Bug 342728

Summary: Security bug/Regression: altSubjectMatch disappeared with the move to plasma-nm
Product: [Plasma] plasma-nm Reporter: Wilco Baan Hofman <wilco>
Component: editorAssignee: Lukáš Tinkl <lukas>
Status: RESOLVED FIXED    
Severity: grave CC: jgrulich, simonandric5
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed In: 5.5.0

Description Wilco Baan Hofman 2015-01-11 10:15:17 UTC 
On WPA2 enterprise networks, the certificate identity information must ALWAYS be checked. There is no way to securely connect to a WPA2 enterprise network using plasma-nm.
This issue is exploited in the wild, on large public networks such as eduroam.

In ANY TLS connection, there are 3 things to verify:
1. The identity of the person you're trying to establish a connection with (subject)
2. The signature
3. Whether the signature is still valid.

The first is made impossible by this regression and introduces a security hole, where anybody can capture credentials, provided they have ANY certificate from the same CA.

It is current best practise to implement public certificates on a WPA2 enterprise network, because this allows new devices to automatically PIN the CA and altsubjectname information.  The old KDE networkmanagement implementation worked, because there was the option to select which server to connect to, which did a altsubject_match in wpa_supplicant.

On OS X and IOS, the fingerprint of the certificate is pinned, this prevents exploitation, but presents users with a dialog to override and does not allow replacing of the certificates.

I propose that CA + altsubjectname pinning is implemented (though this may be a network-manager issue) and at the very least that the option to "Connect to these servers" is returned.

Reproducible: Always
Comment 1 Wilco Baan Hofman 2015-01-14 18:01:07 UTC 
Hi,

wpa_supplicant just committed a fix.

There is a new parameter called domain_match, which has the following
behaviour:
It exact-matches against the DNS parts of subjectAltName and falls back to an
exact CN match.

To be implemented to fix the security bug:
- a GUI component for server DNS name

Please include the domain_match parameter in the GUI.
Comment 2 Jan Grulich 2015-09-22 11:07:42 UTC 
Git commit 92faca4156698df2aee896dbd3a1a6734be58056 by Jan Grulich.
Committed on 22/09/2015 at 11:04.
Pushed by grulich into branch 'master'.

Add WPA/WPA2 Enterprise (partial) validation + options to add subjectMatch and altSubjectMatch properties

M  +2    -0    libs/editor/CMakeLists.txt
A  +68   -0    libs/editor/listvalidator.cpp     [License: GPL (v2/3)]
A  +47   -0    libs/editor/listvalidator.h     [License: GPL (v2/3)]
M  +142  -1    libs/editor/settings/security802-1x.cpp
M  +13   -1    libs/editor/settings/security802-1x.h
M  +105  -49   libs/editor/settings/ui/802-1x.ui
M  +6    -0    libs/editor/settings/wifisecurity.cpp
A  +94   -0    libs/editor/widgets/editlistdialog.cpp     [License: GPL (v2/3)]
A  +58   -0    libs/editor/widgets/editlistdialog.h     [License: GPL (v2/3)]