You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Ruediger Pluem <rp...@apache.org> on 2020/04/24 19:02:24 UTC

Re: svn commit: r1876937 - /httpd/httpd/trunk/modules/ssl/ssl_engine_init.c


On 4/24/20 7:04 PM, ylavic@apache.org wrote:
> Author: ylavic
> Date: Fri Apr 24 17:04:28 2020
> New Revision: 1876937
> 
> URL: http://svn.apache.org/viewvc?rev=1876937&view=rev
> Log:
> mod_ssl: follow up to r1876934: OSSL_PARAM_construct_*() make no copy.
> 
> Pass OSSL_PARAM_construct_octet_string() an explicit copy of the MAC key
> to avoid saving a pointer to stack.
> 
> While at it, cleanup secret data from buf before leaving.
> 
> Modified:
>     httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
> 
> Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_init.c?rev=1876937&r1=1876936&r2=1876937&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/modules/ssl/ssl_engine_init.c (original)
> +++ httpd/httpd/trunk/modules/ssl/ssl_engine_init.c Fri Apr 24 17:04:28 2020
>
> @@ -1616,6 +1617,7 @@ static apr_status_t ssl_init_ticket_key(
>      res = SSL_CTX_set_tlsext_ticket_key_evp_cb(mctx->ssl_ctx,
>                                                 ssl_callback_SessionTicket);
>  #endif
> +    memset(buf, 0, sizeof(buf));

I cannot remember the gory details, but I remember a discussion either here or in APR land that these memset calls might be
optimized away by a compiler. I only found a quick reference on the Internet to this topic:

https://www.cryptologie.net/article/419/zeroing-memory-compiler-optimizations-and-memset_s/

Regards

Rüdiger

Re: svn commit: r1876937 - /httpd/httpd/trunk/modules/ssl/ssl_engine_init.c

Posted by Yann Ylavic <yl...@gmail.com>.

On Fri, Apr 24, 2020 at 9:12 PM Marion & Christophe JAILLET
<ch...@wanadoo.fr> wrote:
>
> Le 24/04/2020 à 21:02, Ruediger Pluem a écrit :
> >
> > On 4/24/20 7:04 PM, ylavic@apache.org wrote:
> >>
> >> +    memset(buf, 0, sizeof(buf));
> >
> > I cannot remember the gory details, but I remember a discussion either here or in APR land that these memset calls might be
> > optimized away by a compiler. I only found a quick reference on the Internet to this topic:
> >
> > https://www.cryptologie.net/article/419/zeroing-memory-compiler-optimizations-and-memset_s/
>
> See apr_crypto_memzero in APR trunk at least.

Yeah, I know it well ;)

I thought about it, but wanted to check first whether we could use
apr-util easily in mod_ssl..
Since we are in mod_ssl, I finally used OPENSSL_cleanse() in r1876950.

Thanks,
Yann.

Re: svn commit: r1876937 - /httpd/httpd/trunk/modules/ssl/ssl_engine_init.c

Posted by Marion & Christophe JAILLET <ch...@wanadoo.fr>.

Le 24/04/2020 à 21:02, Ruediger Pluem a écrit :
>
> On 4/24/20 7:04 PM, ylavic@apache.org wrote:
>> Author: ylavic
>> Date: Fri Apr 24 17:04:28 2020
>> New Revision: 1876937
>>
>> URL: http://svn.apache.org/viewvc?rev=1876937&view=rev
>> Log:
>> mod_ssl: follow up to r1876934: OSSL_PARAM_construct_*() make no copy.
>>
>> Pass OSSL_PARAM_construct_octet_string() an explicit copy of the MAC key
>> to avoid saving a pointer to stack.
>>
>> While at it, cleanup secret data from buf before leaving.
>>
>> Modified:
>>      httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
>>
>> Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
>> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_init.c?rev=1876937&r1=1876936&r2=1876937&view=diff
>> ==============================================================================
>> --- httpd/httpd/trunk/modules/ssl/ssl_engine_init.c (original)
>> +++ httpd/httpd/trunk/modules/ssl/ssl_engine_init.c Fri Apr 24 17:04:28 2020
>>
>> @@ -1616,6 +1617,7 @@ static apr_status_t ssl_init_ticket_key(
>>       res = SSL_CTX_set_tlsext_ticket_key_evp_cb(mctx->ssl_ctx,
>>                                                  ssl_callback_SessionTicket);
>>   #endif
>> +    memset(buf, 0, sizeof(buf));
> I cannot remember the gory details, but I remember a discussion either here or in APR land that these memset calls might be
> optimized away by a compiler. I only found a quick reference on the Internet to this topic:
>
> https://www.cryptologie.net/article/419/zeroing-memory-compiler-optimizations-and-memset_s/
>
> Regards
>
> Rüdiger


See apr_crypto_memzero in APR trunk at least.

CJ