51e24d46e0
The gnutls_credentials_set() method has a very suprising API contract
that requires the caller to preserve the passed in credentials pointer
for as long as the gnutls_session_t object is alive. QEMU is failing
to ensure this happens.
In QEMU the GNUTLS credentials object is owned by the QCryptoTLSCreds
object instance while the GNUTLS session object is owned by the
QCryptoTLSSession object instance. Their lifetimes are not guaranteed
to be the same, though in most common usage the credentials will outlive
the session. This is notably not the case, however, after the VNC server
gained the ability to reload credentials on the fly with:
commit 1f08e34151
Author: Zihao Chang <changzihao1@huawei.com>
Date: Tue Mar 16 15:58:44 2021 +0800
vnc: support reload x509 certificates for vnc
If that is triggered while a VNC client is in the middle of performing
a TLS handshake, we might hit a use-after-free.
It is difficult to correct this problem because there's no way to deep-
clone a GNUTLS credentials object, nor is it reference counted. Thus we
introduce a QCryptoTLSCredsBox object whose only purpose is to add
reference counting around the GNUTLS credentials object.
The DH parameters set against a credentials object also have to be kept
alive for as long as the credentials exist. So the box must also hold
the DH parameters pointer.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
75 lines
1.5 KiB
Meson
75 lines
1.5 KiB
Meson
crypto_ss.add(genh)
|
|
crypto_ss.add(files(
|
|
'afsplit.c',
|
|
'akcipher.c',
|
|
'block-luks.c',
|
|
'block-qcow.c',
|
|
'block.c',
|
|
'cipher.c',
|
|
'der.c',
|
|
'hash.c',
|
|
'hmac.c',
|
|
'ivgen-essiv.c',
|
|
'ivgen-plain.c',
|
|
'ivgen-plain64.c',
|
|
'ivgen.c',
|
|
'pbkdf.c',
|
|
'secret_common.c',
|
|
'secret.c',
|
|
'tlscreds.c',
|
|
'tlscredsanon.c',
|
|
'tlscredspsk.c',
|
|
'tlscredsx509.c',
|
|
'tlssession.c',
|
|
'rsakey.c',
|
|
))
|
|
|
|
if gnutls.found()
|
|
crypto_ss.add(files(
|
|
'tlscredsbox.c',
|
|
'x509-utils.c',
|
|
))
|
|
endif
|
|
|
|
if nettle.found()
|
|
crypto_ss.add(nettle, files('hash-nettle.c', 'hmac-nettle.c', 'pbkdf-nettle.c'))
|
|
if hogweed.found()
|
|
crypto_ss.add(gmp, hogweed)
|
|
endif
|
|
elif gcrypt.found()
|
|
crypto_ss.add(gcrypt, files('hash-gcrypt.c', 'hmac-gcrypt.c', 'pbkdf-gcrypt.c'))
|
|
elif gnutls.found()
|
|
crypto_ss.add(gnutls, files('hash-gnutls.c', 'hmac-gnutls.c', 'pbkdf-gnutls.c'))
|
|
else
|
|
crypto_ss.add(files('hash-glib.c', 'hmac-glib.c', 'pbkdf-stub.c'))
|
|
endif
|
|
|
|
if have_keyring
|
|
crypto_ss.add(files('secret_keyring.c'))
|
|
endif
|
|
if have_afalg
|
|
crypto_ss.add(if_true: files('afalg.c', 'cipher-afalg.c', 'hash-afalg.c'))
|
|
endif
|
|
|
|
system_ss.add(when: gnutls, if_true: files('tls-cipher-suites.c'))
|
|
|
|
util_ss.add(files(
|
|
'aes.c',
|
|
'clmul.c',
|
|
'init.c',
|
|
'sm4.c',
|
|
))
|
|
if gnutls.found()
|
|
util_ss.add(gnutls)
|
|
endif
|
|
|
|
if gcrypt.found()
|
|
util_ss.add(gcrypt, files('random-gcrypt.c'))
|
|
elif gnutls.found()
|
|
util_ss.add(gnutls, files('random-gnutls.c'))
|
|
elif get_option('rng_none')
|
|
util_ss.add(files('random-none.c'))
|
|
else
|
|
util_ss.add(files('random-platform.c'))
|
|
endif
|
|
|