Harden ssl module against CVE-2018-8970

[tiran]

BPO	33136
Nosy	@gpshead, @tiran, @epicfaace
PRs	bpo-33136: Harden ssl module against CVE-2018-8970 #6229 [3.7] bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229) #6230

^{Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.}

Show more details

GitHub fields:

assignee = 'https://github.com/tiran'
closed_at = <Date 2021-03-13.10:03:31.780>
created_at = <Date 2018-03-25.09:19:22.706>
labels = ['type-security', 'expert-SSL', '3.7', '3.8']
title = 'Harden ssl module against CVE-2018-8970'
updated_at = <Date 2021-03-13.10:03:31.779>
user = 'https://github.com/tiran'

bugs.python.org fields:

activity = <Date 2021-03-13.10:03:31.779>
actor = 'gregory.p.smith'
assignee = 'christian.heimes'
closed = True
closed_date = <Date 2021-03-13.10:03:31.780>
closer = 'gregory.p.smith'
components = ['SSL']
creation = <Date 2018-03-25.09:19:22.706>
creator = 'christian.heimes'
dependencies = []
files = []
hgrepos = []
issue_num = 33136
keywords = ['patch']
message_count = 5.0
messages = ['314400', '314402', '314406', '364181', '388600']
nosy_count = 3.0
nosy_names = ['gregory.p.smith', 'christian.heimes', 'epicfaace']
pr_nums = ['6229', '6230']
priority = 'high'
resolution = 'fixed'
stage = 'commit review'
status = 'closed'
superseder = None
type = 'security'
url = 'https://bugs.python.org/issue33136'
versions = ['Python 3.7', 'Python 3.8']

[tiran]

Since 3.7, the ssl module uses X509_VERIFY_PARAM_set1_host() to put the burden of hostname matching on OpenSSL. More specific, it calls X509_VERIFY_PARAM_set1_host(param, server_hostname, 0). The namelen=0 parameter means that OpenSSL handles server_hostname as a NUL-terminated C string.

LibreSSL 2.7.0 added X509_VERIFY_PARAM_set1_host(), but took the implementation from BoringSSL instead of OpenSSL. The BoringSSL implementation doesn't support namelen=0. X509_VERIFY_PARAM_set1_host(param, server_hostname, 0) returns success but doesn't configure the SSL connection for hostname verification. As a result, LibreSSL 2.7.0 doesn't perform any hostname matching. All trusted certificates are accepted for just any arbitrary hostname. This misbehavior left Python 3.7 beta open to man-in-the-middle attack.

LibreSSL 2.7.1 has fixed the issue. To harden the ssl module against, I'm also changing our implementation to use strlen() instead of 0.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8970
https://bugs.chromium.org/p/boringssl/issues/detail?id=30
https://bugs.chromium.org/p/chromium/issues/detail?id=824799 (restricted for now)

[tiran]

New changeset d02ac25 by Christian Heimes in branch 'master':
bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229)
d02ac25

[tiran]

New changeset 2dd885e by Christian Heimes (Miss Islington (bot)) in branch '3.7':
[3.7] bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229) (GH-6230)
2dd885e

[epicfaace]

Can this be closed now?

[gpshead]

yes, this was fixed.