December 2017 - tor-commits - lists.torproject.org

[tor/release-0.3.0] Fix length of replaycache-checked data.
by nickm＠torproject.org 01 Dec '17

01 Dec '17

commit 2834cc9c18230c36278ffa94a252abeb91b6cff9 Author: Nick Mathewson <nickm(a)torproject.org> Date: Sat Nov 11 13:40:21 2017 -0500 Fix length of replaycache-checked data. This is a regression; we should have been checking only the public-key encrypted portion. Fixes bug 24244, TROVE-2017-009, and CVE-2017-8819. --- changes/trove-2017-009 | 10 ++++++++++ src/or/rendservice.c | 4 +++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/changes/trove-2017-009 b/changes/trove-2017-009 new file mode 100644 index 000000000..512d18c29 --- /dev/null +++ b/changes/trove-2017-009 @@ -0,0 +1,10 @@ + o Major fixes (security): + - When checking for replays in the INTRODUCE1 cell data for a (legacy) + hiddden service, correctly detect replays in the RSA-encrypted part of + the cell. We were previously checking for replays on the entire cell, + but those can be circumvented due to the malleability of Tor's legacy + hybrid encryption. This fix helps prevent a traffic confirmation + attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also + tracked as TROVE-2017-009 and CVE-2017-8819. + + diff --git a/src/or/rendservice.c b/src/or/rendservice.c index d958de9df..ba8891ead 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -1162,6 +1162,7 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request, time_t now = time(NULL); time_t elapsed; int replay; + size_t keylen; /* Do some initial validation and logging before we parse the cell */ if (circuit->base_.purpose != CIRCUIT_PURPOSE_S_INTRO) { @@ -1245,9 +1246,10 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request, } /* check for replay of PK-encrypted portion. */ + keylen = crypto_pk_keysize(intro_key); replay = replaycache_add_test_and_elapsed( intro_point->accepted_intro_rsa_parts, - parsed_req->ciphertext, parsed_req->ciphertext_len, + parsed_req->ciphertext, MIN(parsed_req->ciphertext_len, keylen), &elapsed); if (replay) {

1 0

[tor/release-0.3.0] Merge branch 'maint-0.2.9' into maint-0.3.0
by nickm＠torproject.org 01 Dec '17

01 Dec '17

commit 8f36104574a6dcce6e6dbb9b49e1f3766ab56441 Merge: 5fc0587c0 16c9cfd65 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Nov 30 12:24:13 2017 -0500 Merge branch 'maint-0.2.9' into maint-0.3.0

1 0

[tor/release-0.3.0] Merge branch 'maint-0.2.9' into maint-0.3.0
by nickm＠torproject.org 01 Dec '17

01 Dec '17

commit 5fc0587c040339357bc3fc37f1b5474f1c3d1a33 Merge: d459c08b7 7e2b012b4 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Nov 30 12:07:59 2017 -0500 Merge branch 'maint-0.2.9' into maint-0.3.0 changes/bug24313 | 5 +++++ changes/trove-2017-009 | 10 ++++++++++ changes/trove-2017-010 | 6 ++++++ changes/trove-2017-011 | 8 ++++++++ changes/trove-2017-012-part1 | 6 ++++++ src/common/crypto.c | 16 +++++++++++++--- src/or/protover.c | 5 +++++ src/or/rendservice.c | 8 +++++++- src/or/routerlist.c | 5 ++++- 9 files changed, 64 insertions(+), 5 deletions(-)

1 0

[tor/release-0.3.0] version bump to 0.2.8.17
by nickm＠torproject.org 01 Dec '17

01 Dec '17

commit 6ee44725449794951f93020bb04e5fa3ba784742 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Nov 30 12:22:32 2017 -0500 version bump to 0.2.8.17 --- configure.ac | 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 6fb101bf9..94cebf401 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.8.16-dev]) +AC_INIT([tor],[0.2.8.17]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index b9eac37c5..b9076fbc7 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.8.16-dev" +!define VERSION "0.2.8.17" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 211243d1d..9db6ef209 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -229,7 +229,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.8.16-dev" +#define VERSION "0.2.8.17"

1 0

[tor/release-0.3.0] Merge branch 'maint-0.3.0' into release-0.3.0
by nickm＠torproject.org 01 Dec '17

01 Dec '17

commit f1cbb09e35b9f5fdea2aa1ebae77ed45096fc7ae Merge: b1c543cf4 5fc0587c0 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Nov 30 12:07:59 2017 -0500 Merge branch 'maint-0.3.0' into release-0.3.0 changes/bug24313 | 5 +++++ changes/trove-2017-009 | 10 ++++++++++ changes/trove-2017-010 | 6 ++++++ changes/trove-2017-011 | 8 ++++++++ changes/trove-2017-012-part1 | 6 ++++++ changes/trove-2017-012-part2 | 5 +++++ src/common/crypto.c | 16 +++++++++++++--- src/or/entrynodes.c | 3 ++- src/or/protover.c | 5 +++++ src/or/rendservice.c | 8 +++++++- src/or/routerlist.c | 5 ++++- 11 files changed, 71 insertions(+), 6 deletions(-)

1 0

[tor/maint-0.3.0] hs-v2: Remove any expiring intro from the retry list
by nickm＠torproject.org 01 Dec '17

01 Dec '17

commit 3030741b5d24e9ae36e6d72c6a8c7d035fde9d2a Author: David Goulet <dgoulet(a)torproject.org> Date: Tue Nov 21 10:16:08 2017 -0500 hs-v2: Remove any expiring intro from the retry list TROVE-2017-13. Severity: High. In the unlikely case that a hidden service could be missing intro circuit(s), that it didn't have enough directory information to open new circuits and that an intro point was about to expire, a use-after-free is possible because of the intro point object being both in the retry list and expiring list at the same time. The intro object would get freed after the circuit failed to open and then access a second time when cleaned up from the expiring list. Fixes #24313 --- changes/bug24313 | 5 +++++ src/or/rendservice.c | 4 ++++ 2 files changed, 9 insertions(+) diff --git a/changes/bug24313 b/changes/bug24313 new file mode 100644 index 000000000..b927ec3ba --- /dev/null +++ b/changes/bug24313 @@ -0,0 +1,5 @@ + o Major bugfixes (security, hidden service v2): + - Fix a use-after-free error that could crash v2 Tor hidden services + when it failed to open circuits while expiring introductions + points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This + issue is also tracked as TROVE-2017-013 and CVE-2017-8823. diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 0a5b5efd5..cbf998136 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -3444,6 +3444,10 @@ remove_invalid_intro_points(rend_service_t *service, log_info(LD_REND, "Expiring %s as intro point for %s.", safe_str_client(extend_info_describe(intro->extend_info)), safe_str_client(service->service_id)); + /* We might have put it in the retry list if so, undo. */ + if (retry_nodes) { + smartlist_remove(retry_nodes, intro); + } smartlist_add(service->expiring_nodes, intro); SMARTLIST_DEL_CURRENT(service->intro_nodes, intro); /* Intro point is expired, we need a new one thus don't consider it

1 0

[tor/maint-0.3.0] Handle NULL input to protover_compute_for_old_tor()
by nickm＠torproject.org 01 Dec '17

01 Dec '17

commit 2c0487ecfb410d1361b114e60d8e9ffd2ed092ec Author: Nick Mathewson <nickm(a)torproject.org> Date: Sat Nov 11 13:56:35 2017 -0500 Handle NULL input to protover_compute_for_old_tor() Fixes bug 24245; bugfix on 0.2.9.4-alpha. TROVE-2017-010. --- changes/trove-2017-010 | 6 ++++++ src/or/protover.c | 5 +++++ 2 files changed, 11 insertions(+) diff --git a/changes/trove-2017-010 b/changes/trove-2017-010 new file mode 100644 index 000000000..d5bf9333d --- /dev/null +++ b/changes/trove-2017-010 @@ -0,0 +1,6 @@ + o Major bugfixes (security): + - Fix a denial-of-service issue where an attacker could crash + a directory authority using a malformed router descriptor. + Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked + as TROVE-2017-010 and CVE-2017-8820. + diff --git a/src/or/protover.c b/src/or/protover.c index 0a4d4fb8f..98957cabd 100644 --- a/src/or/protover.c +++ b/src/or/protover.c @@ -694,6 +694,11 @@ protocol_list_contains(const smartlist_t *protos, const char * protover_compute_for_old_tor(const char *version) { + if (version == NULL) { + /* No known version; guess the oldest series that is still supported. */ + version = "0.2.5.15"; + } + if (tor_version_as_new_as(version, FIRST_TOR_VERSION_TO_ADVERTISE_PROTOCOLS)) { return "";

1 0

[tor/maint-0.3.0] Avoid asking for passphrase on junky PEM input
by nickm＠torproject.org 01 Dec '17

01 Dec '17

commit 1880a6a88e240556a8e6b169f1160aa8220ab0ec Author: Nick Mathewson <nickm(a)torproject.org> Date: Sat Nov 11 14:21:37 2017 -0500 Avoid asking for passphrase on junky PEM input Fixes bug 24246 and TROVE-2017-011. This bug is so old, it's in Matej's code. Seems to have been introduced with e01522bbed6eea. --- changes/trove-2017-011 | 8 ++++++++ src/common/crypto.c | 16 +++++++++++++--- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/changes/trove-2017-011 b/changes/trove-2017-011 new file mode 100644 index 000000000..82d20d9e7 --- /dev/null +++ b/changes/trove-2017-011 @@ -0,0 +1,8 @@ + o Major bugfixes (security): + - Fix a denial of service bug where an attacker could use a malformed + directory object to cause a Tor instance to pause while OpenSSL would + try to read a passphrase from the terminal. (If the terminal was not + available, tor would continue running.) Fixes bug 24246; bugfix on + every version of Tor. Also tracked as TROVE-2017-011 and + CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720. + diff --git a/src/common/crypto.c b/src/common/crypto.c index f7362765d..8d816652d 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -592,11 +592,21 @@ crypto_pk_generate_key_with_bits(crypto_pk_t *env, int bits) return 0; } +/** A PEM callback that always reports a failure to get a password */ +static int +pem_no_password_cb(char *buf, int size, int rwflag, void *u) +{ + (void)buf; + (void)size; + (void)rwflag; + (void)u; + return 0; +} + /** Read a PEM-encoded private key from the len-byte string s * into env. Return 0 on success, -1 on failure. If len is -1, * the string is nul-terminated. */ -/* Used here, and used for testing. */ int crypto_pk_read_private_key_from_string(crypto_pk_t *env, const char *s, ssize_t len) @@ -615,7 +625,7 @@ crypto_pk_read_private_key_from_string(crypto_pk_t *env, if (env->key) RSA_free(env->key); - env->key = PEM_read_bio_RSAPrivateKey(b,NULL,NULL,NULL); + env->key = PEM_read_bio_RSAPrivateKey(b,NULL,pem_no_password_cb,NULL); BIO_free(b); @@ -747,7 +757,7 @@ crypto_pk_read_public_key_from_string(crypto_pk_t *env, const char *src, if (env->key) RSA_free(env->key); - env->key = PEM_read_bio_RSAPublicKey(b, NULL, NULL, NULL); + env->key = PEM_read_bio_RSAPublicKey(b, NULL, pem_no_password_cb, NULL); BIO_free(b); if (!env->key) { crypto_log_errors(LOG_WARN, "reading public key from string");

1 0

[tor/maint-0.3.0] Merge branch 'trove-2017-009_025' into maint-0.2.5
by nickm＠torproject.org 01 Dec '17

01 Dec '17

commit a6a0c7a4ecc22a744b123a47d466963f6023a11f Merge: 831d3b794 75509dc82 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Nov 30 12:05:59 2017 -0500 Merge branch 'trove-2017-009_025' into maint-0.2.5 changes/trove-2017-009 | 10 ++++++++++ src/or/rendservice.c | 4 +++- 2 files changed, 13 insertions(+), 1 deletion(-)

1 0

[tor/maint-0.3.0] Merge branch 'trove-2017-011_025' into maint-0.2.5
by nickm＠torproject.org 01 Dec '17

01 Dec '17

commit 08ce39fb0fd50ab0da4201201fa07e7776cb09e7 Merge: a6a0c7a4e 1880a6a88 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Nov 30 12:06:17 2017 -0500 Merge branch 'trove-2017-011_025' into maint-0.2.5 changes/trove-2017-011 | 8 ++++++++ src/common/crypto.c | 16 +++++++++++++--- 2 files changed, 21 insertions(+), 3 deletions(-)

1 0