out_forward: always initialize salt with random numbers (fluent#2575)

There is an initialization bug that leaves the shared key salt being uninitialized when SSL is not enabled. This might allow attackers to guess the shared key by looking at the hash. Let's always initialize the salt buffer securely using flb_randombytes(). Signed-off-by: Fujimoto Seiji <[email protected]>
xmcqueen · Sep 27, 2020 · ad24e80 · ad24e80
1 parent 4da40d5
commit ad24e80
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/plugins/out_forward/forward.c b/plugins/out_forward/forward.c
@@ -65,9 +65,6 @@ static int secure_forward_init(struct flb_forward *ctx,
         secure_forward_tls_error(ctx, ret);
         return -1;
     }
-
-    /* Gernerate shared key salt */
-    mbedtls_ctr_drbg_random(&fc->tls_ctr_drbg, fc->shared_key_salt, 16);
     return 0;
 }
 #endif
@@ -520,6 +517,12 @@ static int forward_config_init(struct flb_forward_config *fc,
     }
 #endif
 
+    /* Generate the shared key salt */
+    if (flb_randombytes(fc->shared_key_salt, 16)) {
+        flb_plg_error(ctx->ins, "cannot generate shared key salt");
+        return -1;
+    }
+
     mk_list_add(&fc->_head, &ctx->configs);
     return 0;
 }