NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

PR/60349 CVS commit: [netbsd-10] src



The following reply was made to PR kern/60349; it has been noted by GNATS.

From: "Martin Husemann" <martin%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc: 
Subject: PR/60349 CVS commit: [netbsd-10] src
Date: Sat, 27 Jun 2026 14:56:19 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Sat Jun 27 14:56:18 UTC 2026
 
 Modified Files:
 	src/sys/net [netbsd-10]: if_wg.c
 	src/tests/net/if_wg [netbsd-10]: common.sh t_basic.sh t_misc.sh
 
 Log Message:
 Pull up following revision(s) (requested by riastradh in ticket #1277):
 
 	tests/net/if_wg/t_misc.sh: revision 1.17
 	tests/net/if_wg/t_misc.sh: revision 1.18
 	sys/net/if_wg.c: revision 1.136
 	tests/net/if_wg/t_basic.sh: revision 1.7
 	sys/net/if_wg.c: revision 1.137
 	tests/net/if_wg/t_basic.sh: revision 1.8
 	sys/net/if_wg.c: revision 1.138
 	tests/net/if_wg/t_basic.sh: revision 1.9
 	tests/net/if_wg/common.sh: revision 1.2
 
 wg(4): Add test case for bad peer public keys.
 
 wg(4) should not crash on an assertion if they are used -- it should
 just gracefully accept them, with degraded security, since a peer
 that maliciously provides an invalid public key is no worse than a
 peer that voluntarily exposes all its plaintext anyway.
 PR kern/60106: wg(4) should properly handle invalid or insecure
 ephemeral Curve25119 public keys
 
 wg(4): Add test case for bad ephemeral handshake public keys.
 
 wg(4) should not crash on an assertion if they appear on the network;
 it should just gracefully drop them as forgeries, if a MITM attempted
 to send them without knowledge of a peer's public key, or accept
 them, if a peer legitimately sent them, since that peer could just as
 well simply forward the plaintext of the session on to the NSA.
 PR kern/60106: wg(4) should properly handle invalid or insecure
 ephemeral Curve25119 public keys
 
 wg(4): Add a test case for too many allowed IP address ranges.
 PR kern/60232: kernel panic when adding a wireguard peer with too
 many allowed IP addresses
 
 wg(4): Drop KASSERT on result of crypto_scalarmult.
 The result of this check is not relevant to security of the protocol,
 either for static peer identity keys or for ephemeral handshake keys.
 
 See comments for details.
 
 We can't simply write
         (void)crypto_scalarmult(...);
 because the function was tagged with warn_unused_result.  And
 apparently libsodium may leave the output uninitialized if the check
 fails.  So just yield zero instead of stack garbage / UB -- stack
 garbage is probably actually fine since it is immediately hashed into
 something that won't match anything so downstream logic will just drop
 it, but UB might invite nefarious compilers to cause trouble.
 PR security/60106: wg(4) should properly handle invalid or insecure
 ephemeral Curve25119 public keys
 
 wg(4): Gracefully refuse excess allowed IP address ranges.
 PR kern/60232: kernel panic when adding a wireguard peer with too
 many allowed IP addresses
 
 wg(4): Don't leak a prop_dictionary_t on every ioctl!
 PR kern/60349: experimental wg(4) leaks memory on ioctl
 
 
 To generate a diff of this commit:
 cvs rdiff -u -r1.71.2.5 -r1.71.2.6 src/sys/net/if_wg.c
 cvs rdiff -u -r1.1 -r1.1.6.1 src/tests/net/if_wg/common.sh
 cvs rdiff -u -r1.4.6.1 -r1.4.6.2 src/tests/net/if_wg/t_basic.sh
 cvs rdiff -u -r1.12.2.1 -r1.12.2.2 src/tests/net/if_wg/t_misc.sh
 
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.
 



Home | Main Index | Thread Index | Old Index