mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 13:13:44 +01:00
Merge branch 'maint-0.2.8' into maint-0.2.9
This commit is contained in:
commit
7e2b012b46
5
changes/bug24313
Normal file
5
changes/bug24313
Normal file
@ -0,0 +1,5 @@
|
||||
o Major bugfixes (security, hidden service v2):
|
||||
- Fix a use-after-free error that could crash v2 Tor hidden services
|
||||
when it failed to open circuits while expiring introductions
|
||||
points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This
|
||||
issue is also tracked as TROVE-2017-013 and CVE-2017-8823.
|
10
changes/trove-2017-009
Normal file
10
changes/trove-2017-009
Normal file
@ -0,0 +1,10 @@
|
||||
o Major bugfixes (security):
|
||||
- When checking for replays in the INTRODUCE1 cell data for a (legacy)
|
||||
hiddden service, correctly detect replays in the RSA-encrypted part of
|
||||
the cell. We were previously checking for replays on the entire cell,
|
||||
but those can be circumvented due to the malleability of Tor's legacy
|
||||
hybrid encryption. This fix helps prevent a traffic confirmation
|
||||
attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also
|
||||
tracked as TROVE-2017-009 and CVE-2017-8819.
|
||||
|
||||
|
8
changes/trove-2017-011
Normal file
8
changes/trove-2017-011
Normal file
@ -0,0 +1,8 @@
|
||||
o Major bugfixes (security):
|
||||
- Fix a denial of service bug where an attacker could use a malformed
|
||||
directory object to cause a Tor instance to pause while OpenSSL would
|
||||
try to read a passphrase from the terminal. (If the terminal was not
|
||||
available, tor would continue running.) Fixes bug 24246; bugfix on
|
||||
every version of Tor. Also tracked as TROVE-2017-011 and
|
||||
CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720.
|
||||
|
6
changes/trove-2017-012-part1
Normal file
6
changes/trove-2017-012-part1
Normal file
@ -0,0 +1,6 @@
|
||||
o Major bugfixes (security, relay):
|
||||
- When running as a relay, make sure that we never build a path through
|
||||
ourselves, even in the case where we have somehow lost the version of
|
||||
our descriptor appearing in the consensus. Fixes part of bug 21534;
|
||||
bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012
|
||||
and CVE-2017-8822.
|
@ -645,11 +645,21 @@ MOCK_IMPL(int,
|
||||
return 0;
|
||||
}
|
||||
|
||||
/** A PEM callback that always reports a failure to get a password */
|
||||
static int
|
||||
pem_no_password_cb(char *buf, int size, int rwflag, void *u)
|
||||
{
|
||||
(void)buf;
|
||||
(void)size;
|
||||
(void)rwflag;
|
||||
(void)u;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/** Read a PEM-encoded private key from the <b>len</b>-byte string <b>s</b>
|
||||
* into <b>env</b>. Return 0 on success, -1 on failure. If len is -1,
|
||||
* the string is nul-terminated.
|
||||
*/
|
||||
/* Used here, and used for testing. */
|
||||
int
|
||||
crypto_pk_read_private_key_from_string(crypto_pk_t *env,
|
||||
const char *s, ssize_t len)
|
||||
@ -668,7 +678,7 @@ crypto_pk_read_private_key_from_string(crypto_pk_t *env,
|
||||
if (env->key)
|
||||
RSA_free(env->key);
|
||||
|
||||
env->key = PEM_read_bio_RSAPrivateKey(b,NULL,NULL,NULL);
|
||||
env->key = PEM_read_bio_RSAPrivateKey(b,NULL,pem_no_password_cb,NULL);
|
||||
|
||||
BIO_free(b);
|
||||
|
||||
@ -800,7 +810,7 @@ crypto_pk_read_public_key_from_string(crypto_pk_t *env, const char *src,
|
||||
|
||||
if (env->key)
|
||||
RSA_free(env->key);
|
||||
env->key = PEM_read_bio_RSAPublicKey(b, NULL, NULL, NULL);
|
||||
env->key = PEM_read_bio_RSAPublicKey(b, NULL, pem_no_password_cb, NULL);
|
||||
BIO_free(b);
|
||||
if (!env->key) {
|
||||
crypto_log_errors(LOG_WARN, "reading public key from string");
|
||||
|
@ -1816,6 +1816,7 @@ rend_service_receive_introduction(origin_circuit_t *circuit,
|
||||
time_t now = time(NULL);
|
||||
time_t elapsed;
|
||||
int replay;
|
||||
size_t keylen;
|
||||
|
||||
/* Do some initial validation and logging before we parse the cell */
|
||||
if (circuit->base_.purpose != CIRCUIT_PURPOSE_S_INTRO) {
|
||||
@ -1889,9 +1890,10 @@ rend_service_receive_introduction(origin_circuit_t *circuit,
|
||||
}
|
||||
|
||||
/* check for replay of PK-encrypted portion. */
|
||||
keylen = crypto_pk_keysize(intro_key);
|
||||
replay = replaycache_add_test_and_elapsed(
|
||||
intro_point->accepted_intro_rsa_parts,
|
||||
parsed_req->ciphertext, parsed_req->ciphertext_len,
|
||||
parsed_req->ciphertext, MIN(parsed_req->ciphertext_len, keylen),
|
||||
&elapsed);
|
||||
|
||||
if (replay) {
|
||||
@ -3849,6 +3851,10 @@ remove_invalid_intro_points(rend_service_t *service,
|
||||
log_info(LD_REND, "Expiring %s as intro point for %s.",
|
||||
safe_str_client(extend_info_describe(intro->extend_info)),
|
||||
safe_str_client(service->service_id));
|
||||
/* We might have put it in the retry list if so, undo. */
|
||||
if (retry_nodes) {
|
||||
smartlist_remove(retry_nodes, intro);
|
||||
}
|
||||
smartlist_add(service->expiring_nodes, intro);
|
||||
SMARTLIST_DEL_CURRENT(service->intro_nodes, intro);
|
||||
/* Intro point is expired, we need a new one thus don't consider it
|
||||
|
@ -2829,7 +2829,10 @@ router_choose_random_node(smartlist_t *excludedsmartlist,
|
||||
});
|
||||
}
|
||||
|
||||
if ((r = routerlist_find_my_routerinfo()))
|
||||
/* If the node_t is not found we won't be to exclude ourself but we
|
||||
* won't be able to pick ourself in router_choose_random_node() so
|
||||
* this is fine to at least try with our routerinfo_t object. */
|
||||
if ((r = router_get_my_routerinfo()))
|
||||
routerlist_add_node_and_family(excludednodes, r);
|
||||
|
||||
router_add_running_nodes_to_smartlist(sl, allow_invalid,
|
||||
|
Loading…
Reference in New Issue
Block a user