1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
|
From 6a6c275534e31b41f6d203cfd92685b7526a45e8 Mon Sep 17 00:00:00 2001
From: Hitendra Prajapati <hprajapati@mvista.com>
Date: Fri, 11 Nov 2022 10:15:38 +0530
Subject: [PATCH] CVE-2022-40617
Upstream-Status: Backport [https://download.strongswan.org/security/CVE-2022-40617]
CVE: CVE-2022-40617
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
credential-manager: Do online revocation checks only after
basic trust chain validation
This avoids querying URLs of potentially untrusted certificates, e.g. if
an attacker sends a specially crafted end-entity and intermediate CA
certificate with a CDP that points to a server that completes the
TCP handshake but then does not send any further data, which will block
the fetcher thread (depending on the plugin) for as long as the default
timeout for TCP. Doing that multiple times will block all worker threads,
leading to a DoS attack.
The logging during the certificate verification obviously changes.
---
.../credentials/credential_manager.c | 54 +++++++++++++++----
1 file changed, 45 insertions(+), 9 deletions(-)
diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c
index 3be0190..f65372b 100644
--- a/src/libstrongswan/credentials/credential_manager.c
+++ b/src/libstrongswan/credentials/credential_manager.c
@@ -555,7 +555,7 @@ static void cache_queue(private_credential_manager_t *this)
*/
static bool check_lifetime(private_credential_manager_t *this,
certificate_t *cert, char *label,
- int pathlen, bool trusted, auth_cfg_t *auth)
+ int pathlen, bool anchor, auth_cfg_t *auth)
{
time_t not_before, not_after;
cert_validator_t *validator;
@@ -570,7 +570,7 @@ static bool check_lifetime(private_credential_manager_t *this,
continue;
}
status = validator->check_lifetime(validator, cert,
- pathlen, trusted, auth);
+ pathlen, anchor, auth);
if (status != NEED_MORE)
{
break;
@@ -603,13 +603,13 @@ static bool check_lifetime(private_credential_manager_t *this,
*/
static bool check_certificate(private_credential_manager_t *this,
certificate_t *subject, certificate_t *issuer, bool online,
- int pathlen, bool trusted, auth_cfg_t *auth)
+ int pathlen, bool anchor, auth_cfg_t *auth)
{
cert_validator_t *validator;
enumerator_t *enumerator;
if (!check_lifetime(this, subject, "subject", pathlen, FALSE, auth) ||
- !check_lifetime(this, issuer, "issuer", pathlen + 1, trusted, auth))
+ !check_lifetime(this, issuer, "issuer", pathlen + 1, anchor, auth))
{
return FALSE;
}
@@ -622,7 +622,7 @@ static bool check_certificate(private_credential_manager_t *this,
continue;
}
if (!validator->validate(validator, subject, issuer,
- online, pathlen, trusted, auth))
+ online, pathlen, anchor, auth))
{
enumerator->destroy(enumerator);
return FALSE;
@@ -725,6 +725,7 @@ static bool verify_trust_chain(private_credential_manager_t *this,
auth_cfg_t *auth;
signature_params_t *scheme;
int pathlen;
+ bool is_anchor = FALSE;
auth = auth_cfg_create();
get_key_strength(subject, auth);
@@ -742,7 +743,7 @@ static bool verify_trust_chain(private_credential_manager_t *this,
auth->add(auth, AUTH_RULE_CA_CERT, issuer->get_ref(issuer));
DBG1(DBG_CFG, " using trusted ca certificate \"%Y\"",
issuer->get_subject(issuer));
- trusted = TRUE;
+ trusted = is_anchor = TRUE;
}
else
{
@@ -777,11 +778,18 @@ static bool verify_trust_chain(private_credential_manager_t *this,
DBG1(DBG_CFG, " issuer is \"%Y\"",
current->get_issuer(current));
call_hook(this, CRED_HOOK_NO_ISSUER, current);
+ if (trusted)
+ {
+ DBG1(DBG_CFG, " reached end of incomplete trust chain for "
+ "trusted certificate \"%Y\"",
+ subject->get_subject(subject));
+ }
break;
}
}
- if (!check_certificate(this, current, issuer, online,
- pathlen, trusted, auth))
+ /* don't do online verification here */
+ if (!check_certificate(this, current, issuer, FALSE,
+ pathlen, is_anchor, auth))
{
trusted = FALSE;
issuer->destroy(issuer);
@@ -793,7 +801,7 @@ static bool verify_trust_chain(private_credential_manager_t *this,
}
current->destroy(current);
current = issuer;
- if (trusted)
+ if (is_anchor)
{
DBG1(DBG_CFG, " reached self-signed root ca with a "
"path length of %d", pathlen);
@@ -806,6 +814,34 @@ static bool verify_trust_chain(private_credential_manager_t *this,
DBG1(DBG_CFG, "maximum path length of %d exceeded", MAX_TRUST_PATH_LEN);
call_hook(this, CRED_HOOK_EXCEEDED_PATH_LEN, subject);
}
+ else if (trusted && online)
+ {
+ enumerator_t *enumerator;
+ auth_rule_t rule;
+
+ /* do online revocation checks after basic validation of the chain */
+ pathlen = 0;
+ current = subject;
+ enumerator = auth->create_enumerator(auth);
+ while (enumerator->enumerate(enumerator, &rule, &issuer))
+ {
+ if (rule == AUTH_RULE_CA_CERT || rule == AUTH_RULE_IM_CERT)
+ {
+ if (!check_certificate(this, current, issuer, TRUE, pathlen++,
+ rule == AUTH_RULE_CA_CERT, auth))
+ {
+ trusted = FALSE;
+ break;
+ }
+ else if (rule == AUTH_RULE_CA_CERT)
+ {
+ break;
+ }
+ current = issuer;
+ }
+ }
+ enumerator->destroy(enumerator);
+ }
if (trusted)
{
result->merge(result, auth, FALSE);
--
2.25.1
|
