TLS Man-In-The-Middle Vulnerability

Erwin Lam erwinlam at dds.nl
Mon Nov 23 04:21:41 UTC 2009


On Monday 23 November 2009 03:29:14 Scott Bennett wrote:
>      On Sun, 22 Nov 2009 23:47:36 +0100 Erwin Lam <erwinlam at dds.nl> wrote:
> >On Thursday 12 November 2009 03:15:20 Nick Mathewson wrote:
> >> On Wed, Nov 11, 2009 at 12:59:21PM -0500, Andrew S. Lists wrote:
> >> > On 11/05/09 15:52, Nick Mathewson wrote:
> >> > > On Thu, Nov 05, 2009 at 02:10:00PM -0500, Marcus Griep wrote:
> >> > >> Don't know if any one else has seen or taken a look at this.
> >> > >> I don't know if this affects Tor, though I believe that we do
> >> > >> use certificate renegotiation in the protocol, and that is
> >> > >> the entry vector for this particular vulnerability:
> >> > >
> >> > > FWIW, this doesn't affect Tor.  The problem here is not
> >> > > renegotiation per se; the problem is doing renegotiation, then
> >> > > acting as though data sent _before_ the renegotiation were
> >> > > authenticated with the rengotiated credentials.
> >> > >
> >> > > The Tor protocol isn't vulnerable here because 1) it doesn't
> >> > > allow data to be sent before the renegotiation step, and 2) it
> >> > > doesn't treat a renegotiation as authenticating previously
> >> > > exchanged data (because there isn't any).
> >> >
> >> > The vulnerability itself might not effect Tor, but the OpenSSL
> >> > workaround for this vulnerability of disabling renegotiation by
> >> > default in 0.9.8l [1] might not play nice with a Tor
> >> > implementation.
> >>
> >>=20
> >> Indeed it will not.  We have a fix in svn to make the 0.2.1.x and
> >> 0.2.2.x-alpha series both work correctly with OpenSSL 0.9.8l. 
> >> With any luck, we should get releases out before too long.
> >
> >Hi Nick,
> >
> >Would you mind releasing that updated version a.s.a.p. Tor doesn't
> > work=20 here at all anymore
> 
>      You must be just a tad behind in your reading.  The announcement
>  has already been posted.  Just go to the tor download page, and get
>  it.

Well, I am running tor v 0.2.1.20, which is the most recent version, on openSUSE 11.2 (x86_64). This is what I see in the log:

Nov 23 05:07:29.317 [notice] Tor 0.2.1.20 opening log file.
Nov 23 05:07:29.352 [notice] Parsing GEOIP file.
Nov 23 05:07:30.212 [notice] No current certificate known for authority urras; launching request.
Nov 23 05:07:30.212 [notice] Bootstrapped 5%: Connecting to directory server.
Nov 23 05:07:30.268 [notice] I learned some more directory information, but not enough to build a circuit: We have no network-status consensus.
Nov 23 05:07:30.269 [notice] No current certificate known for authority urras; launching request.
Nov 23 05:07:30.293 [notice] Bootstrapped 10%: Finishing handshake with directory server.
Nov 23 05:07:30.363 [warn] TLS error: unexpected close while renegotiating
Nov 23 05:07:30.421 [warn] TLS error: unexpected close while renegotiating
Nov 23 05:07:30.866 [warn] TLS error: unexpected close while renegotiating
Nov 23 05:08:31.090 [notice] No current certificate known for authority urras; launching request.
Nov 23 05:08:31.182 [warn] TLS error: unexpected close while renegotiating
Nov 23 05:08:31.446 [warn] TLS error: unexpected close while renegotiating
Nov 23 05:13:36.219 [notice] No current certificate known for authority urras; launching request.
Nov 23 05:13:36.344 [warn] TLS error: unexpected close while renegotiating
Nov 23 05:13:36.752 [warn] TLS error: unexpected close while renegotiating

Connection through tor is not possible.

RPM packages:

tor-0.2.1.20-1.pm.1.1.x86_64
openssl-0.9.8k-3.5.3.x86_64

Regards,
Erwin

-- 
Erwin Lam (erwinlam at dds.nl)
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list