couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Shorin <kxe...@gmail.com>
Subject Fwd: [erlang-questions] POODLE 2.0 and Erlang
Date Tue, 09 Dec 2014 09:26:15 GMT
FYI

---------- Forwarded message ----------
From: Andreas Schultz <aschultz@tpip.net>
Date: Tue, Dec 9, 2014 at 12:21 PM
Subject: [erlang-questions] POODLE 2.0 and Erlang
To: Erlang <erlang-questions@erlang.org>


Hi,

The SSL POODLE attacks is back and this time it affects TLS 1.0:

   https://www.imperialviolet.org/2014/12/08/poodleagain.html

The blog entry refers to an interesting discussion on TLS WG
maillinglist:

   https://www.ietf.org/mail-archive/web/tls/current/msg14072.html

It went to check the Erlang SSL stack and it does contain this
comment:

%% For interoperability reasons we do not check the padding content in
%% SSL 3.0 and TLS 1.0 as it is not strictly required and breaks
%% interopability with for instance Google.


In other words, Erlangs TLS 1.0 implementation is 100% RFC compliant
and still vulnerable to a POODLE attack on TLS 1.0.

For the paranoid, this is a quick fix hack to check padding
bytes on TLS 1.0:

diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index a6e5e1b..9e23229 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -1638,8 +1638,7 @@ generic_stream_cipher_from_bin(T, HashSz) ->
 %% SSL 3.0 and TLS 1.0 as it is not strictly required and breaks
 %% interopability with for instance Google.
 is_correct_padding(#generic_block_cipher{padding_length = Len,
-                                        padding = Padding}, {3, N})
-  when N == 0; N == 1 ->
+                                        padding = Padding}, {3, 0}) ->
     Len == byte_size(Padding);
 %% Padding must be check in TLS 1.1 and after
 is_correct_padding(#generic_block_cipher{padding_length = Len,

Andreas
--
--
Dipl. Inform.
Andreas Schultz
_______________________________________________
erlang-questions mailing list
erlang-questions@erlang.org
http://erlang.org/mailman/listinfo/erlang-questions

Mime
View raw message