diff options
| author | David Goulet <dgoulet@torproject.org> | 2023-11-03 09:04:27 -0400 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2023-11-03 09:04:27 -0400 |
| commit | 24dc829b9a9e7710ed5fffb53dafa64097557f04 (patch) | |
| tree | f87467b1acfde7e937d4d338091959181aa44d7b | |
| parent | 09685fa038bc7972cc4c38dc751ced35b8d29982 (diff) | |
| parent | 7aa496a2e057bb7c3cc284a04a1a4d2941c304f1 (diff) | |
| download | tor-24dc829b9a9e7710ed5fffb53dafa64097557f04.tar.gz tor-24dc829b9a9e7710ed5fffb53dafa64097557f04.zip | |
Merge branch 'maint-0.4.7' into maint-0.4.8
| -rw-r--r-- | changes/ticket40874 | 3 | ||||
| -rw-r--r-- | src/feature/relay/relay_handshake.c | 1 | ||||
| -rw-r--r-- | src/lib/tls/tortls_openssl.c | 32 |
3 files changed, 33 insertions, 3 deletions
diff --git a/changes/ticket40874 b/changes/ticket40874 new file mode 100644 index 0000000000..e1091f6b63 --- /dev/null +++ b/changes/ticket40874 @@ -0,0 +1,3 @@ + o Major bugfixes (TROVE-2023-004, relay): + - Mitigate an issue when Tor compiled with OpenSSL can crash during + handshake with a remote relay. Fixes bug 40874; bugfix on 0.2.7.2-alpha. diff --git a/src/feature/relay/relay_handshake.c b/src/feature/relay/relay_handshake.c index be7dba721a..75546cdd90 100644 --- a/src/feature/relay/relay_handshake.c +++ b/src/feature/relay/relay_handshake.c @@ -414,6 +414,7 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, log_fn(LOG_PROTOCOL_WARN, LD_OR, "Somebody asked us for an older TLS " "authentication method (AUTHTYPE_RSA_SHA256_TLSSECRET) " "which we don't support."); + goto err; } } else { char label[128]; diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c index c0a89ac272..ee91715e2d 100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@ -1651,9 +1651,35 @@ tor_tls_get_tlssecrets,(tor_tls_t *tls, uint8_t *secrets_out)) const size_t client_random_len = SSL_get_client_random(ssl, NULL, 0); const size_t master_key_len = SSL_SESSION_get_master_key(session, NULL, 0); - tor_assert(server_random_len); - tor_assert(client_random_len); - tor_assert(master_key_len); + if (BUG(! server_random_len)) { + log_warn(LD_NET, "Missing server randomness after handshake " + "using %s (cipher: %s, server: %s) from %s", + SSL_get_version(ssl), + SSL_get_cipher_name(ssl), + tls->isServer ? "true" : "false", + ADDR(tls)); + return -1; + } + + if (BUG(! client_random_len)) { + log_warn(LD_NET, "Missing client randomness after handshake " + "using %s (cipher: %s, server: %s) from %s", + SSL_get_version(ssl), + SSL_get_cipher_name(ssl), + tls->isServer ? "true" : "false", + ADDR(tls)); + return -1; + } + + if (BUG(! master_key_len)) { + log_warn(LD_NET, "Missing master key after handshake " + "using %s (cipher: %s, server: %s) from %s", + SSL_get_version(ssl), + SSL_get_cipher_name(ssl), + tls->isServer ? "true" : "false", + ADDR(tls)); + return -1; + } len = client_random_len + server_random_len + strlen(TLSSECRET_MAGIC) + 1; tor_assert(len <= sizeof(buf)); |