[oslo] py-amqp TLS peer authentication
Moises Guimaraes de Medeiros
moguimar at redhat.com
Thu Nov 26 19:30:35 UTC 2020
This email is about a potential MITM attack, I would like to get some input
on my proposed solution.
*Disclaimer: I'm not an oslo.messaging expert or even versed in its
codebase but I have a good*
* number of hours working with TLS already.*
Back in September, there was a fix in py-amqp to stop to use deprecated
Although I didn't follow anything about oslo.messaging, the PR was brought
to my attention by Hervé,
another oslo core, who sees me as an SME on TLS among the oslo cores. I
didn't follow the entire
conversation back then, I was only able to give some quick input, but Hervé
was able to finish the PR
with the help of another developer.
Then earlier this month, another PR was reintroducing a couple of
parameters that got dropped in
the deprecation fix. At that point it was raised the possibility of a MITM
attack in an issue and by
reintroducing the dropped parameters, the problem should be fixed.
A couple of days went by and I started to have a hunch that there could
still be more to fix. I went
to py-amqp codebase instead of just looking to the diffs on GitHub and
noticed a not straightforward
logic on how verify_mode and check_hostname were being set.
Today I had time to go back to the py-amqp codebase and rework the
I've put up this PR and it is already failing in my travis for
integration tests which make me believe
that the client sockets were actually not validating the server certs.
There are a few more comments on the fix in the description of PR.
Red Hat <https://www.redhat.com>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openstack-discuss