wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/apps
History
Emilia Kasper 259b664f95 CVE-2016-0798: avoid memory leak in SRP 
The SRP user database lookup method SRP_VBASE_get_by_user had confusing
memory management semantics; the returned pointer was sometimes newly
allocated, and sometimes owned by the callee. The calling code has no
way of distinguishing these two cases.

Specifically, SRP servers that configure a secret seed to hide valid
login information are vulnerable to a memory leak: an attacker
connecting with an invalid username can cause a memory leak of around
300 bytes per connection.

Servers that do not configure SRP, or configure SRP but do not configure
a seed are not vulnerable.

In Apache, the seed directive is known as SSLSRPUnknownUserSeed.

To mitigate the memory leak, the seed handling in SRP_VBASE_get_by_user
is now disabled even if the user has configured a seed.

Applications are advised to migrate to SRP_VBASE_get1_by_user. However,
note that OpenSSL makes no strong guarantees about the
indistinguishability of valid and invalid logins. In particular,
computations are currently not carried out in constant time.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-24 18:39:13 +01:00
..
demoCA
demoSRP
set
app_rand.c GH345: Remove stderr output 2015-08-16 21:09:45 -04:00
apps.c Fix pkeyutl/rsautl empty encrypt-input/decrypt-output handling 2016-02-02 12:41:33 -05:00
apps.h Fix pkeyutl/rsautl empty encrypt-input/decrypt-output handling 2016-02-02 12:41:33 -05:00
asn1pars.c Don't try and parse boolean type. 2015-10-06 15:16:05 +01:00
ca-cert.srl
ca-key.pem
ca-req.pem
ca.c Fix missing malloc return value checks 2015-11-09 22:54:19 +00:00
CA.com
CA.pl.in
CA.sh
cert.pem
ciphers.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
client.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:45:15 +00:00
cms.c Add -no_alt_chains option to apps to implement the new 2015-04-20 13:42:17 +01:00
crl.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
crl2p7.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
dgst.c Move malloc fail checks closer to malloc 2015-03-17 13:48:04 +00:00
dh.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
dh512.pem
dh1024.pem
dh2048.pem
dh4096.pem
dhparam.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
dsa-ca.pem
dsa-pca.pem
dsa.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
dsa512.pem
dsa1024.pem
dsap.pem
dsaparam.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ec.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ecparam.c Remove useless code 2015-10-23 20:32:59 +02:00
enc.c RT2943: Check sizes if -iv and -K arguments 2015-05-04 20:21:21 +02:00
engine.c Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
errstr.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
gendh.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
gendsa.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
genpkey.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
genrsa.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
install-apps.com
makeapps.com Make sure that disabling the MAYLOSEDATA3 warning is only done when the 2014-06-14 16:58:11 +02:00
Makefile Remove extra '; \' in apps/Makefile 2015-07-13 17:14:38 +02:00
nseq.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ocsp.c To avoid possible time_t overflow use X509_time_adj_ex() 2016-01-14 03:02:27 +00:00
oid.cnf
openssl-vms.cnf make update 2014-09-23 18:20:26 +02:00
openssl.c Fix memory leak reporting. 2015-02-09 13:01:15 +00:00
openssl.cnf RT2626: Change default_bits from 1K to 2K 2014-09-08 17:23:37 -04:00
passwd.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
pca-cert.srl
pca-key.pem
pca-req.pem
pkcs7.c Dead code removal from apps 2015-03-17 14:49:47 +00:00
pkcs8.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
pkcs12.c Fix X509_STORE_CTX_cleanup() 2016-01-02 11:14:05 -05:00
pkey.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
pkeyparam.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
pkeyutl.c Fix pkeyutl/rsautl empty encrypt-input/decrypt-output handling 2016-02-02 12:41:33 -05:00
prime.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
privkey.pem
progs.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
progs.pl Make no-ssl3 no-ssl2 do more sensible things. 2014-06-29 03:05:21 +01:00
rand.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
req.c RT 3854: Update apps/req 2016-02-12 14:17:57 +01:00
req.pem
rsa.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
rsa8192.pem
rsautl.c Fix pkeyutl/rsautl empty encrypt-input/decrypt-output handling 2016-02-02 12:41:33 -05:00
s512-key.pem
s512-req.pem
s1024key.pem
s1024req.pem
s_apps.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s_cb.c GH371: Print debug info for ALPN extension 2015-08-26 07:09:27 -04:00
s_client.c GH611: s_client help message bug 2016-02-02 12:16:10 -05:00
s_server.c CVE-2016-0798: avoid memory leak in SRP 2016-02-24 18:39:13 +01:00
s_socket.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
s_time.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00
server.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:45:15 +00:00
server.srl
server2.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:45:15 +00:00
sess_id.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
smime.c Add -no_alt_chains option to apps to implement the new 2015-04-20 13:42:17 +01:00
speed.c Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
spkac.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
srp.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00
testCA.pem
testdsa.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
testrsa.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
timeouts.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ts.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
tsget
verify.c Add -no_alt_chains option to apps to implement the new 2015-04-20 13:42:17 +01:00
version.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
vms_decc_init.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
winrand.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
x509.c To avoid possible time_t overflow use X509_time_adj_ex() 2016-01-14 03:02:27 +00:00