New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix unconstrained session cache growth in TLSv1.3 (3.1/3.0) #24044
Closed
mattcaswell
wants to merge
11
commits into
openssl:openssl-3.1
from
mattcaswell:fix-session-cache-3.1
Closed
Fix unconstrained session cache growth in TLSv1.3 (3.1/3.0) #24044
mattcaswell
wants to merge
11
commits into
openssl:openssl-3.1
from
mattcaswell:fix-session-cache-3.1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Repeatedly create sessions to be added to the cache and ensure we never exceed the expected size. Related to CVE-2024-2511
Test what happens if the same session gets resumed multiple times at the same time - and one of them gets marked as not_resumable. Related to CVE-2024-2511
In TLSv1.3 we create a new session object for each ticket that we send. We do this by duplicating the original session. If SSL_OP_NO_TICKET is in use then the new session will be added to the session cache. However, if early data is not in use (and therefore anti-replay protection is being used), then multiple threads could be resuming from the same session simultaneously. If this happens and a problem occurs on one of the threads, then the original session object could be marked as not_resumable. When we duplicate the session object this not_resumable status gets copied into the new session object. The new session object is then added to the session cache even though it is not_resumable. Subsequently, another bug means that the session_id_length is set to 0 for sessions that are marked as not_resumable - even though that session is still in the cache. Once this happens the session can never be removed from the cache. When that object gets to be the session cache tail object the cache never shrinks again and grows indefinitely. CVE-2024-2511
Make sure we can't inadvertently use a not_resumable session Related to CVE-2024-2511
Test sessions behave as we expect even in the case that an overflow occurs when adding a new session into the session cache. Related to CVE-2024-2511
mattcaswell
added
approval: review pending
This pull request needs review by a committer
approval: otc review pending
This pull request needs review by an OTC member
triaged: bug
The issue/pr is/fixes a bug
branch: 3.0
Merge to openssl-3.0 branch
branch: 3.1
Merge to openssl-3.1
tests: present
The PR has suitable tests present
labels
Apr 5, 2024
The last fixup commit is a workaround for the bug described in #24046 which this test stumbled into. |
t8m
approved these changes
Apr 5, 2024
t8m
removed
the
approval: otc review pending
This pull request needs review by an OTC member
label
Apr 5, 2024
nhorman
approved these changes
Apr 5, 2024
t8m
added
approval: done
This pull request has the required number of approvals
and removed
approval: review pending
This pull request needs review by a committer
labels
Apr 5, 2024
openssl-machine
added
approval: ready to merge
The 24 hour grace period has passed, ready to merge
and removed
approval: done
This pull request has the required number of approvals
labels
Apr 6, 2024
This pull request is ready to merge |
openssl-machine
pushed a commit
that referenced
this pull request
Apr 8, 2024
Repeatedly create sessions to be added to the cache and ensure we never exceed the expected size. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #24044)
openssl-machine
pushed a commit
that referenced
this pull request
Apr 8, 2024
Test what happens if the same session gets resumed multiple times at the same time - and one of them gets marked as not_resumable. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #24044)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 12, 2024
Repeatedly create sessions to be added to the cache and ensure we never exceed the expected size. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit 5f5b9e1)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 12, 2024
Repeatedly create sessions to be added to the cache and ensure we never exceed the expected size. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit 5f5b9e1)
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Repeatedly create sessions to be added to the cache and ensure we never exceed the expected size. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit 5f5b9e1ca1fad0215f623b8bd4955a2e8101f306) Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Test what happens if the same session gets resumed multiple times at the same time - and one of them gets marked as not_resumable. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit 031b11a4054c972a5e2f07dfa81ce1842453253e) Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
In TLSv1.3 we create a new session object for each ticket that we send. We do this by duplicating the original session. If SSL_OP_NO_TICKET is in use then the new session will be added to the session cache. However, if early data is not in use (and therefore anti-replay protection is being used), then multiple threads could be resuming from the same session simultaneously. If this happens and a problem occurs on one of the threads, then the original session object could be marked as not_resumable. When we duplicate the session object this not_resumable status gets copied into the new session object. The new session object is then added to the session cache even though it is not_resumable. Subsequently, another bug means that the session_id_length is set to 0 for sessions that are marked as not_resumable - even though that session is still in the cache. Once this happens the session can never be removed from the cache. When that object gets to be the session cache tail object the cache never shrinks again and grows indefinitely. CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit 7e4d731b1c07201ad9374c1cd9ac5263bdf35bce) Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Make sure we can't inadvertently use a not_resumable session Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit c342f4b8bd2d0b375b0e22337057c2eab47d9b96) Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Test sessions behave as we expect even in the case that an overflow occurs when adding a new session into the session cache. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit ddead0935d77ba9b771d632ace61b145d7153f18) Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Repeatedly create sessions to be added to the cache and ensure we never exceed the expected size. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit 5f5b9e1ca1fad0215f623b8bd4955a2e8101f306) Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Test what happens if the same session gets resumed multiple times at the same time - and one of them gets marked as not_resumable. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit 031b11a4054c972a5e2f07dfa81ce1842453253e) Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
In TLSv1.3 we create a new session object for each ticket that we send. We do this by duplicating the original session. If SSL_OP_NO_TICKET is in use then the new session will be added to the session cache. However, if early data is not in use (and therefore anti-replay protection is being used), then multiple threads could be resuming from the same session simultaneously. If this happens and a problem occurs on one of the threads, then the original session object could be marked as not_resumable. When we duplicate the session object this not_resumable status gets copied into the new session object. The new session object is then added to the session cache even though it is not_resumable. Subsequently, another bug means that the session_id_length is set to 0 for sessions that are marked as not_resumable - even though that session is still in the cache. Once this happens the session can never be removed from the cache. When that object gets to be the session cache tail object the cache never shrinks again and grows indefinitely. CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit 7e4d731b1c07201ad9374c1cd9ac5263bdf35bce) Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Make sure we can't inadvertently use a not_resumable session Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit c342f4b8bd2d0b375b0e22337057c2eab47d9b96) Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Test sessions behave as we expect even in the case that an overflow occurs when adding a new session into the session cache. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit ddead0935d77ba9b771d632ace61b145d7153f18) Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
In TLSv1.3 we create a new session object for each ticket that we send. We do this by duplicating the original session. If SSL_OP_NO_TICKET is in use then the new session will be added to the session cache. However, if early data is not in use (and therefore anti-replay protection is being used), then multiple threads could be resuming from the same session simultaneously. If this happens and a problem occurs on one of the threads, then the original session object could be marked as not_resumable. When we duplicate the session object this not_resumable status gets copied into the new session object. The new session object is then added to the session cache even though it is not_resumable. Subsequently, another bug means that the session_id_length is set to 0 for sessions that are marked as not_resumable - even though that session is still in the cache. Once this happens the session can never be removed from the cache. When that object gets to be the session cache tail object the cache never shrinks again and grows indefinitely. CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit 7e4d731b1c07201ad9374c1cd9ac5263bdf35bce) Signed-off-by: Liu-Ermeng <liuermeng2@huawei.com> Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Repeatedly create sessions to be added to the cache and ensure we never exceed the expected size. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit 5f5b9e1ca1fad0215f623b8bd4955a2e8101f306) Signed-off-by: Liu-Ermeng <liuermeng2@huawei.com> Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Test what happens if the same session gets resumed multiple times at the same time - and one of them gets marked as not_resumable. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit 031b11a4054c972a5e2f07dfa81ce1842453253e) Signed-off-by: Liu-Ermeng <liuermeng2@huawei.com> Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Make sure we can't inadvertently use a not_resumable session Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit c342f4b8bd2d0b375b0e22337057c2eab47d9b96) Signed-off-by: Liu-Ermeng <liuermeng2@huawei.com> Signed-off-by: hhhFun <fanghaojie@huawei.com>
eclipse-oniro-oh-bot
pushed a commit
to eclipse-oniro-mirrors/third_party_openssl
that referenced
this pull request
Apr 14, 2024
Test sessions behave as we expect even in the case that an overflow occurs when adding a new session into the session cache. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit ddead0935d77ba9b771d632ace61b145d7153f18) Signed-off-by: Liu-Ermeng <liuermeng2@huawei.com> Signed-off-by: hhhFun <fanghaojie@huawei.com>
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 21, 2024
In TLSv1.3 we create a new session object for each ticket that we send. We do this by duplicating the original session. If SSL_OP_NO_TICKET is in use then the new session will be added to the session cache. However, if early data is not in use (and therefore anti-replay protection is being used), then multiple threads could be resuming from the same session simultaneously. If this happens and a problem occurs on one of the threads, then the original session object could be marked as not_resumable. When we duplicate the session object this not_resumable status gets copied into the new session object. The new session object is then added to the session cache even though it is not_resumable. Subsequently, another bug means that the session_id_length is set to 0 for sessions that are marked as not_resumable - even though that session is still in the cache. Once this happens the session can never be removed from the cache. When that object gets to be the session cache tail object the cache never shrinks again and grows indefinitely. CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit 7e4d731)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 21, 2024
Repeatedly create sessions to be added to the cache and ensure we never exceed the expected size. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit 5f5b9e1)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 21, 2024
Test what happens if the same session gets resumed multiple times at the same time - and one of them gets marked as not_resumable. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit 031b11a)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 21, 2024
Test sessions behave as we expect even in the case that an overflow occurs when adding a new session into the session cache. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit ddead09)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 21, 2024
Make sure we can't inadvertently use a not_resumable session Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit c342f4b)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 21, 2024
Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit e32ad41)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 22, 2024
In TLSv1.3 we create a new session object for each ticket that we send. We do this by duplicating the original session. If SSL_OP_NO_TICKET is in use then the new session will be added to the session cache. However, if early data is not in use (and therefore anti-replay protection is being used), then multiple threads could be resuming from the same session simultaneously. If this happens and a problem occurs on one of the threads, then the original session object could be marked as not_resumable. When we duplicate the session object this not_resumable status gets copied into the new session object. The new session object is then added to the session cache even though it is not_resumable. Subsequently, another bug means that the session_id_length is set to 0 for sessions that are marked as not_resumable - even though that session is still in the cache. Once this happens the session can never be removed from the cache. When that object gets to be the session cache tail object the cache never shrinks again and grows indefinitely. CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit 7e4d731)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 22, 2024
Repeatedly create sessions to be added to the cache and ensure we never exceed the expected size. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit 5f5b9e1)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 22, 2024
Test what happens if the same session gets resumed multiple times at the same time - and one of them gets marked as not_resumable. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit 031b11a)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 22, 2024
Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit e32ad41)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 22, 2024
Make sure we can't inadvertently use a not_resumable session Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit c342f4b)
bernd-edlinger
pushed a commit
to bernd-edlinger/openssl
that referenced
this pull request
Apr 22, 2024
Test sessions behave as we expect even in the case that an overflow occurs when adding a new session into the session cache. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24044) (cherry picked from commit ddead09)
dongbeiouba
added a commit
to dongbeiouba/Tongsuo
that referenced
this pull request
May 9, 2024
Test sessions behave as we expect even in the case that an overflow occurs when adding a new session into the session cache. Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#24044) (cherry picked from commit ddead0935d77ba9b771d632ace61b145d7153f18)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
approval: ready to merge
The 24 hour grace period has passed, ready to merge
branch: 3.0
Merge to openssl-3.0 branch
branch: 3.1
Merge to openssl-3.1
tests: present
The PR has suitable tests present
triaged: bug
The issue/pr is/fixes a bug
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In TLSv1.3 we create a new session object for each ticket that we send.
We do this by duplicating the original session. If SSL_OP_NO_TICKET is in
use then the new session will be added to the session cache. However, if
early data is not in use (and therefore anti-replay protection is being
used), then multiple threads could be resuming from the same session
simultaneously. If this happens and a problem occurs on one of the threads,
then the original session object could be marked as not_resumable. When we
duplicate the session object this not_resumable status gets copied into the
new session object. The new session object is then added to the session
cache even though it is not_resumable.
Subsequently, another bug means that the session_id_length is set to 0 for
sessions that are marked as not_resumable - even though that session is
still in the cache. Once this happens the session can never be removed from
the cache. When that object gets to be the session cache tail object the
cache never shrinks again and grows indefinitely.
CVE-2024-2511