Envoy crashes when processing a TLS certificate with no SANs or a CN #9182
Labels
enhancement
Feature requests. Not bugs or questions.
Comments
|
I'm looking at this. I think the right approach is to throw, and Please assign to me? |
jpeach
added a commit
to jpeach/envoy
that referenced
this issue
Dec 9, 2019
A server certificate must have either a subject CN or supported subject alternative names. Certificates that have neither are a configuration error, not an assertion, so check for this condition and throw an exception rather than asserting. Fix up the TLS certificate assertions to log the last libcrypto error when we do actually assert, so that we can have get hint as to the underlying problem. Add release assertion messages to describe other assertion cases. This fixes envoyproxy#9182. Signed-off-by: James Peach <[email protected]>
jpeach
added a commit
to jpeach/envoy
that referenced
this issue
Dec 11, 2019
Update `RELEASE_ASSERT` calls to log the last TLS error, or a description of the assert condition where it makes more sense. This updates envoyproxy#9182. Signed-off-by: James Peach <[email protected]>
jpeach
added a commit
to jpeach/envoy
that referenced
this issue
Jan 4, 2020
Refactor the TLS session context ID generation to return the ID by value. This separates the buffers that are used for intermediate hashes from the buffer that stores the final session context ID hash. This updates envoyproxy#9182. Signed-off-by: James Peach <[email protected]>
|
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or other activity occurs. Thank you for your contributions. |
stale
bot
added
the
stale
|
Not stale, see related PRs. |
stale
bot
removed
the
stale
lizan
pushed a commit
that referenced
this issue
Jan 27, 2020
Refactor the TLS session context ID generation to return the ID by value. This separates the buffers that are used for intermediate hashes from the buffer that stores the final session context ID hash. This updates #9182. Signed-off-by: James Peach <[email protected]>
jpeach
added a commit
to jpeach/envoy
that referenced
this issue
Jan 27, 2020
A server certificate must have either a subject CN or supported subject alternative names. Certificates that have neither are a configuration error, not an assertion, so check for this condition and throw an exception rather than asserting. This fixes envoyproxy#9182. Signed-off-by: James Peach <[email protected]>
lizan
pushed a commit
that referenced
this issue
Jan 31, 2020
A server certificate must have either a subject CN or supported subject alternative names. Certificates that have neither are a configuration error, not an assertion, so check for this condition and throw an exception rather than asserting. Risk Level: Low Testing: Unit tests Docs Changes: N/A Release Notes: Fixes #9182 Signed-off-by: James Peach <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Envoy crashes when processing a TLS certificate that does not have SubjectAltNames or a CN field in the Subject.
This looks to be intentional: https://github.com/envoyproxy/envoy/blob/v1.11.2/source/extensions/transport_sockets/tls/context_impl.cc#L838
While there is no valid use case for having a certificate with no SANs or CN it should not be possible to cause a crash by providing a bad certificate. Perhaps this could be an exception instead like when there are no certificates provided:
https://github.com/envoyproxy/envoy/blob/v1.11.2/source/extensions/transport_sockets/tls/context_impl.cc#L744
?
The text was updated successfully, but these errors were encountered: