Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/tls: OCSP and SCTs are dropped in resumed connections [freeze exception] #39075

Closed
katiehockman opened this issue May 14, 2020 · 5 comments
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. Security
Milestone

Comments

@katiehockman
Copy link
Contributor

katiehockman commented May 14, 2020

On resumed connections, the OCSP response and SCTs are dropped on the floor on the client-side. In the case of TLS 1.3, those parameters are available within the Certificate on the sessionStateTLS13 provided to the client, but just currently aren't being used. In the case of TLS 1.2, those parameters aren't included in the session state at all, since the certificates are just passed along as raw bytes. So fixing this for TLS 1.2 and earlier versions will require an update to the sessionState structure.

This will be particularly relevant now that 1.15 will include a VerifyConnection callback on the ConnectionState, which devs will use to access the OCSP responses and SCTs and do any necessary verification against them. Fixing this would be a stabilization fix for that new feature to align with user expectations.

/cc @FiloSottile

@katiehockman katiehockman added Security NeedsFix The path to resolution is known, but the work has not been done. labels May 14, 2020
@katiehockman katiehockman added this to the Go1.15 milestone May 14, 2020
@katiehockman katiehockman self-assigned this May 14, 2020
@katiehockman katiehockman changed the title crypto/tls: OCSP and SCTs aren't included in resumed connections crypto/tls: OCSP and SCTs are dropped in resumed connections May 14, 2020
@rolandshoemaker
Copy link
Member

rolandshoemaker commented May 14, 2020

@katiehockman I'd be interested in taking a crack at this, but don't want to tread on your toes if you're already working on it/planning on it.

@katiehockman
Copy link
Contributor Author

katiehockman commented May 15, 2020

Go for it! The earliest I would work on it would be the week of May 25, so if you beat me to it then great :)

I'll go ahead and assign it to you for now, and if needed can assign it back to myself later on.

@gopherbot
Copy link

gopherbot commented May 15, 2020

Change https://golang.org/cl/234237 mentions this issue: crypto/tls: restore OCSP and SCTs during session resumption

@FiloSottile FiloSottile changed the title crypto/tls: OCSP and SCTs are dropped in resumed connections crypto/tls: OCSP and SCTs are dropped in resumed connections [freeze exception] Jun 2, 2020
@FiloSottile
Copy link
Contributor

FiloSottile commented Jun 2, 2020

@rsc @golang/osp-team I'd like to ask for a freeze exception to land this fix. The bug is old in the context of Conn.ConnectionState, but the same structure is now passed to the (new in Go 1.15) VerifyConnection callback. Landing VerifyConnection without this fix will make the former not work correctly in the affected scenarios. The CL is ready and pretty safe.

@rsc
Copy link
Contributor

rsc commented Jun 2, 2020

CL and rationale looks good to me. Approved.

@golang golang locked and limited conversation to collaborators Jun 9, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. Security
Projects
None yet
Development

No branches or pull requests

5 participants