From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Mon, 30 Jul 2018 12:19:57 +0000 (+0200)
Subject: Fix time sensitive TSIG compare vulnerability.
X-Git-Tag: release-1.7.1-rc1~41
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9f4e7daedbd5572da2e5758e2cfb0362c99785e2;p=thirdparty%2Fldns.git

Fix time sensitive TSIG compare vulnerability.
---

diff --git a/Changelog b/Changelog
index 67afe939..7b229712 100644
--- a/Changelog
+++ b/Changelog
@@ -28,6 +28,7 @@
 	  Thanks James Raftery
 	* ED25519 and ED448 support.
 	* ldns-notify: can have IPv6 address as argument.
+	* Fix time sensitive TSIG compare vulnerability.
 
 1.7.0	2016-12-20
 	* Fix lookup of relative names in ldns_resolver_search.
diff --git a/tsig.c b/tsig.c
index 62776f06..458861a1 100644
--- a/tsig.c
+++ b/tsig.c
@@ -349,7 +349,13 @@ ldns_pkt_tsig_verify_next(ldns_pkt *pkt, const uint8_t *wire, size_t wirelen, co
 
 	ldns_rdf_deep_free(key_name_rdf);
 
-	if (ldns_rdf_compare(pkt_mac_rdf, my_mac_rdf) == 0) {
+	if( ldns_rdf_size(pkt_mac_rdf) != ldns_rdf_size(my_mac_rdf)) {
+		ldns_rdf_deep_free(my_mac_rdf);
+		return false;
+	}
+	/* use time insensitive memory compare */
+	if(CRYPTO_memcmp(ldns_rdf_data(pkt_mac_rdf), ldns_rdf_data(my_mac_rdf),
+		ldns_rdf_size(my_mac_rdf)) == 0) {
 		ldns_rdf_deep_free(my_mac_rdf);
 		return true;
 	} else {