[tor-bugs] #3555 [Tor bundles/installation]: TBB: hardcode SSL cert check to prevent MITM
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sun Aug 28 20:02:04 UTC 2011
#3555: TBB: hardcode SSL cert check to prevent MITM
----------------------------------------+-----------------------------------
Reporter: tagnaq | Owner: mikeperry
Type: defect | Status: assigned
Priority: major | Milestone: TorBrowserBundle 2.2.x-stable
Component: Tor bundles/installation | Version:
Keywords: MikePerryIteration20110828 | Parent:
Points: 1 | Actualpoints:
----------------------------------------+-----------------------------------
Comment(by mikeperry):
Bleh, the only reference I can find for this in the Firefox source is the
pref app.update.certs.1.commonName. The pref is used in
./toolkit/mozapps/update/nsUpdateService.js seems to only be used to check
the common name in the Checker.onLoad handler via CertUtils.checkCert.
The checkCert function does some additional checks to make sure the
channel is using a built-in cert, but I still don't see where in the
source distribution this builtin lives.
It also seems to say that we can't just include our cert, even if we
wanted. We must also cause this checkCert to get called for our addon
updates, otherwise the adversary could use a CA independent of our builtin
and it will still work..
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3555#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list