CVE-2014-0006 Openstack Swift: TempURL timing attack

The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through
1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain
secret URLs by leveraging an object name and a timing side-channel attack.

Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>

1 files changed, 59 insertions, 0 deletions

diff --git a/meta-openstack/recipes-devtools/python/python-swift/CVE-2014-0006-swift-1265665.patch b/meta-openstack/recipes-devtools/python/python-swift/CVE-2014-0006-swift-1265665.patch
new file mode 100644
index 0000000..a284b5b
--- /dev/null
+++ b/meta-openstack/recipes-devtools/python/python-swift/CVE-2014-0006-swift-1265665.patch
@@ -0,0 +1,59 @@
+From b2c61375b3255486adb2900922a894dc7dad3c6d Mon Sep 17 00:00:00 2001
+From: Samuel Merritt <sam@swiftstack.com>
+Date: Thu, 16 Jan 2014 13:44:23 +0100
+Subject: Use constant time comparison in tempURL
+
+Use constant time comparison when evaluating tempURL to avoid timing
+attacks (CVE-2014-0006). This is the havana backport of the master
+patch.
+
+Fixes bug 1265665
+
+Change-Id: I11e4ad83cc4077e52adf54a0bd0f9749294b2a48
+
+diff --git a/swift/common/middleware/tempurl.py b/swift/common/middleware/tempurl.py
+index ffc1431..ae2f4a1 100644
+--- a/swift/common/middleware/tempurl.py
++++ b/swift/common/middleware/tempurl.py
+@@ -98,7 +98,7 @@ from urlparse import parse_qs
+ 
+ from swift.proxy.controllers.base import get_account_info
+ from swift.common.swob import HeaderKeyDict
+-from swift.common.utils import split_path
++from swift.common.utils import split_path, streq_const_time
+ 
+ 
+ #: Default headers to remove from incoming requests. Simply a whitespace
+@@ -267,17 +267,20 @@ class TempURL(object):
+         if not keys:
+             return self._invalid(env, start_response)
+         if env['REQUEST_METHOD'] == 'HEAD':
+-            hmac_vals = self._get_hmacs(env, temp_url_expires, keys,
+-                                        request_method='GET')
+-            if temp_url_sig not in hmac_vals:
+-                hmac_vals = self._get_hmacs(env, temp_url_expires, keys,
+-                                            request_method='PUT')
+-                if temp_url_sig not in hmac_vals:
+-                    return self._invalid(env, start_response)
++            hmac_vals = (self._get_hmacs(env, temp_url_expires, keys,
++                                         request_method='GET') +
++                         self._get_hmacs(env, temp_url_expires, keys,
++                                         request_method='PUT'))
+         else:
+             hmac_vals = self._get_hmacs(env, temp_url_expires, keys)
+-            if temp_url_sig not in hmac_vals:
+-                return self._invalid(env, start_response)
++
++        # While it's true that any() will short-circuit, this doesn't affect
++        # the timing-attack resistance since the only way this will
++        # short-circuit is when a valid signature is passed in.
++        is_valid_hmac = any(streq_const_time(temp_url_sig, h)
++                            for h in hmac_vals)
++        if not is_valid_hmac:
++            return self._invalid(env, start_response)
+         self._clean_incoming_headers(env)
+         env['swift.authorize'] = lambda req: None
+         env['swift.authorize_override'] = True
+-- 
+cgit v0.10.1
+