-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 21/04/15 15:43, Dominyk Tiller wrote: > Hi Matt, > > Thanks for the reply on this, and for backporting the fix to > 1.0.2! Having it available to 1.0.1 would be great too, but > appreciate the OpenSSL team isn't huge. > > Is there any timetable on the 1.0.2b release? It seems pulling the > following three commits into the 1.0.2a branch and patching: No, unfortunately not. The releases are normally driven by what security issues come along which we can't predict. > > 47daa155a31b0a54ce09ad2ed4d55fad74096dab You don't need this one. I'm about to revert it. > dfd3322d72a2d49f597b86dab6f37a8cf0f26dbf You only need this one if you want to be able to control whether the new verify algorithm is used or not via the newly defined X509_V_FLAG_NO_ALT_CHAINS flag. By default it will be used. > 6281abc79623419eae6a64768c478272d5d3a426 This is the important one. > > Does the job. Verification against Google domains with an OS X > 10.10.3+ Keychain-generated PEM works great. Usually pretty > reluctant to cherry-pick patches on security tools but given the > trouble this is causing, am I safe to do so in this situation? I can't foresee any problems with doing that. Obviously though we only support official releases. Matt > > Thanks, > > Dominyk > > Sent from OS X. If you wish to communicate more securely my PGP > Public Key is 0x872524db9d74326c. > > On 20/04/2015 23:52, Matt Caswell wrote: >> >> >> On 18/04/15 14:30, Dominyk Tiller wrote: >>> Apologies. Either I'm an idiot or autocorrect is feeling >>> amusing today. I meant >>> https://gist.github.com/DomT4/f86618bdfe2f27c8d66a rather than >>> https://gist.github.cok/DomT4/f86618bdfe2f27c8d66a. >> >>> Sent from OS X. If you wish to communicate more securely my >>> PGP Public Key is 0x872524db9d74326c. >> >> >>> -------- Forwarded Message -------- Subject: OpenSSL fails to >>> connect to Google on OS X 10.10.3 (Bug Report) Date: Sat, 18 >>> Apr 2015 14:16:14 +0100 From: Dominyk Tiller >>> <dominyktil...@gmail.com> To: openssl-dev@openssl.org >> >>> Apologies that this is kinda badly written. Detailed bug >>> reports aren't my forte. Feel free to ping back questions if >>> detail isn't clear/useful/etc. >> >>> OS X 10.10.3’s release changed some certs in the Keychain. >>> There’s a full list of changes here: >>> https://gist.github.cok/DomT4/f86618bdfe2f27c8d66a >> >>> This has caused some chaos with OpenSSL and LibreSSL, in >>> things built against them, using a .pem generated from OS X’s >>> Keychains. The biggest, most popular affected sites are the >>> whole range of Google domains. >> >>> Google cross-sign their GeoTrust root with an old Equifax root >>> (Equifax Secure Certificate Authority) because a lot of the >>> older clients don’t have the GeoTrust root on their system and >>> would just error out. Have emailed with Adam Langley on the >>> cert errors and essentially Google aren’t going to be able to >>> stop that cross-signing any time soon. >> >>> According to Adam most SSL clients should go through the cert >>> chain of the domain and hit the GeoTrust cert and verify at >>> that point, if the GeoTrust root exists in a .pem file OpenSSL >>> can find and use, which does exist when generating a PEM from >>> the system Keychains. It’s not supposed to carry on to the >>> Equifax root, but it is, and this is causing breakage on OS X >>> 10.10.3 onwards. >> >> Hi Dominyk >> >> This is a known issue. It has been fixed in git master for a >> while. Technically speaking this is not a bug at all. OpenSSL's >> verification algorithm is working exactly as designed. For that >> reason a decision was taken not to backport this to existing >> releases (which only receives bug fixes). However, due to the >> real problems that this is causing for users, we have changed our >> mind on this and we have now backported this to 1.0.2. It's in >> git now and will become available as part of 1.0.2b. Discussions >> are ongoing with regards to 1.0.1. >> >> Regards >> >> Matt >> >> >> >> >>> This problem only exists in OpenSSL and LibreSSL as far as >>> testing goes. It isn’t reproducible with Apple’s Security >>> Framework, or GnuTLS. >> >>> Interestingly, Apple have done something to their shipped >>> OpenSSL 0.9.8x to fix the problem - If I build OpenSSL 0.9.8x >>> from source and use it, failure, but if I use the one Apple >>> installs the connection verifies and succeeds. Here’s hoping >>> they’ve punted whatever those changes were upstream to you. >> >>> This is the error you get: >> >>> ================================================== —2015-04-10 >>> 16:58:58— https://google.com/ Resolving google.com… >>> 216.58.210.46, 2a00:1450:4009:800::200e Connecting to >>> google.com|216.58.210.46|:443… connected. ERROR: cannot verify >>> google.com’s certificate, issued by ‘CN=Google Internet >>> Authority G2,O=Google Inc,C=US’: Unable to locally verify the >>> issuer’s authority. To connect to google.com insecurely, use >>> `—no-check-certificate’. >>> ================================================== >> >>> How to reproduce: >> >>> * Install OpenSSL on OS X 10.10.3 or above. I have it installed >>> to /usr/local/opt/openssl - With the sysconfdir in >>> /usr/local/etc. >> >>> * Generate a PEM file from OS X’s Security Keychain: * >>> security find-certificate -a -p >>> /Library/Keychains/System.keychain >> sys.pem * security >>> find-certificate -a -p >>> /System/Library/Keychains/SystemRootCertificates.keychain >> >>> sysroot.pem * cat sys.pem >> sysroot.pem * mv sysroot.pem >>> /usr/local/etc/openssl >> >>> * Download and install cURL: * Pass >>> “—with-ssl=/path/to/openssl/dir” and >>> “--with-ca-bundle=/path/to/sysconfdir/openssl/sysroot.pem” to >>> configure. >> >>> * Run “/path/to/your/installed/curl -I https://google.com” >> >>> It reproduces with wget, mutt, various other tools. If you put >>> the Equifax certificate back, and then rehash, you can make >>> the connection. But the Equifax cert is old, and weak, and >>> Apple aren’t likely to return it to the Keychain. So this >>> problem connecting to Google will persist until the reason for >>> not stopping at and verifying on the GeoTrust root are narrowed >>> down and hopefully fixed. >> >>> Mozilla are also pressing ahead with removing that Equifax >>> root from their certs, so it’s not a simple case of working >>> around it by switching PEM. >> >> >> >>> _______________________________________________ openssl-dev >>> mailing list To unsubscribe: >>> https://mta.openssl.org/mailman/listinfo/openssl-dev >> >> _______________________________________________ openssl-dev >> mailing list To unsubscribe: >> https://mta.openssl.org/mailman/listinfo/openssl-dev >> > > > > _______________________________________________ openssl-dev mailing > list To unsubscribe: > https://mta.openssl.org/mailman/listinfo/openssl-dev > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJVNmuYAAoJENnE0m0OYESRwAcH/1XrZzo+SKPrLMQ8DvfZI1w5 +Y8IzNn38TVwTmD0SoJWdwCrIu0x1SQkQQ3aVspkscBzUDHM9Rs0xPQYuKqXPhNW re+1iLjvYh99yAy1lMEVVIlML6Q8V23QZ0YarBa41sZ0z3JfOknWVart1Cpzbbzq XsG9dOcP8mBlED/P/KPMY7P4FbTB8jL57y9d+JiKzUvjWJufQAryEeCq8/vKGz6e /2eK+QsEPLrxQRFu7J6PhnobRIw15FOKujavzZmkmaijc/6Q+6VcBkrRth9DSzNe XCbuD0A2ekCccz33l9I5xPE+6xce+5D9HTkWoFGQDxXUFbsIoOAqewx7AIx4nJA= =u2ow -----END PGP SIGNATURE----- _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev