This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Title: Harden ssl module against CVE-2018-8970
Type: security Stage: commit review
Components: SSL Versions: Python 3.8, Python 3.7
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: christian.heimes Nosy List: christian.heimes, epicfaace, gregory.p.smith
Priority: high Keywords: patch

Created on 2018-03-25 09:19 by christian.heimes, last changed 2022-04-11 14:58 by admin. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 6229 open christian.heimes, 2018-03-25 10:06
PR 6230 merged miss-islington, 2018-03-25 10:37
Messages (5)
msg314400 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2018-03-25 09:19
Since 3.7, the ssl module uses X509_VERIFY_PARAM_set1_host() to put the burden of hostname matching on OpenSSL. More specific, it calls X509_VERIFY_PARAM_set1_host(param, server_hostname, 0). The namelen=0 parameter means that OpenSSL handles server_hostname as a NUL-terminated C string.

LibreSSL 2.7.0 added X509_VERIFY_PARAM_set1_host(), but took the implementation from BoringSSL instead of OpenSSL. The BoringSSL implementation doesn't support namelen=0. X509_VERIFY_PARAM_set1_host(param, server_hostname, 0) returns success but doesn't configure the SSL connection for hostname verification. As a result, LibreSSL 2.7.0 doesn't perform any hostname matching. All trusted certificates are accepted for just any arbitrary hostname. This misbehavior left Python 3.7 beta open to man-in-the-middle attack.

LibreSSL 2.7.1 has fixed the issue. To harden the ssl module against, I'm also changing our implementation to use strlen() instead of 0. (restricted for now)
msg314402 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2018-03-25 10:36
New changeset d02ac25ab0879f1a6de6937573bf00a16b7bd22e by Christian Heimes in branch 'master':
bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229)
msg314406 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2018-03-25 11:28
New changeset 2dd885eaa0d427e84892673c83d697bca5427c8b by Christian Heimes (Miss Islington (bot)) in branch '3.7':
[3.7] bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229) (GH-6230)
msg364181 - (view) Author: Ashwin Ramaswami (epicfaace) * Date: 2020-03-14 15:06
Can this be closed now?
msg388600 - (view) Author: Gregory P. Smith (gregory.p.smith) * (Python committer) Date: 2021-03-13 10:03
yes, this was fixed.
Date User Action Args
2022-04-11 14:58:59adminsetgithub: 77317
2021-03-13 10:03:31gregory.p.smithsetstatus: open -> closed

nosy: + gregory.p.smith
messages: + msg388600

resolution: fixed
stage: patch review -> commit review
2020-03-14 15:06:35epicfaacesetnosy: + epicfaace
messages: + msg364181
2018-03-25 11:28:22christian.heimessetmessages: + msg314406
2018-03-25 10:37:32miss-islingtonsetpull_requests: + pull_request5969
2018-03-25 10:36:16christian.heimessetmessages: + msg314402
2018-03-25 10:06:47christian.heimessetkeywords: + patch
stage: needs patch -> patch review
pull_requests: + pull_request5968
2018-03-25 09:19:22christian.heimescreate