Emilia Kasper 59a908f1e8 CVE-2016-0798: avoid memory leak in SRP
The SRP user database lookup method SRP_VBASE_get_by_user had confusing
memory management semantics; the returned pointer was sometimes newly
allocated, and sometimes owned by the callee. The calling code has no
way of distinguishing these two cases.

Specifically, SRP servers that configure a secret seed to hide valid
login information are vulnerable to a memory leak: an attacker
connecting with an invalid username can cause a memory leak of around
300 bytes per connection.

Servers that do not configure SRP, or configure SRP but do not configure
a seed are not vulnerable.

In Apache, the seed directive is known as SSLSRPUnknownUserSeed.

To mitigate the memory leak, the seed handling in SRP_VBASE_get_by_user
is now disabled even if the user has configured a seed.

Applications are advised to migrate to SRP_VBASE_get1_by_user. However,
note that OpenSSL makes no strong guarantees about the
indistinguishability of valid and invalid logins. In particular,
computations are currently not carried out in constant time.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-25 15:44:21 +01:00
..
2011-03-16 11:26:40 +00:00
2015-10-23 20:47:53 +02:00
2015-01-22 09:38:39 +00:00
2015-10-06 15:16:50 +01:00
2015-11-09 23:00:37 +00:00
2011-03-25 16:21:08 +00:00
2006-04-28 00:30:49 +00:00
2009-10-15 17:27:47 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-10-23 20:47:53 +02:00
2015-05-20 15:01:36 +02:00
2015-07-13 17:15:38 +02:00
2015-01-22 09:38:39 +00:00
2011-12-27 14:38:27 +00:00
2015-02-09 13:01:28 +00:00
2015-03-17 14:52:46 +00:00
2015-01-22 09:38:39 +00:00
2016-01-04 21:50:01 -05:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2006-05-17 12:29:16 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-03-05 09:22:50 +00:00
2015-09-28 14:34:47 +01:00
2015-04-16 13:51:51 -04:00
2015-01-22 09:38:39 +00:00
2015-04-16 13:51:51 -04:00
2009-09-07 17:57:02 +00:00