projects / tinc / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 49b4cd8) | patch
Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738)
authorGuus Sliepen <guus@tinc-vpn.org>
Sat, 8 Sep 2018 18:48:14 +0000 (20:48 +0200)
committerGuus Sliepen <guus@tinc-vpn.org>
Sun, 9 Sep 2018 13:30:02 +0000 (15:30 +0200)
commitd3297fbd3b8c8c8a4661f5bbf89aca5cacba8b5a
treed54b9350a5bf55ccb8caa906efd04fec501ac22ctree | snapshot
parent49b4cd84ba6c33c6dfde0ef0ac978e5004273f56commit | diff
Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738)

The authentication protocol allows an oracle attack that could
potentially be exploited. This commit contains several mitigations:

- Connections are no longer closed immediately on error, but put in
  a "tarpit".
- The authentication protocol now requires a valid CHAL_REPLY from the
  initiator of a connection before sending a CHAL_REPLY of its own.
- Only a limited amount of connections per second are accepted.
- Null ciphers or digests are no longer allowed in METAKEYs.
- Connections that claim to have the same name as the local node are
  rejected.
src/connection.h diff | blob | history
src/net.c diff | blob | history
src/net.h diff | blob | history
src/net_socket.c diff | blob | history
src/protocol_auth.c diff | blob | history
src/protocol_edge.c diff | blob | history
tinc, the VPN daemon