classification
Title: Harden ssl module against CVE-2018-8970
Type: security Stage: patch review
Components: SSL Versions: Python 3.8, Python 3.7
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: christian.heimes Nosy List: christian.heimes
Priority: high Keywords: patch

Created on 2018-03-25 09:19 by christian.heimes, last changed 2018-03-25 11:28 by christian.heimes.

Pull Requests
URL Status Linked Edit
PR 6229 open christian.heimes, 2018-03-25 10:06
PR 6230 merged miss-islington, 2018-03-25 10:37
Messages (3)
msg314400 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2018-03-25 09:19
Since 3.7, the ssl module uses X509_VERIFY_PARAM_set1_host() to put the burden of hostname matching on OpenSSL. More specific, it calls X509_VERIFY_PARAM_set1_host(param, server_hostname, 0). The namelen=0 parameter means that OpenSSL handles server_hostname as a NUL-terminated C string.

LibreSSL 2.7.0 added X509_VERIFY_PARAM_set1_host(), but took the implementation from BoringSSL instead of OpenSSL. The BoringSSL implementation doesn't support namelen=0. X509_VERIFY_PARAM_set1_host(param, server_hostname, 0) returns success but doesn't configure the SSL connection for hostname verification. As a result, LibreSSL 2.7.0 doesn't perform any hostname matching. All trusted certificates are accepted for just any arbitrary hostname. This misbehavior left Python 3.7 beta open to man-in-the-middle attack.

LibreSSL 2.7.1 has fixed the issue. To harden the ssl module against, I'm also changing our implementation to use strlen() instead of 0.


https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8970
https://bugs.chromium.org/p/boringssl/issues/detail?id=30
https://bugs.chromium.org/p/chromium/issues/detail?id=824799 (restricted for now)
msg314402 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2018-03-25 10:36
New changeset d02ac25ab0879f1a6de6937573bf00a16b7bd22e by Christian Heimes in branch 'master':
bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229)
https://github.com/python/cpython/commit/d02ac25ab0879f1a6de6937573bf00a16b7bd22e
msg314406 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2018-03-25 11:28
New changeset 2dd885eaa0d427e84892673c83d697bca5427c8b by Christian Heimes (Miss Islington (bot)) in branch '3.7':
[3.7] bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229) (GH-6230)
https://github.com/python/cpython/commit/2dd885eaa0d427e84892673c83d697bca5427c8b
History
Date User Action Args
2018-03-25 11:28:22christian.heimessetmessages: + msg314406
2018-03-25 10:37:32miss-islingtonsetpull_requests: + pull_request5969
2018-03-25 10:36:16christian.heimessetmessages: + msg314402
2018-03-25 10:06:47christian.heimessetkeywords: + patch
stage: needs patch -> patch review
pull_requests: + pull_request5968
2018-03-25 09:19:22christian.heimescreate