[Secure-testing-team] Bug#861514: radicale: htpasswd authentication vulnerable to timing-based bruteforce attacks

Jonas Smedegaard dr at jones.dk
Sat Apr 29 22:40:27 UTC 2017 

Package: radicale
Version: 2.0.0~rc1-1
Severity: grave
Tags: security patch
Justification: user security hole

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Upstream has issued a security release:

> Add a random timer to avoid timing oracles and simple bruteforce
> attacks when using the htpasswd authentication method.

Actual patch:

commit 190b1dd795f0c552a4992445a231da760211183b
Author: Guillaume Ayoub <guillaume.ayoub at kozea.fr>
Date:   Wed Apr 19 14:02:51 2017 +0200

    Random timer to avoid timing oracles and simple bruteforce attacks
    
    Important note: this is a security fix.

diff --git a/radicale/auth/htpasswd.py b/radicale/auth/htpasswd.py
index 2c73f23..7cd7342 100644
- --- a/radicale/auth/htpasswd.py
+++ b/radicale/auth/htpasswd.py
@@ -56,7 +56,8 @@ following significantly more secure schemes are parsable by Radicale:
 import base64
 import hashlib
 import os
- -
+import random
+import time
 
 from .. import config
 
@@ -161,7 +162,10 @@ def is_authenticated(user, password):
             if strippedline:
                 login, hash_value = strippedline.split(":")
                 if login == user:
- -                    # Allow encryption method to be overridden at runtime.
- -                    return _verifuncs[ENCRYPTION](hash_value, password)
+                    if _verifuncs[ENCRYPTION](hash_value, password):
+                        # Allow encryption method to be overridden at runtime.
+                        return True
+    # Random timer to avoid timing oracles and simple bruteforce attacks
+    time.sleep(1 + random.random())
     return False
 


 - Jonas

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAlkFFlgACgkQLHwxRsGg
ASGQqQ//R1opffxilx3a60NOJffpD/2LCp0jecAd2hVeeTIwI8BcwEg4nY8jpCXo
6z7Y2ay758etRyJ54Jwga53PKqijHFrtLhL+oUyPebtMfWqtoR5cZhTvD9IC4GFP
bqK4ZVsop9lyvjD9+TdGAAL3/4FsQnYJctYvbWoTcSr+BcAvgmSgarxGiCr/jw2Z
iCMSi/0bcBoG4j19BrrAydP/l06yC5t8Mee3UmpswTNL3bTVqXN/zT81koy9m08a
1R9bKcggwQCQNtYXXtKkS545NuXdePpAoCo4ss67GjgwQoEua+GIMbR0KOLsGQoy
Fg7Nlc/a/UzZLy1OZgLSOV6Y5QvJHcNJY1hTGiKihgLI4uUso+wJbTMvrJhxlrQ3
IgzgKFqnySwLkxkXlA12pJK5pQL3kfxwXwf9otgOfsXcod9eMwuweLC088y3KXxN
ooNSxiJsFPoUU1C4oNczA/W+/O0EIZcYu4E9H9F9pR1SC3/YXylPySOUo6kVTRzf
Ggi+gSJE6pg5QmKLUqTV44RARSwaUbH8jVaS1SPZWIa+fzzbcIZmBF3ZKfA17ddk
k1bHHkVDtsQs7vn7l4ahQHR0izkciU8VkkUL3AFvtIv8PvhJtxpWihc8ewLVfoyC
Aej4omZuxTT3kXbO4aAkzeuKnsyTa20CRHNE6MHQUCVEHw6cN4U=
=HguT
-----END PGP SIGNATURE-----

More information about the Secure-testing-team mailing list