3party/libzmq
0
0
Fork 0
mirror of https://github.com/zeromq/libzmq.git synced 2025-01-14 09:47:56 +08:00
Code Issues Projects Releases Wiki Activity

Problem: stream_engine.cpp security can be downgraded

Browse Source 
Solution: accept only the mechanism defined by the socket options.

I've not tested this yet, so it's a speculative fix.
This commit is contained in:
Pieter Hintjens 2014-09-19 19:24:45 +02:00
parent 57ade6d5bb
commit 77f14aad95
2 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/stream_engine.cpp
View File

@ -600,13 +600,15 @@ bool zmq::stream_engine_t::handshake ()
in_batch_size, options.maxmsgsize); in_batch_size, options.maxmsgsize);
alloc_assert (decoder); alloc_assert (decoder);
if (memcmp (greeting_recv + 12, "NULL\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 20) == 0) { if (options.mechanism == ZMQ_NULL
&& memcmp (greeting_recv + 12, "NULL\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 20) == 0) {
mechanism = new (std::nothrow) mechanism = new (std::nothrow)
null_mechanism_t (session, peer_address, options); null_mechanism_t (session, peer_address, options);
alloc_assert (mechanism); alloc_assert (mechanism);
} }
else else
if (memcmp (greeting_recv + 12, "PLAIN\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 20) == 0) { if (options.mechanism == ZMQ_PLAIN
&& memcmp (greeting_recv + 12, "PLAIN\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 20) == 0) {
if (options.as_server) if (options.as_server)
mechanism = new (std::nothrow) mechanism = new (std::nothrow)
plain_server_t (session, peer_address, options); plain_server_t (session, peer_address, options);
@ -617,7 +619,8 @@ bool zmq::stream_engine_t::handshake ()
} }
#ifdef HAVE_LIBSODIUM #ifdef HAVE_LIBSODIUM
else else
if (memcmp (greeting_recv + 12, "CURVE\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 20) == 0) { if (options.mechanism == ZMQ_CURVE
&& memcmp (greeting_recv + 12, "CURVE\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 20) == 0) {
if (options.as_server) if (options.as_server)
mechanism = new (std::nothrow) mechanism = new (std::nothrow)
curve_server_t (session, peer_address, options); curve_server_t (session, peer_address, options);
@ -628,7 +631,8 @@ bool zmq::stream_engine_t::handshake ()
#endif #endif
#ifdef HAVE_LIBGSSAPI_KRB5 #ifdef HAVE_LIBGSSAPI_KRB5
else else
if (memcmp (greeting_recv + 12, "GSSAPI\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 20) == 0) { if (options.mechanism == ZMQ_GSSAPI
&& memcmp (greeting_recv + 12, "GSSAPI\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 20) == 0) {
if (options.as_server) if (options.as_server)
mechanism = new (std::nothrow) mechanism = new (std::nothrow)
gssapi_server_t (session, peer_address, options); gssapi_server_t (session, peer_address, options);

4
tests/test_security_curve.cpp
View File

@ -199,7 +199,7 @@ int main (void)
close_zero_linger (client); close_zero_linger (client);
// Check CURVE security with NULL client credentials // Check CURVE security with NULL client credentials
// This must be caught by the ZAP handler // This must be caught by the curve_server class, not passed to ZAP
client = zmq_socket (ctx, ZMQ_DEALER); client = zmq_socket (ctx, ZMQ_DEALER);
assert (client); assert (client);
rc = zmq_connect (client, "tcp://localhost:9998"); rc = zmq_connect (client, "tcp://localhost:9998");
@ -208,7 +208,7 @@ int main (void)
close_zero_linger (client); close_zero_linger (client);
// Check CURVE security with PLAIN client credentials // Check CURVE security with PLAIN client credentials
// This must be caught by the ZAP handler // This must be caught by the curve_server class, not passed to ZAP
client = zmq_socket (ctx, ZMQ_DEALER); client = zmq_socket (ctx, ZMQ_DEALER);
assert (client); assert (client);
rc = zmq_setsockopt (client, ZMQ_PLAIN_USERNAME, "admin", 5); rc = zmq_setsockopt (client, ZMQ_PLAIN_USERNAME, "admin", 5);