fix inchoate CHLO detection with missing STKs

This fixes a STK-bypass security issue discovered by Alessandro Ghedini.
2016-09-17 16:49:58 +02:00
parent 638f6ae5e5
commit 9e5bba7937
2 changed files with 11 additions and 3 deletions
--- a/handshake/crypto_setup.go
+++ b/handshake/crypto_setup.go
@@ -178,7 +178,7 @@ func (h *CryptoSetup) isInchoateCHLO(cryptoData map[Tag][]byte) bool {
 	}
 	if err := h.scfg.stkSource.VerifyToken(h.ip, cryptoData[TagSTK]); err != nil {
 		utils.Infof("STK invalid: %s", err.Error())
-		return false
+		return true
 	}
 	return false
 }
--- a/handshake/crypto_setup_test.go
+++ b/handshake/crypto_setup_test.go
@@ -278,17 +278,25 @@ var _ = Describe("Crypto setup", func() {
 		})

 		It("recognizes inchoate CHLOs missing SCID", func() {
-			Expect(cs.isInchoateCHLO(map[Tag][]byte{TagPUBS: nil})).To(BeTrue())
+			Expect(cs.isInchoateCHLO(map[Tag][]byte{TagPUBS: nil, TagSTK: validSTK})).To(BeTrue())
 		})

 		It("recognizes inchoate CHLOs missing PUBS", func() {
-			Expect(cs.isInchoateCHLO(map[Tag][]byte{TagSCID: scfg.ID})).To(BeTrue())
+			Expect(cs.isInchoateCHLO(map[Tag][]byte{TagSCID: scfg.ID, TagSTK: validSTK})).To(BeTrue())
+		})
+
+		It("recognizes inchoate CHLOs with invalid tokens", func() {
+			Expect(cs.isInchoateCHLO(map[Tag][]byte{
+				TagSCID: scfg.ID,
+				TagPUBS: nil,
+			})).To(BeTrue())
 		})

 		It("recognizes proper CHLOs", func() {
 			Expect(cs.isInchoateCHLO(map[Tag][]byte{
 				TagSCID: scfg.ID,
 				TagPUBS: nil,
+				TagSTK:  validSTK,
 			})).To(BeFalse())
 		})