Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
Control: -1 severity important Quack, This problem is solved in unstable and should not prevent this package from entering testing. \_o< -- Marc Dequènes
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
I literally poked that patch into debian/patches{/series}, quilt applied it and rebuilt, and it started working for me. Maybe there's something different about our configs? Strange, that patch seems to slightly change how the hardcoded dh params are loaded, but it doesn't seem to change the size of them or anything. It seems that more recently commit 6b3844987509517dad6e41391d9142b867266b8b ripped out the hardcoded dh parameters and replaced them with a system for loading them from files, but that seems too intrusive for a stable update. I am just taking a flyby look at rc bugs, but if this was my package I would propose a patch replacing the hardcoded 1024 bit parameters with hardcoded 4096 bit parameters as a minimally intrusive fix for stable.
Processed: Re: Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
Processing control commands: > unblock 907015 by -1 Bug #907015 [src:openssl] openssl version 1.1.1 breaks multiple reverse dependencies; versioned Breaks needed 907015 was blocked by: 897643 900161 907340 900157 900982 891625 898804 898807 907033 891665 907339 906981 900156 898800 907168 907215 906997 907219 898803 897658 906955 907216 907135 907028 897652 898802 900160 898805 907278 907427 907118 907049 897651 907055 907491 900152 898801 907790 907528 900158 907807 907079 907022 907351 900154 900153 895959 907518 900159 909545 907031 907015 was blocking: 902557 Removed blocking bug(s) of 907015: 907118 -- 907015: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907015 907118: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907118 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
Control: unblock 907015 by -1 On Sat, Sep 29, 2018 at 06:53:27PM +0200, Sebastian Andrzej Siewior wrote: > On 2018-08-29 11:38:54 [-0600], dann frazier wrote: > > > > error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small > > > > > > > > I found that backporting bip 0.9.0~rc3-1 to jessie worked. I further > > > > found > > > > that just cherry-picking the following commit back to bip 0.8.9 seems > > > > to be > > > > sufficient: > > > > > > > > 39414f8 Handle OpenSSL version 1.1 > > > > > > I just tried backporting commit 39414f8 to the bip version in stretch, > > > and it doesn't really fix the issue. There is probably some other commit > > > that is needed. > > > > I literally poked that patch into debian/patches{/series}, quilt > > applied it and rebuilt, and it started working for me. Maybe there's > > something different about our configs? I'm not sure. I just tried it again with the same results. My config file is attached, with just the sensitive parts obscured. It doesn't seem to have anything related to this. In the end, I solved my personal problem by building a backport of the version in testing, and that just works. > May I ask what is the problem here is? It looks like DH key is less than > 1024bits in size. This is not per-se an openssl problem but "policy" > (which could be changed but I suggest to update the key instead). The problem is between clients with libssl 1.1.1 and bip from stable. bip uses keys that are too small, which are rejected by default by those clients due to the new default policy. > If there is anything that needs to be fixed in bip in order to work > (like missing SNI) then I would add a versioned BREAK to #907015 (after > an upload so please let me know). Since this is a problem between openssl on the client and bip on the server, adding a Breaks: does not really help with anything. > Otherwise I would unbreak this bug with #907015. Yes, I don't think it makes sense to clock openssl on this; the version of bip in testing/unstable is OK. ip = "0.0.0.0"; port = 1; client_side_ssl = true; client_side_ssl_pem = "/var/lib/bip/bip.pem"; log_level = 3; pid_file="/var/run/bip/bip.pid"; log_root = "/var/log/bip/"; backlog_lines = 0;# number of lines in backlog, 0 means no limit backlog_msg_only = true; # only include useful content in backlog network { name = "oftc"; ssl = true; server { host = "irc.oftc.net"; port = 6697; }; }; network { name = "freenode"; ssl = true; server { host = "irc.freenode.net"; port = 6697; }; }; network { name = "gimpnet"; ssl = true; server { host = "irc.gimp.org"; port = 6697; }; }; user { name = "terceiro"; password = ""; ssl_check_mode = "ca"; ssl_check_store = "/etc/ssl/certs"; default_nick = "terceiro"; default_user = "terceiro"; default_realname = "Antonio Terceiro"; connection { name = "oftc";# used by bip only network = "oftc"; # which ircnet to connect to follow_nick = true; ignore_first_nick = true; no_client_away_msg = "currently disconnected"; on_connect_send = "PRIVMSG NickServ :IDENTIFY "; }; connection { name = "freenode";# used by bip only network = "freenode"; # which ircnet to connect to follow_nick = true; ignore_first_nick = true; no_client_away_msg = "currently disconnected"; on_connect_send = "PRIVMSG NickServ :IDENTIFY "; }; connection { name = "gimpnet"; # used by bip only network = "gimpnet"; # which ircnet to connect to follow_nick = true; ignore_first_nick = true; no_client_away_msg = "currently disconnected"; on_connect_send = "PRIVMSG NickServ :IDENTIFY "; }; }; # vim: ft=conf signature.asc Description: PGP signature
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
On 2018-08-29 11:38:54 [-0600], dann frazier wrote: > > > error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small > > > > > > I found that backporting bip 0.9.0~rc3-1 to jessie worked. I further found > > > that just cherry-picking the following commit back to bip 0.8.9 seems to > > > be > > > sufficient: > > > > > > 39414f8 Handle OpenSSL version 1.1 > > > > I just tried backporting commit 39414f8 to the bip version in stretch, > > and it doesn't really fix the issue. There is probably some other commit > > that is needed. > > I literally poked that patch into debian/patches{/series}, quilt > applied it and rebuilt, and it started working for me. Maybe there's > something different about our configs? May I ask what is the problem here is? It looks like DH key is less than 1024bits in size. This is not per-se an openssl problem but "policy" (which could be changed but I suggest to update the key instead). If there is anything that needs to be fixed in bip in order to work (like missing SNI) then I would add a versioned BREAK to #907015 (after an upload so please let me know). Otherwise I would unbreak this bug with #907015. Sebastian
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
On Tue, Aug 28, 2018 at 09:53:58AM -0300, Antonio Terceiro wrote: > On Thu, Aug 23, 2018 at 03:24:52PM -0600, dann frazier wrote: > > Package: bip > > Version: 0.8.9-1.1 > > Severity: normal > > Tags: patch > > > > I run bip on a stretch system, and connect to it from a hexchat client on > > sid. After a recent upgrade of the client, which pulled in openssl 1.1, > > hexchat began failing to connect to my server with the message: > > > > error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small > > > > I found that backporting bip 0.9.0~rc3-1 to jessie worked. I further found > > that just cherry-picking the following commit back to bip 0.8.9 seems to be > > sufficient: > > > > 39414f8 Handle OpenSSL version 1.1 > > I just tried backporting commit 39414f8 to the bip version in stretch, > and it doesn't really fix the issue. There is probably some other commit > that is needed. I literally poked that patch into debian/patches{/series}, quilt applied it and rebuilt, and it started working for me. Maybe there's something different about our configs?
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
Control: severity -1 important Hi, I would like to reinforce the request for a stable update: - according to the openssl maintainer, this is a security issue and should be fixed in stable - without such fix, bip on stable will soon be unusable to any client using a recent enough openssl signature.asc Description: PGP signature