Fix time sensitive TSIG compare vulnerability.

author W.C.A. Wijngaards <wouter@nlnetlabs.nl>

Mon, 30 Jul 2018 12:19:57 +0000 (14:19 +0200)

committer W.C.A. Wijngaards <wouter@nlnetlabs.nl>

Mon, 30 Jul 2018 12:19:57 +0000 (14:19 +0200)
author W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Mon, 30 Jul 2018 12:19:57 +0000 (14:19 +0200)
committer W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Mon, 30 Jul 2018 12:19:57 +0000 (14:19 +0200)
diff --git a/Changelog b/Changelog

index 67afe939266df824dc627bbcd15c8068391ca26e..7b229712d89876de82f3afeafd40fd19bdeffe75 100644 (file)
--- a/Changelog
+++ b/Changelog
@@ -28,6 +28,7 @@
           Thanks James Raftery
         * ED25519 and ED448 support.
         * ldns-notify: can have IPv6 address as argument.
+       * Fix time sensitive TSIG compare vulnerability.
  
  1.7.0  2016-12-20
         * Fix lookup of relative names in ldns_resolver_search.
diff --git a/tsig.c b/tsig.c

index 62776f061d6afaa696b8bf6103a0b67ee6e464d9..458861a15b6ee5f10bda13e0756ab750f1f5a6f2 100644 (file)
--- a/tsig.c
+++ b/tsig.c
@@ -349,7 +349,13 @@ ldns_pkt_tsig_verify_next(ldns_pkt *pkt, const uint8_t *wire, size_t wirelen, co
  
         ldns_rdf_deep_free(key_name_rdf);
  
-       if (ldns_rdf_compare(pkt_mac_rdf, my_mac_rdf) == 0) {
+       if( ldns_rdf_size(pkt_mac_rdf) != ldns_rdf_size(my_mac_rdf)) {
+               ldns_rdf_deep_free(my_mac_rdf);
+               return false;
+       }
+       /* use time insensitive memory compare */
+       if(CRYPTO_memcmp(ldns_rdf_data(pkt_mac_rdf), ldns_rdf_data(my_mac_rdf),
+               ldns_rdf_size(my_mac_rdf)) == 0) {
                 ldns_rdf_deep_free(my_mac_rdf);
                 return true;
         } else {
author	W.C.A. Wijngaards <wouter@nlnetlabs.nl>
	Mon, 30 Jul 2018 12:19:57 +0000 (14:19 +0200)
committer	W.C.A. Wijngaards <wouter@nlnetlabs.nl>
	Mon, 30 Jul 2018 12:19:57 +0000 (14:19 +0200)
Changelog		patch \| blob \| blame \| history
tsig.c		patch \| blob \| blame \| history