[tor-commits] [tor-browser] 30/68: Bug 13028: Prevent potential proxy bypass cases.

gitolite role git at cupani.torproject.org
Tue May 3 17:34:51 UTC 2022


This is an automated email from the git hooks/post-receive script.

richard pushed a commit to branch tor-browser-91.9.0esr-11.5-1
in repository tor-browser.

commit b047896e8a6e6bec124cde4c5772f7ead12c8d4b
Author: Mike Perry <mikeperry-git at torproject.org>
AuthorDate: Mon Sep 29 14:30:19 2014 -0700

    Bug 13028: Prevent potential proxy bypass cases.
    
    It looks like these cases should only be invoked in the NSS command line
    tools, and not the browser, but I decided to patch them anyway because there
    literally is a maze of network function pointers being passed around, and it's
    very hard to tell if some random code might not pass in the proper proxied
    versions of the networking code here by accident.
---
 security/nss/lib/certhigh/ocsp.c                    |  8 ++++++++
 .../lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c | 21 +++++++++++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c
index cea8456606bf1..86fa971cfbefe 100644
--- a/security/nss/lib/certhigh/ocsp.c
+++ b/security/nss/lib/certhigh/ocsp.c
@@ -2932,6 +2932,14 @@ ocsp_ConnectToHost(const char *host, PRUint16 port)
     PRNetAddr addr;
     char *netdbbuf = NULL;
 
+    // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but
+    // we want to ensure nothing can ever hit this code in production.
+#if 1
+    printf("Tor Browser BUG: Attempted OSCP direct connect to %s, port %u\n", host,
+            port);
+    goto loser;
+#endif
+
     sock = PR_NewTCPSocket();
     if (sock == NULL)
         goto loser;
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
index e8698376b5bec..85791d84a9324 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
@@ -1334,6 +1334,13 @@ pkix_pl_Socket_Create(
                     plContext),
                     PKIX_COULDNOTCREATESOCKETOBJECT);
 
+        // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but
+        // we want to ensure nothing can ever hit this code in production.
+#if 1
+        printf("Tor Browser BUG: Attempted pkix direct socket connect\n");
+        PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
+
         socket->isServer = isServer;
         socket->timeout = timeout;
         socket->clientSock = NULL;
@@ -1433,6 +1440,13 @@ pkix_pl_Socket_CreateByName(
 
         localCopyName = PL_strdup(serverName);
 
+        // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but
+        // we want to ensure nothing can ever hit this code in production.
+#if 1
+        printf("Tor Browser BUG: Attempted pkix direct connect to %s\n", serverName);
+        PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
+
         sepPtr = strchr(localCopyName, ':');
         /* First strip off the portnum, if present, from the end of the name */
         if (sepPtr) {
@@ -1582,6 +1596,13 @@ pkix_pl_Socket_CreateByHostAndPort(
         PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByHostAndPort");
         PKIX_NULLCHECK_THREE(hostname, pStatus, pSocket);
 
+        // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but
+        // we want to ensure nothing can ever hit this code in production.
+#if 1
+        printf("Tor Browser BUG: Attempted pkix direct connect to %s, port %u\n", hostname,
+                portnum);
+        PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
 
         prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), &hostent);
 

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the tor-commits mailing list