[tor-commits] [tor/maint-0.3.0] Avoid asking for passphrase on junky PEM input

nickm at torproject.org nickm at torproject.org
Fri Dec 1 14:06:04 UTC 2017


commit 1880a6a88e240556a8e6b169f1160aa8220ab0ec
Author: Nick Mathewson <nickm at torproject.org>
Date:   Sat Nov 11 14:21:37 2017 -0500

    Avoid asking for passphrase on junky PEM input
    
    Fixes bug 24246 and TROVE-2017-011.
    
    This bug is so old, it's in Matej's code.  Seems to have been
    introduced with e01522bbed6eea.
---
 changes/trove-2017-011 |  8 ++++++++
 src/common/crypto.c    | 16 +++++++++++++---
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/changes/trove-2017-011 b/changes/trove-2017-011
new file mode 100644
index 000000000..82d20d9e7
--- /dev/null
+++ b/changes/trove-2017-011
@@ -0,0 +1,8 @@
+  o Major bugfixes (security):
+    - Fix a denial of service bug where an attacker could use a malformed
+      directory object to cause a Tor instance to pause while OpenSSL would
+      try to read a passphrase from the terminal. (If the terminal was not
+      available, tor would continue running.)  Fixes bug 24246; bugfix on
+      every version of Tor.  Also tracked as TROVE-2017-011 and
+      CVE-2017-8821.  Found by OSS-Fuzz as testcase 6360145429790720.
+
diff --git a/src/common/crypto.c b/src/common/crypto.c
index f7362765d..8d816652d 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -592,11 +592,21 @@ crypto_pk_generate_key_with_bits(crypto_pk_t *env, int bits)
   return 0;
 }
 
+/** A PEM callback that always reports a failure to get a password */
+static int
+pem_no_password_cb(char *buf, int size, int rwflag, void *u)
+{
+  (void)buf;
+  (void)size;
+  (void)rwflag;
+  (void)u;
+  return 0;
+}
+
 /** Read a PEM-encoded private key from the <b>len</b>-byte string <b>s</b>
  * into <b>env</b>.  Return 0 on success, -1 on failure.  If len is -1,
  * the string is nul-terminated.
  */
-/* Used here, and used for testing. */
 int
 crypto_pk_read_private_key_from_string(crypto_pk_t *env,
                                        const char *s, ssize_t len)
@@ -615,7 +625,7 @@ crypto_pk_read_private_key_from_string(crypto_pk_t *env,
   if (env->key)
     RSA_free(env->key);
 
-  env->key = PEM_read_bio_RSAPrivateKey(b,NULL,NULL,NULL);
+  env->key = PEM_read_bio_RSAPrivateKey(b,NULL,pem_no_password_cb,NULL);
 
   BIO_free(b);
 
@@ -747,7 +757,7 @@ crypto_pk_read_public_key_from_string(crypto_pk_t *env, const char *src,
 
   if (env->key)
     RSA_free(env->key);
-  env->key = PEM_read_bio_RSAPublicKey(b, NULL, NULL, NULL);
+  env->key = PEM_read_bio_RSAPublicKey(b, NULL, pem_no_password_cb, NULL);
   BIO_free(b);
   if (!env->key) {
     crypto_log_errors(LOG_WARN, "reading public key from string");





More information about the tor-commits mailing list