From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat, 8 Sep 2018 18:48:14 +0000 (+0200)
Subject: Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738)
X-Git-Tag: release-1.0.35~12
X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=commitdiff_plain;h=d3297fbd3b8c8c8a4661f5bbf89aca5cacba8b5a;hp=d3297fbd3b8c8c8a4661f5bbf89aca5cacba8b5a

Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738)

The authentication protocol allows an oracle attack that could
potentially be exploited. This commit contains several mitigations:

- Connections are no longer closed immediately on error, but put in
  a "tarpit".
- The authentication protocol now requires a valid CHAL_REPLY from the
  initiator of a connection before sending a CHAL_REPLY of its own.
- Only a limited amount of connections per second are accepted.
- Null ciphers or digests are no longer allowed in METAKEYs.
- Connections that claim to have the same name as the local node are
  rejected.
---