.org>	2023-11-02 14:38:43 -0400
committer	David Goulet <dgoulet@torproject.org>	2023-11-03 08:52:38 -0400
commit	7aa496a2e057bb7c3cc284a04a1a4d2941c304f1 (patch)
tree	95410b0f0a3e11175e3540a1e1235b1c7e5cf3d7
parent	d7777c121c93e4155236e8334bb12bec575ad8b6 (diff)
download	tor-7aa496a2e057bb7c3cc284a04a1a4d2941c304f1.tar.gz tor-7aa496a2e057bb7c3cc284a04a1a4d2941c304f1.zip