Changeset 641d11b in mod_gnutls


Ignore:
Timestamp:
Jun 5, 2020, 2:18:27 PM (5 months ago)
Author:
Fiona Klute <fiona.klute@…>
Branches:
master
Children:
e6d9e47
Parents:
2b1b52f
Message:

Delete session tickets for proxy connections when using them

Tickets should not be reused because an attacker could correlate
connections using the same ticket. Cache deletion code has been
extracted from socache_delete_session() into a generic function.

Location:
src
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_cache.c

    r2b1b52f r641d11b  
    269269
    270270
     271apr_status_t mgs_cache_delete(mgs_cache_t cache, server_rec *server,
     272                              gnutls_datum_t key, apr_pool_t *pool)
     273{
     274    apr_pool_t *spool;
     275    apr_pool_create(&spool, pool);
     276
     277    if (cache->prov->flags & AP_SOCACHE_FLAG_NOTMPSAFE)
     278        apr_global_mutex_lock(cache->mutex);
     279    apr_status_t rv = cache->prov->remove(cache->socache, server,
     280                                          key.data, key.size,
     281                                          spool);
     282    if (cache->prov->flags & AP_SOCACHE_FLAG_NOTMPSAFE)
     283        apr_global_mutex_unlock(cache->mutex);
     284
     285    if (rv != APR_SUCCESS)
     286        ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, server,
     287                     "error deleting from cache '%s:%s'",
     288                     cache->prov->name, cache->config);
     289    else
     290        ap_log_error(APLOG_MARK, APLOG_TRACE1, rv, server,
     291                     "deleted entry from cache '%s:%s'",
     292                     cache->prov->name, cache->config);
     293    apr_pool_destroy(spool);
     294    return rv;
     295}
     296
     297
     298
    271299/**
    272300 * Remove function for the GnuTLS session cache, see
     
    288316        return -1;
    289317
    290     if (ctxt->sc->cache->prov->flags & AP_SOCACHE_FLAG_NOTMPSAFE)
    291         apr_global_mutex_lock(ctxt->sc->cache->mutex);
    292     apr_status_t rv = ctxt->sc->cache->prov->remove(ctxt->sc->cache->socache,
    293                                                     ctxt->c->base_server,
    294                                                     dbmkey.data, dbmkey.size,
    295                                                     ctxt->c->pool);
    296     if (ctxt->sc->cache->prov->flags & AP_SOCACHE_FLAG_NOTMPSAFE)
    297         apr_global_mutex_unlock(ctxt->sc->cache->mutex);
    298 
    299     if (rv != APR_SUCCESS) {
    300         ap_log_error(APLOG_MARK, APLOG_NOTICE, rv,
    301                      ctxt->c->base_server,
    302                      "error deleting from cache '%s:%s'",
    303                      ctxt->sc->cache->prov->name, ctxt->sc->cache->config);
     318    apr_status_t rv = mgs_cache_delete(ctxt->sc->cache, ctxt->c->base_server,
     319                                       dbmkey, ctxt->c->pool);
     320    if (rv != APR_SUCCESS)
    304321        return -1;
    305     }
    306     return 0;
     322    else
     323        return 0;
    307324}
    308325
  • src/gnutls_cache.h

    r2b1b52f r641d11b  
    154154                             gnutls_datum_t key, gnutls_datum_t *output,
    155155                             apr_pool_t *pool);
     156
     157/**
     158 * Delete an item from the mod_gnutls object caches.
     159 *
     160 * @param cache the cache to delete from
     161 *
     162 * @param server server context for the request
     163 *
     164 * @param key key for the cache entry to be deleted
     165 *
     166 * @param pool pool to allocate temporary memory from
     167 *
     168 * @return APR status or error value
     169 */
     170apr_status_t mgs_cache_delete(mgs_cache_t cache, server_rec *server,
     171                              gnutls_datum_t key, apr_pool_t *pool);
    156172
    157173/**
  • src/gnutls_proxy.c

    r2b1b52f r641d11b  
    427427    }
    428428
    429     // TODO: delete the cache entry
     429    /* Best effort attempt to avoid ticket reuse. Unfortunately
     430     * another thread or process could update (or remove) the cache in
     431     * between, but that can't be avoided without forcing use of a
     432     * global mutex even with a multiprocess-safe socache provider. */
     433    mgs_cache_delete(ctxt->sc->cache, ctxt->c->base_server,
     434                     ctxt->proxy_ticket_key, ctxt->c->pool);
    430435
    431436    int ret = gnutls_session_set_data(ctxt->session, data.data, data.size);
Note: See TracChangeset for help on using the changeset viewer.