mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 04:13:28 +01:00
Avoid asking for passphrase on junky PEM input
Fixes bug 24246 and TROVE-2017-011.
This bug is so old, it's in Matej's code. Seems to have been
introduced with e01522bbed
.
This commit is contained in:
parent
6f8c32b7de
commit
1880a6a88e
8
changes/trove-2017-011
Normal file
8
changes/trove-2017-011
Normal file
@ -0,0 +1,8 @@
|
||||
o Major bugfixes (security):
|
||||
- Fix a denial of service bug where an attacker could use a malformed
|
||||
directory object to cause a Tor instance to pause while OpenSSL would
|
||||
try to read a passphrase from the terminal. (If the terminal was not
|
||||
available, tor would continue running.) Fixes bug 24246; bugfix on
|
||||
every version of Tor. Also tracked as TROVE-2017-011 and
|
||||
CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720.
|
||||
|
@ -592,11 +592,21 @@ crypto_pk_generate_key_with_bits(crypto_pk_t *env, int bits)
|
||||
return 0;
|
||||
}
|
||||
|
||||
/** A PEM callback that always reports a failure to get a password */
|
||||
static int
|
||||
pem_no_password_cb(char *buf, int size, int rwflag, void *u)
|
||||
{
|
||||
(void)buf;
|
||||
(void)size;
|
||||
(void)rwflag;
|
||||
(void)u;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/** Read a PEM-encoded private key from the <b>len</b>-byte string <b>s</b>
|
||||
* into <b>env</b>. Return 0 on success, -1 on failure. If len is -1,
|
||||
* the string is nul-terminated.
|
||||
*/
|
||||
/* Used here, and used for testing. */
|
||||
int
|
||||
crypto_pk_read_private_key_from_string(crypto_pk_t *env,
|
||||
const char *s, ssize_t len)
|
||||
@ -615,7 +625,7 @@ crypto_pk_read_private_key_from_string(crypto_pk_t *env,
|
||||
if (env->key)
|
||||
RSA_free(env->key);
|
||||
|
||||
env->key = PEM_read_bio_RSAPrivateKey(b,NULL,NULL,NULL);
|
||||
env->key = PEM_read_bio_RSAPrivateKey(b,NULL,pem_no_password_cb,NULL);
|
||||
|
||||
BIO_free(b);
|
||||
|
||||
@ -747,7 +757,7 @@ crypto_pk_read_public_key_from_string(crypto_pk_t *env, const char *src,
|
||||
|
||||
if (env->key)
|
||||
RSA_free(env->key);
|
||||
env->key = PEM_read_bio_RSAPublicKey(b, NULL, NULL, NULL);
|
||||
env->key = PEM_read_bio_RSAPublicKey(b, NULL, pem_no_password_cb, NULL);
|
||||
BIO_free(b);
|
||||
if (!env->key) {
|
||||
crypto_log_errors(LOG_WARN, "reading public key from string");
|
||||
|
Loading…
Reference in New Issue
Block a user